Reputation: 580
Can't authenticate with mongoenine to mongodb replicas
1) Before even setting replica sets in mongo i created admin user, with "readWriteAnyDatabase", "userAdminAnyDatabase", "dbAdminAnyDatabase", "clusterAdmin" roles.
2) Then i set my /etc/mongodb.conf configurations on all 3 servers.
dbpath=/var/lib/mongodb
logpath=/var/log/mongodb/mongodb.log
logappend=true
port = 27017
auth = true
replSet = test4
3) Initiated replicas, but got error (Do not remember exactly what the error was, but something related to that one of the server was not up. So i figured that it just can't authenticate)
config = {"_id" : "test4", "version" : 1, "members" : [{"_id" : 0,"host" : "xxx.xxx.xxx.xxx:27017"}, {"_id" : 1,"host" : "xxx.xxx.xxx.xxx:27017"}, {"_id":2,"host" : "xxx.xxx.xxx.xxx:27017"}]}
rs.initiate(config)
4) To solve the error, i generated keyFile and added keyFile authentication to my mongodb.conf file.
dbpath=/var/lib/mongodb
keyFile = /etc/keyFile
logpath=/var/log/mongodb/mongodb.log
logappend=true
port = 27017
auth = true
replSet = test4
And everything worked like a charm. Database copied itself over replicas. Admin user worked as expected too.
5) Then i created user with all needed permissions for other database i have, lets call it 'testdb' and user: notadmin, pass: notadmin.
But there is one strange thing i noticed. When i enter mongo in console i do not see replicas, until i log in admin database as an admin like this:
use admin
db.auth('admin', 'admin')
Then my console changes to test4:PRIMARY> or test4:SECONDARY> and i can perform actions with replicas. Guess it should be like this.
And everything works fine, if i insert data through pymongo library. Permissions work, admin user can insert into any database, given permissions, and notadmin user can insert into testdb.
But if i try to make the same thing with mongoengine models,
mongodsn = 'mongodb://notadmin:[email protected]:27017,xx.x.xx.xxx:27017,xxx.xxx.xxx.xx:27017/'
db_instance = mongoengine.connect('testdb', host=mongodsn, replicaSet='test4', readPreference='secondaryPreferred')
rt = ReconnectTest()
rt.content = 'item#{0:d}'.format(x)
rt.save()
i get authentication error:
mongoengine.errors.OperationError: Could not save document (command SON([('authenticate', 1), ('user', u'notadmin'), ('nonce', u'9ae2f85cd41f6c74'), ('key', u'8f814aa2434s4t2e0ff9bae03762e')]) failed: auth fails)
The only thing it permits me is from admin user to write to admin database. So something like this works:
mongodsn = 'mongodb://admin:[email protected]:27017,xx.x.xx.xxx:27017,xxx.xxx.xxx.xx:27017/'
db_instance = mongoengine.connect('admin', host=mongodsn, replicaSet='test4', readPreference='secondaryPreferred')
rt = ReconnectTest()
rt.content = 'item#{0:d}'.format(x)
rt.save()
I am so confused, because mongoengine is just wrapper around pymongo. So how come i can do actions with pymongo, and can't do the same with mongoenige. How do i authenticate with mongoengine to testdb ?
Upvotes: 2
Views: 2466
Answers (1)
Reputation: 268
You need to create a user under the "testdb" database, as follows:
$ mongo admin -u <username> -p <password>
> use testdb
> db.addUser({user: <username>, pwd: <password>, roles: [<permissions>]})
Then trying to connect through mongoengine using the newly created user.
Also, add the database in the connection string, as such:
'mongodb://notadmin:[email protected]:27017/testdb'
Upvotes: 2
Related Questions
- Cannot authenticate into mongo, "auth fails"
- Authenticate mongodb replica set
- MongoDB create replica set with authentication enabled
- MongoDB 3.2 authentication failed
- mongodb: Auth mechanism not specified
- How to initiate authentication for replica set - MongoDB
- Can't connect to MongoDB with authentication enabled
- Cannot connect with authentication to mongodb?
- Can't authenticate against Mongodb 3.0.1 member added to a 2.6.8 replica set
- mongodb replicaset auth not working