[SERVER-2917] Rest / HTTP interface not working with AUTH and command - MongoDB

Details

Type: Bug
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: 1.8.1
Fix Version/s: 2.0.6, 2.1.0
Component/s: HTTP Console
Labels:
None
Environment:
Linux 64-bit

Operating System:
ALL

Description

This bug happens both remote and localhost.

To repro:
---------
1. Configure single server with --rest and --auth.
2. Add a user to the admin Database.
> use admin
> db.addUser("theadmin", "anadminpassword")
3. Connect to HTTP UI from
3.a. local : http://localhost:28017
3.b. remote : http://1.2.3.4:28017

According to the documentation 3.a. should work and 3.b. should ask for authentication.
This works correctly.
http://www.mongodb.org/display/DOCS/Http+Interface#HttpInterface-HTTPConsoleSecurity

4. Use an admin-level command from the HTTP UI
4.a. local: http://localhost:28017/listDatabases
4.b. remote: http://1.2.3.4:28017/listDatabases

In both cases MongoDB is throwing the following exception:
"error loading page: unauthorized db:admin lock type:-1 client:(NONE)"

In the case of 4.a, no authentication request is made, the http request simply fails.

Attachments

Issue Links

is duplicated by

SERVER-4033 the most web stats pages show error message

Closed

SERVER-4128 the most web stats pages show error message (also after update to 2.0.1)

Closed

Activity

People

Assignee:

Unassigned

Reporter:

Gaetan Voyer-Perrault

Participants:

auto, Gaetan Voyer-Perrault, Seamus Abshere

Votes:

2 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

Apr 08 2011 12:15:17 AM UTC

Updated:

Jul 12 2016 12:20:42 AM UTC

Resolved:

Oct 19 2011 04:39:19 PM UTC