Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-17512

Unable to authenticate with web console with SCRAM-SHA-1

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Duplicate
    • Affects Version/s: 3.0.0
    • Fix Version/s: None
    • Component/s: HTTP Console
    • Labels:
      None
    • Environment:
      MongoDB: 3.0.0 (standalone)
      Linux: 2.6.32-358.6.2.el6.x86_64
    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      Linux
    • Steps To Reproduce:
      Hide

      1) Startup brand new 3.0.0 mongo:

      numactl --interleave=all ${MONGO_HOME}/bin/mongod --config ./mongodb.conf

      mongodb.conf

      systemLog:
      destination: file
      path: "/foo/logs/mongodb.log"
      logAppend: true
      processManagement:
      fork: true
      net:
      http:
      enabled: true
      RESTInterfaceEnabled: true
      port: 6646
      storage:
      dbPath: "/foo/db"

      2) Create a user on the localhost:

      $ mongo localhost:6646/admin

      > db.createUser(

      {user: "foo", pwd: "bar", roles: ["userAdminAnyDatabase"]}

      );

      3) Got to http://localhost:7646/ and unable to login.

      Alternatively.

      1) Start using an existing 2.6.x db with 3.0.0 binaries.

      2) Login to the web console: http://localhost:7646/. Should work fine.

      3) Login to mongo and upgrade the auth:

      > db.adminCommand(

      {authSchemaUpgrade: 1}

      );

      4) Go back to the web console (has to be in a fresh browser): http://localhost:7646/ and you are now unable to login. mongo command line tools still work.

      Looks a bit broken to me

      Show
      1) Startup brand new 3.0.0 mongo: numactl --interleave=all ${MONGO_HOME}/bin/mongod --config ./mongodb.conf mongodb.conf systemLog: destination: file path: "/foo/logs/mongodb.log" logAppend: true processManagement: fork: true net: http: enabled: true RESTInterfaceEnabled: true port: 6646 storage: dbPath: "/foo/db" 2) Create a user on the localhost: $ mongo localhost:6646/admin > db.createUser( {user: "foo", pwd: "bar", roles: ["userAdminAnyDatabase"]} ); 3) Got to http://localhost:7646/ and unable to login. Alternatively. 1) Start using an existing 2.6.x db with 3.0.0 binaries. 2) Login to the web console: http://localhost:7646/ . Should work fine. 3) Login to mongo and upgrade the auth: > db.adminCommand( {authSchemaUpgrade: 1} ); 4) Go back to the web console (has to be in a fresh browser): http://localhost:7646/ and you are now unable to login. mongo command line tools still work. Looks a bit broken to me

      Description

      After doing a clean install of 3.0.0 and setting up default users we are unable to authenticate with the web console.

      The issue also happens after upgrading from 2.6.x -> 3.0.0 and then running a authSchemaUpgrade.

      It's because it stops working after the authSchemaUpgrade that makes me think the issue is to do with SCRAM-SHA-1.

      Authentication is turned "off" but it still doesn't work even if this is turned on. Also we can still connect to mongo using the normal mongo command line tool.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              spencer Spencer Brody (Inactive)
              Reporter:
              ibryson Ian Bryson
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: