mongodb 使用机制“SCRAM-SHA-1”时Mongoexport验证错误

5uzkadbs  于 2023-03-07  发布在  Go
关注(0)|答案(3)|浏览(711)

我已经接管了没有文件记录的蒙戈4.4.8集群(PSA)。我正在努力整理和测试。
原始连接字符串:

MONGODB_URI=mongodb://${USER}:${PASS}@10.0.0.3:27017,10.0.0.6:27017,10.0.0.2:27017/bud?replicaSet=bud-replica&authSource=admin

我已启用localhost和套接字连接。我可以使用以下命令从cmdlet行登录

mongo -u ${USER} -p ${PASS}
MongoDB shell version v4.4.8
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("492e331b-417e-458a-83c7-9db6eaae0869") }
MongoDB server version: 4.4.8

我可以将db切换到 bud 并执行查询。

mongo

则具有相同凭证的认证不起作用:

bud-replica:PRIMARY> db.auth('admin','admin');
Error: Authentication failed.
0

我尝试搜索用户,但显示没有任何:

bud-replica:PRIMARY> db.getUsers()
[ ]
bud-replica:PRIMARY> use bud
switched to db bud
bud-replica:PRIMARY> db.getUsers()
[ ]

这是mongod.conf安全部分:

security:
   authorization: enabled
   keyFile: "/etc/bud-rs"

最后,我需要在做实验之前导出数据,虽然cmd行界面看起来很相似,但不管我设置用户名/密码或跳过这些参数,mongoexport都无法获取数据。

mongoexport -h localhost --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray > accidents.json
2021-08-25T19:30:30.631+0200    could not connect to server: connection() error occured during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.
mongoexport -h localhost --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray --authenticationDatabase “admin” > accidents.json
2021-08-25T19:36:18.738+0200    could not connect to server: connection() error occured during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.
root@10:~# mongoexport -h localhost --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray --authenticationDatabase “bud” > accidents.json
2021-08-25T19:38:21.174+0200    could not connect to server: connection() error occured during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.

我真的很困惑,我没能在谷歌或其他网站上找到解决方案。
第二个相关问题:
如果我需要创建新用户,我应该在所有副本上创建还是自动同步?

第1次更新

这是变通方案,但我的问题仍然有效。我想了解。

root@10:~# mongoexport --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray "mongodb://admin:admin@10.0.0.3:27017/bud?authSource=admin" > accidents.json
2021-08-25T20:46:54.777+0200    connected to: mongodb://[**REDACTED**]@10.0.0.3:27017/bud?authSource=admin
2021-08-25T20:46:55.778+0200    [........................]  bud.accidents  0/4379  (0.0%)
2021-08-25T20:46:56.497+0200    [########################]  bud.accidents  4379/4379  (100.0%)
2021-08-25T20:46:56.497+0200    exported 4379 records

第二次更新

bud-replica:PRIMARY> use admin
bud-replica:PRIMARY> show collections
system.keys
system.users
system.version
bud-replica:PRIMARY> db.system.users.find()
{ "_id" : "admin.admin", "userId" : UUID("769e4f5c-6f46-4153-857e-47d7d8730066"), "user" : "admin", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "32/AP4019eome36j8n
kgsdhlau

kgsdhlau1#

用户凭据是在管理数据库中创建的。
连接mongo shell时,在运行db.auth之前切换到use admin
有效的mongoexport命令在连接字符串中使用了authSource=admin
--authenticationDatabase=admin添加到另一个命令行,以指示它也使用admin数据库进行身份验证。

carvr3hs

carvr3hs2#

下面的整个示例命令对我很有效。
Mongodb版本:5.x.x,也适用于Mongodb版本:第八章

mongodump --authenticationDatabase=admin --uri mongodb://username:password@mongodb-host/db-name?ssl=false&authSource=admin
mwkjh3gx

mwkjh3gx3#

mongodump "mongodb://username:password@host:27017/?authSource=admin" --db dbname --out path\file.sql

相关问题