11

I'm trying to activate user authorization on my local Mongo installation, but authentication keeps on failing. What can be the problem? Am I missing something?

I followed the steps outlined in "Installing on Windows" and "Enable Client Access Control":

1) Added a user

>mongo admin
MongoDB shell version: 3.2.7
connecting to: admin
> db.createUser({createUser:"admin",pwd:"admin",roles:["root"]})
Successfully added user: { "createUser" : "admin", "roles" : [ "root" ] }
>

2) Enabled Client Access Control in mongod.cfg:

systemLog:
    destination: file
    path: c:\data\log\mongod.log
storage:
    dbPath: c:\data\db
security:
    authorization: enabled

3) Restarted mongod

4) Now logging in with the "right" credentials (the ones I just specified) always fails:

>mongo admin -u admin -p admin
MongoDB shell version: 3.2.7
connecting to: admin
2016-06-14T12:25:02.376+0200 E QUERY    [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2

exception: login failed

The error in the logfile is: SCRAM-SHA-1 authentication failed for admin on admin from client 127.0.0.1 ; AuthenticationFailed: SCRAM-SHA-1 authentication failed, storedKey mismatch

Platform is Windows 10 x64, if that matters. MongoDB 64-bit 3.2.7 with OpenSSL.

rustyx
  • 80,671
  • 25
  • 200
  • 267

5 Answers5

7

As per the documentation, the object passed to createUser should contain a user property (along with the others):

db.createUser({ user : "admin", pwd : "admin", roles : ["root"] })
                ^^^^ not `createUser`
robertklep
  • 198,204
  • 35
  • 394
  • 381
  • I am getting the same error even after using the above sytanx for user creation. Able to login with rootadmin user with previligese `roles: [ {role: "root", db: "admin"}]`, but having issue with other user to which i have provided access on particular DB as below: `[ {role: "dbOwner", db: "DB_ANME"}, {role: "readWrite", db: "DB_NAME"}`. – Kuldeep Sep 28 '16 at 14:55
  • 9
    Never mind, issue was with the "$" character in password. So, when I was trying from terminal it should to be escaped ;). – Kuldeep Sep 29 '16 at 14:12
  • 2
    I actually had an '@' in my password. Even tho i tried to excape, it did not work. I instead changed the password. – vemund Sep 21 '19 at 14:58
  • The issue with '@' in the pw not working could be due to invalid URL-encoding as explained [here](https://stackoverflow.com/questions/7486623/mongodb-password-with-in-it). – rustyx Jun 01 '21 at 09:55
3

Probably you're trying to recreate the database with new login and/or password. So, you need to exclude the "/db" folder. The database path's in the docker-compose.yml file. e.g.: "volumes: - ./db:/data/db".

Carlos Brito
  • 41
  • 2
2

If someone came here with the error message, this may help:

MongoDB cannot handle several symbols;

Restrictions on Database Names for Windows For MongoDB deployments running on Windows, database names cannot contain any of the following characters:

/\. "$*<>:|?

Also database names cannot contain the null character.

Restrictions on Database Names for Unix and Linux Systems For MongoDB deployments running on Unix and Linux systems, database names cannot contain any of the following characters:

/\. "$

https://docs.mongodb.com/manual/reference/limits/#Restrictions-on-Field-Names

I stuck on the error 'Authentication failed' with mongoengine as well as pymongo.

Please change your password when containing the symbols.

kujiy
  • 5,833
  • 1
  • 29
  • 35
0

In my experience the cause of this was that the replica set key on the node was different to that of it's peers.

The replicaset key is set through config param security.keyFile

Steve Williams
  • 31
  • 4
-2

I believe the password you entered on db.createUser doesn't match the one you entered when prompting Enter password in the mongo console. You can try to remove the user: db.dropUser('userName') and recreate the user. Make sure you remember the correct password.

supertrens
  • 1
  • 2