mongodb 在身份验证启用模式下不要求身份验证

【问题标题】:mongodb not asking for authentication in authentication enabled modemongodb 在身份验证启用模式下不要求身份验证
【发布时间】:2021-12-09 10:11:54
【问题描述】:

我是 mongodb 的新手,正在尝试在 mongod 中进行身份验证。我尝试了以下操作:

  1. 在正常模式下启动mongod添加用户,验证用户在那里

  2. 开始 mongod --auth 服务器日志显示身份验证已启用。

  3. 打开 compass 或 mongo ,我观察到它正在打开 dbs 而无需输入任何密码。 更新:如果我停止 MongoDB 服务,启动时的身份验证工作将不起作用

    C:\Program Files\MongoDB\Server\5.0\bin>mongod --auth {"t":{"$date":"2021-10-25T02:50:39.411+05:30"},"s":"I", "c":"CONTROL", "id":23285, "ctx":"-","msg":"自动禁用 TLS 1.0,强制启用 TLS 1.0 指定 --sslDisabledProtocols 'none'"} {"t":{"$date":"2021-10-25T02:50:39.413+05:30"},"s":"I", "c":"NETWORK", "id":4915701, "ctx":"main","msg":"初始化的电线规范","attr":{"spec":{"incomingExternalClient":{"minWireVersion":0,"maxWireVersion":13},"incomingInternalClient": {"minWireVersion":0,"maxWireVersion":13},"outgoing":{"minWireVersion":0,"maxWireVersion":13},"isInternalClient":true}}} {"t":{"$date":"2021-10-25T02:50:39.723+05:30"},"s":"W", "c":"ASIO", "id":22601, "ctx":"main","msg":"NetworkInterface 启动期间未配置 TransportLayer"} {"t":{"$date":"2021-10-25T02:50:39.723+05:30"},"s":"I", "c":"NETWORK", "id":4648602, "ctx":"main","msg":"隐式 TCP FastOpen 正在使用中。"} {"t":{"$date":"2021-10-25T02:50:39.724+05:30"},"s":"W", "c":"ASIO", "id":22601, "ctx":"main","msg":"NetworkInterface 启动期间未配置 TransportLayer"} {"t":{"$date":"2021-10-25T02:50:39.724+05:30"},"s":"I", "c":"REPL", "id":5123008, "ctx":"main","msg":"成功注册 PrimaryOnlyService","attr":{"service":"TenantMigrationDonorService","ns":"config.tenantMigrationDonors"}} {"t":{"$date":"2021-10-25T02:50:39.725+05:30"},"s":"I", "c":"REPL", "id":5123008, "ctx":"main","msg":"成功注册 PrimaryOnlyService","attr":{"service":"TenantMigrationRecipientService","ns":"config.tenantMigrationRecipients"}} {"t":{"$date":"2021-10-25T02:50:39.726+05:30"},"s":"I", "c":"CONTROL", "id":4615611, "ctx":"initandlisten","msg":"MongoDB 开始","attr":{"pid":6072,"port":27017,"dbPath":"C:/data/db/","architecture ":"64 位","主机":"SDIN-SWT-NDT-121"}} {"t":{"$date":"2021-10-25T02:50:39.726+05:30"},"s":"I", "c":"CONTROL", "id":23398, "ctx":"initandlisten","msg":"目标操作系统最低版本","attr":{"targetMinOS":"Windows 7/Windows Server 2008 R2"}} {"t":{"$date":"2021-10-25T02:50:39.726+05:30"},"s":"I", "c":"CONTROL", "id":23403, "ctx":"initandlisten","msg":"Build Info","attr":{"buildInfo":{"version":"5.0.3","gitVersion":"657fea5a61a74d7a79df7aff8e4bcf0bc742b748","modules":[ ],"allocator":"tcmalloc","environment":{"distmod":"windows","distarch":"x86_64","target_arch":"x86_64"}}}} {"t":{"$date":"2021-10-25T02:50:39.726+05:30"},"s":"I", "c":"CONTROL", "id":51765, "ctx":"initandlisten","msg":"操作系统","attr":{"os":{"name":"Microsoft Windows 10","version":"10.0 (build 19042)"}} } {"t":{"$date":"2021-10-25T02:50:39.726+05:30"},"s":"I", "c":"CONTROL", "id":21951, "ctx":"initandlisten","msg":"命令行设置的选项","attr":{"options":{"security":{"authorization":"enabled"}}}} {"t":{"$date":"2021-10-25T02:50:39.727+05:30"},"s":"I", "c":"STORAGE", "id":22270, "ctx":"initandlisten","msg":"数据文件检测到的存储引擎","attr":{"dbpath":"C:/data/db/","storageEngine":"wiredTiger"} } {"t":{"$date":"2021-10-25T02:50:39.728+05:30"},"s":"I", "c":"STORAGE", "id":22315, "ctx":"initandlisten","msg":"打开 WiredTiger","attr":{"config":"create,cache_size=32174M,session_max=33000,eviction=(threads_min=4,threads_max=4),config_base =false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),builtin_extension_config=(zstd=(compression_level=6)),file_manager=(close_idle_time=600,close_scan_interval= 10,close_handle_minimum=250),statistics_log=(wait=0),verbose=[recovery_progress,checkpoint_progress,compact_progress],"}} {"t":{"$date":"2021-10-25T02:50:39.823+05:30"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1635110439:822647][6072:140734753232208], txn-recover: [WT_VERB_RECOVERY_PROGRESS] 恢复日志 10 到 11 "}} {"t":{"$date":"2021-10-25T02:50:39.873+05:30"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1635110439:873197][6072:140734753232208], txn-recover: [WT_VERB_RECOVERY_PROGRESS] 恢复日志 11 到 11 "}} {"t":{"$date":"2021-10-25T02:50:39.921+05:30"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1635110439:921070][6072:140734753232208], txn-recover: [WT_VERB_RECOVERY | WT_VERB_RECOVERY_PROGRESS] 主恢复循环: 从 10/13696 到 11/256"}} {"t":{"$date":"2021-10-25T02:50:39.997+05:30"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1635110439:997804][6072:140734753232208], txn-recover: [WT_VERB_RECOVERY_PROGRESS] 恢复日志 10 到 11 "}} {"t":{"$date":"2021-10-25T02:50:40.066+05:30"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1635110440:66588][6072:140734753232208], txn-recover: [WT_VERB_RECOVERY_PROGRESS] 正在恢复日志 11 到 11 "}} {"t":{"$date":"2021-10-25T02:50:40.107+05:30"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1635110440:107481][6072:140734753232208], txn-recover: [WT_VERB_RECOVERY | WT_VERB_RECOVERY_PROGRESS] 设置全局恢复时间戳:(0, 0)"}} {"t":{"$date":"2021-10-25T02:50:40.108+05:30"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1635110440:107481][6072:140734753232208], txn-recover: [WT_VERB_RECOVERY | WT_VERB_RECOVERY_PROGRESS] 设置全局最旧时间戳:(0, 0)"}} {"t":{"$date":"2021-10-25T02:50:40.109+05:30"},"s":"I", "c":"STORAGE", "id":22430, "ctx":"initandlisten","msg":"WiredTiger message","attr":{"message":"[1635110440:109476][6072:140734753232208], WT_SESSION.checkpoint: [WT_VERB_CHECKPOINT_PROGRESS] 保存检查点快照 min: 1,快照最大值:1 快照计数:0,最旧时间戳:(0, 0) ,元检查点时间戳:(0, 0) 基本写入生成:8748"}} {"t":{"$date":"2021-10-25T02:50:40.201+05:30"},"s":"I", "c":"STORAGE", "id":4795906, "ctx":"initandlisten","msg":"WiredTiger 打开","attr":{"durationMillis":473}} {"t":{"$date":"2021-10-25T02:50:40.201+05:30"},"s":"I", "c":"RECOVERY", "id":23987, "ctx":"initandlisten","msg":"WiredTiger recoveryTimestamp","attr":{"recoveryTimestamp":{"$timestamp":{"t":0,"i":0}}}} {"t":{"$date":"2021-10-25T02:50:40.206+05:30"},"s":"I", "c":"STORAGE", "id":4366408, "ctx":"initandlisten","msg":"现有 WiredTiger 表不需要修改表日志记录设置","attr":{"loggingEnabled":true}} {"t":{"$date":"2021-10-25T02:50:40.209+05:30"},"s":"I", "c":"STORAGE", "id":22262, "ctx":"initandlisten","msg":"时间戳监视器启动"} {"t":{"$date":"2021-10-25T02:50:40.267+05:30"},"s":"W", "c":"CONTROL", "id":22140, "ctx":"initandlisten","msg":"此服务器绑定到本地主机。远程系统将无法连接到此服务器。使用 --bind_ip 启动服务器以指定它应该从哪些 IP 地址提供响应,或者使用 --bind_ip_all 绑定到所有接口。如果需要此行为,请使用 --bind_ip 127.0.0.1 启动服务器以禁用此警告","tags":["startupWarnings"]} {"t":{"$date":"2021-10-25T02:50:40.269+05:30"},"s":"I", "c":"NETWORK", "id":4915702, "ctx":"initandlisten","msg":"更新的电线规范","attr":{"oldSpec":{"incomingExternalClient":{"minWireVersion":0,"maxWireVersion":13},"incomingInternalClient": {"minWireVersion":0,"maxWireVersion":13},"outgoing":{"minWireVersion":0,"maxWireVersion":13},"isInternalClient":true},"newSpec":{"incomingExternalClient":{" minWireVersion":0,"maxWireVersion":13},"incomingInternalClient":{"minWireVersion":13,"maxWireVersion":13},"outgoing":{"minWireVersion":13,"maxWireVersion":13},"isInternalClient “:真的}}} {"t":{"$date":"2021-10-25T02:50:40.269+05:30"},"s":"I", "c":"STORAGE", "id":5071100, "ctx":"initandlisten","msg":"清除临时目录"} {"t":{"$date":"2021-10-25T02:50:40.272+05:30"},"s":"I", "c":"CONTROL", "id":20536, "ctx":"initandlisten","msg":"在此部署上启用了流控制"} {"t":{"$date":"2021-10-25T02:50:40.412+05:30"},"s":"I", "c":"FTDC", "id":20625, "ctx":"initandlisten","msg":"初始化全时诊断数据捕获","attr":{"dataDirectory":"C:/data/db/diagnostic.data"}} {"t":{"$date":"2021-10-25T02:50:40.415+05:30"},"s":"I", "c":"NETWORK", "id":23015, "ctx":"listener","msg":"正在监听","attr":{"address":"127.0.0.1"}} {"t":{"$date":"2021-10-25T02:50:40.416+05:30"},"s":"I", "c":"NETWORK", "id":23016, "ctx":"listener","msg":"等待连接","attr":{"port":27017,"ssl":"off"}}

//mongodb配置

#net:

端口:27017 绑定IP:127.0.0.1

#processManagement:

#安全:

#operationProfiling:

#复制:

#分片:

【问题讨论】:

  • 请不要粘贴截图,使用格式化文本。见meta.stackoverflow.com/a/285557/3027266
  • 你确定你运行的是同一个mongod进程吗?检查db.serverCmdLineOpts() 和/或db.hello()
  • 你是什么意思 - UPDATE: if i stop MongoDB service, authentication work on starting dont work?请详细说明。
  • @barrypicker 如果 mongod 正在运行并且我在任务管理器中停止 mongoDB 服务,然后运行 ​​mongo shell,它以身份验证模式运行,但是一旦我再次启动服务,db 再次进入 un认证模式,即我可以在没有罗盘密码的情况下访问它
  • 如果您停止服务,那么服务器如何以身份验证模式运行?您的计算机上一定有另一个mongod 进程正在运行。查看所有正在运行的进程并杀死有问题的mongod 进程,或者重新启动计算机,然后禁用该服务。

标签: mongodb


【解决方案1】:

启用访问控制:

一个。如果从命令行启动 mongod,请添加 --auth 命令行选项:

mongod --auth --port 27017 --dbpath /var/lib/mongodb

b.如果您使用配置文件启动 mongod,请添加 security.authorization 配置文件设置:

security:
    authorization: enabled

【讨论】:

  • 我已经尝试过了,但是添加了授权:启用,使 mongodb 服务崩溃并且它不会再次运行,尽管 mongod 和 mongo 可以工作
  • @murmansk 你的意思是当你尝试通过 service' 和运行 mongod -f mongod.conf 启动服务时问题?如果是这样,问题听起来与您在环境中安装 mongodb 的方式有关。
  • 对配置进行更改后,如果我重新启动机器,则服务无法运行。服务肯定看起来像停止状态的原因,如果我运行 mongod 和 mongo,它会以身份验证模式启动,但随后将无法在网络中访问,因此运行服务也是必不可少的
  • 看起来服务失败的原因是由于身份验证字段中的一些额外空格,现在 mongod 自动以身份验证模式启动。虽然仍然不明白为什么 --auth 在配置更改有效时不起作用。
猜你喜欢
  • 1970-01-01
  • 2019-12-02
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2020-01-21
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode