最新消息:20210816 当前crifan.com域名已被污染,为防止失联,请关注(页面右下角的)公众号

【已解决】本地mongo shell中连接远程加了权限控制的mongoDB

权限 crifan 194浏览 0评论
折腾:
【已解决】PyCharm连接远程添加security的authorization的MongoDB出错:com.mongodb.MongoCommandExceptions: Command failed with error 13
期间,去试试Mac中mongo命令行是否成功
果然还是不成功:
➜  ~ mongo --host xxx -u gridfs -p pwd --authenticationDatabase gridfs
MongoDB shell version v3.6.3
connecting to: mongodb://xxx:27017/
MongoDB server version: 3.2.19
WARNING: shell and server versions do not match
> show users
2018-04-08T11:46:44.754+0800 E QUERY    [thread1] Error: not authorized on test to execute command { usersInfo: 1.0 } :
[email protected]/mongo/shell/utils.js:25:13
[email protected]/mongo/shell/db.js:1686:1
[email protected]/mongo/shell/utils.js:799:9
[email protected]/mongo/shell/utils.js:706:15
@(shellhelp2):1:1
> show dbs
2018-04-08T11:46:50.765+0800 E QUERY    [thread1] Error: listDatabases failed:{
    "ok" : 0,
    "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
    "code" : 13
} :
[email protected]/mongo/shell/utils.js:25:13
[email protected]/mongo/shell/mongo.js:65:1
[email protected]/mongo/shell/utils.js:816:19
[email protected]/mongo/shell/utils.js:706:15
@(shellhelp2):1:1
> quit()
➜  ~
➜  ~ mongo --host xxx -u gridfs -p pwd --authenticationDatabase gridfs
➜  ~ mongo --host xxx -u "gridfs" -p "pwd" --authenticationDatabase "gridfs"
MongoDB shell version v3.6.3
connecting to: mongodb://xxx:27017/
MongoDB server version: 3.2.19
WARNING: shell and server versions do not match
> show dbs
2018-04-08T11:47:55.529+0800 E QUERY    [thread1] Error: listDatabases failed:{
    "ok" : 0,
    "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
    "code" : 13
} :
[email protected]/mongo/shell/utils.js:25:13
[email protected]/mongo/shell/mongo.js:65:1
[email protected]/mongo/shell/utils.js:816:19
[email protected]/mongo/shell/utils.js:706:15
@(shellhelp2):1:1
> db.fs.findOne()
2018-04-08T11:48:03.968+0800 E QUERY    [thread1] Error: error: {
    "ok" : 0,
    "errmsg" : "not authorized on test to execute command { find: \"fs\", filter: {}, limit: 1.0, singleBatch: true }",
    "code" : 13
} :
[email protected]src/mongo/shell/utils.js:25:13
[email protected]/mongo/shell/query.js:717:1
[email protected]/mongo/shell/query.js:117:28
[email protected]/mongo/shell/query.js:288:5
[email protected]/mongo/shell/collection.js:258:10
@(shell):1:1
> db.auth("gridfs", "pwd")
Error: Authentication failed.
0
所以还是服务器端,再进去,重新确认,在开启授权之前所创建的gridfs用户,是否存在
发现用户是存在的啊:
[[email protected] ~]# mongo -u admin -p pwd --authenticationDatabase admin
MongoDB shell version: 3.2.19
connecting to: test
> show dbs
admin   0.000GB
gridfs  4.539GB
local   0.000GB
> use admin
switched to db admin
> show users
{
        "_id" : "admin.admin",
        "user" : "admin",
        "db" : "admin",
        "roles" : [
                {
                        "role" : "userAdminAnyDatabase",
                        "db" : "admin"
                }
        ]
}
> use gridfs
switched to db gridfs
> show users
{
        "_id" : "gridfs.gridfs",
        "user" : "gridfs",
        "db" : "gridfs",
        "roles" : [
                {
                        "role" : "dbOwner",
                        "db" : "gridfs"
                }
        ]
}
> 
难道是MongoDB 数据库版本不兼容???
mongodb Error: Authentication failed
authorization – MongoDB 3.2 authentication failed – Stack Overflow
也说是
创建了,具有用户管理权限的,root,用户后,再去重启开启限制,然后用root用户去创建其他用户
那就去:
服务器端,mongo shell中,在已经开启权限的情况下,先删除之前的gridfs用户
> use gridfs
switched to db gridfs
> show users
{
        "_id" : "gridfs.gridfs",
        "user" : "gridfs",
        "db" : "gridfs",
        "roles" : [
                {
                        "role" : "dbOwner",
                        "db" : "gridfs"
                }
        ]
}
> db.runCommand({dropAllUsersFromDatabase: 1})
{ "n" : 1, "ok" : 1 }
> show users
然后再去重新像之前一样,创建该用户:
> use gridfs
switched to db gridfs
> show users
> db.createUser(
...   {
...     user: "gridfs",
...     pwd: "pwd",
...     roles: [ { role: "dbOwner", db: "gridfs" } ]
...   }
... )
Successfully added user: {
        "user" : "gridfs",
        "roles" : [
                {
                        "role" : "dbOwner",
                        "db" : "gridfs"
                }
        ]
}
> show users
{
        "_id" : "gridfs.gridfs",
        "user" : "gridfs",
        "db" : "gridfs",
        "roles" : [
                {
                        "role" : "dbOwner",
                        "db" : "gridfs"
                }
        ]
}
然后,再去Mac本地mongo shell中再去连接试试,看看是否有权限操作gridfs数据库了。
后来发现,好像是之前缺少 use gridfs,此处加上了,至少可以就可以find到文件了:
➜  ~ mongo --host xxx -u gridfs -p pwd --authenticationDatabase gridfs
MongoDB shell version v3.6.3
connecting to: mongodb://xxx:27017/
MongoDB server version: 3.2.19
WARNING: shell and server versions do not match
> show users
2018-04-08T11:57:53.052+0800 E QUERY    [thread1] Error: not authorized on test to execute command { usersInfo: 1.0 } :
[email protected]/mongo/shell/utils.js:25:13
[email protected]/mongo/shell/db.js:1686:1
[email protected]/mongo/shell/utils.js:799:9
[email protected]/mongo/shell/utils.js:706:15
@(shellhelp2):1:1
> use gridfs
switched to db gridfs
> show users
{
    "_id" : "gridfs.gridfs",
    "user" : "gridfs",
    "db" : "gridfs",
    "roles" : [
        {
            "role" : "dbOwner",
            "db" : "gridfs"
        }
    ]
}
> db.fs.findOne()
null
> db.fs.files.findOne()
{
    "_id" : ObjectId("5ac48468a4bc71798971fc8d"),
    "contentType" : "application/pdf",
    "chunkSize" : 261120,
    "metadata" : {
        "seriesNumber" : NumberLong(1),
        "fitAgeStart" : "4",
        "keywords" : {
            "contentKeywordList" : [ ],
            "mainActorList" : [
                "Madeline "
            ],
            "storybookNameKeywordList" : [
                "Madeline "
            ],
            "seriesName" : "Madeline",
            "topicList" : [
                "Family members",
                "Sick"
            ],
            "storybookName" : "Madeline "
        },
        "awards" : "凯迪克奖银奖",
        "foreignCountry" : "美国",
        "publisher" : "Penguin US",
        "authorList" : [
            "Ludwig Bemelmans"
        ],
        "isFiction" : true,
        "contentAbstract" : "马德林生病了,割了阑尾的马德林住进了医院,收到了爸爸妈妈送的鲜花和糖果。其他姑娘们看了马德林的礼物竟然也想得阑尾炎。是不是很有趣。",
        "isSeries" : true,
        "lexileIndex" : "",
        "fitAgeEnd" : "5",
        "type" : "storybook"
    },
    "filename" : "Madeline.pdf",
    "length" : 41363142,
    "uploadDate" : ISODate("2018-04-04T07:53:22.417Z"),
    "md5" : "d4a39c2396586560dc64d47f0cf90f83"
}
不过呢,再去show dbs,仍然是没有权限的:
> show dbs
2018-04-08T11:59:21.864+0800 E QUERY    [thread1] Error: listDatabases failed:{
    "ok" : 0,
    "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
    "code" : 13
} :
[email protected]/mongo/shell/utils.js:25:13
[email protected]/mongo/shell/mongo.js:65:1
[email protected]/mongo/shell/utils.js:816:19
[email protected]/mongo/shell/utils.js:706:15
@(shellhelp2):1:1
但是,针对于自己有权限的数据库去show users查看用户,则是,正确的,有权限的:
> show users
{
    "_id" : "gridfs.gridfs",
    "user" : "gridfs",
    "db" : "gridfs",
    "roles" : [
        {
            "role" : "dbOwner",
            "db" : "gridfs"
        }
    ]
}
所以,之前一直出错,估计是缺少了use gridfs了。
【总结】
此处在远端Mongo中加了权限限制后,本地Mac中mongo shell中连接数据库:
mongo --host xxx -u gridfs -p pwd --authenticationDatabase gridfs
虽然能进去,但是操作失败:
> show users
2018-04-08T14:55:16.499+0800 E QUERY    [thread1] Error: not authorized on test to execute command { usersInfo: 1.0 } :
[email protected]/mongo/shell/utils.js:25:13
[email protected]/mongo/shell/db.js:1686:1
[email protected]/mongo/shell/utils.js:799:9
[email protected]/mongo/shell/utils.js:706:15
@(shellhelp2):1:1
原因是:
没有制定要使用对应数据库
解决办法:
方法1:use dbName
> use gridfs
switched to db gridfs
> show users
{
    "_id" : "gridfs.gridfs",
    "user" : "gridfs",
    "db" : "gridfs",
    "roles" : [
        {
            "role" : "dbOwner",
            "db" : "gridfs"
        }
    ]
}
方法2:连接时(在uri中)指定连接到dbName
➜  ~ mongo xxx/gridfs -u gridfs -p pwd --authenticationDatabase gridfs
MongoDB shell version v3.6.3
connecting to: mongodb://xxx:27017/gridfs
MongoDB server version: 3.2.19
WARNING: shell and server versions do not match
> show users
{
    "_id" : "gridfs.gridfs",
    "user" : "gridfs",
    "db" : "gridfs",
    "roles" : [
        {
            "role" : "dbOwner",
            "db" : "gridfs"
        }
    ]
}
即可。

转载请注明:在路上 » 【已解决】本地mongo shell中连接远程加了权限控制的mongoDB

发表我的评论
取消评论

表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
84 queries in 0.113 seconds, using 20.71MB memory