Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-35212

URI connection does not default to admin database when no authSource is specified

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 3.6.1
    • Fix Version/s: 3.6.10, 4.0.5, 4.1.6
    • Component/s: Security
    • Labels:
      None
    • Backwards Compatibility:
      Minor Change
    • Backport Requested:
      v4.0, v3.6
    • Sprint:
      Platforms 2018-07-16, Platforms 2018-07-30, Platforms 2018-08-13, Platforms 2018-08-27, Platforms 2018-09-10, Service Arch 2018-10-22, Service Arch 2018-11-05, Service Arch 2018-11-19

      Description

      https://docs.mongodb.com/manual/reference/connection-string/
      Documentation states:

      /database Optional. The name of the database to authenticate if the connection string includes authentication credentials in the form of username:password@. If /database is not specified and the connection string includes credentials, the driver will authenticate to the admin database.

      3.4, correct:

      kdz-mbp:mongodb kdz$ mongo --version
      MongoDB shell version v3.4.14
      git version: fd954412dfc10e4d1e3e2dd4fac040f8b476b268
      OpenSSL version: OpenSSL 1.0.2o  27 Mar 2018
      allocator: system
      modules: none
      build environment:
          distarch: x86_64
          target_arch: x86_64
      kdz-mbp:mongodb kdz$ mongo "mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/admin?ssl=true"
      MongoDB shell version v3.4.14
      connecting to: mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/admin?ssl=true
      MongoDB server version: 3.6.4
      WARNING: shell and server versions do not match
      MongoDB Enterprise Cluster0-shard-0:SECONDARY>
      bye
      kdz-mbp:mongodb kdz$ mongo "mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/?ssl=true"
      MongoDB shell version v3.4.14
      connecting to: mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/?ssl=true
      MongoDB server version: 3.6.4
      WARNING: shell and server versions do not match
      MongoDB Enterprise Cluster0-shard-0:SECONDARY>
      bye
      

      However this seems to be broken in 3.6 client

      kdz-mbp:mongodb kdz$ mongo --version
      MongoDB shell version v3.6.5
      git version: a20ecd3e3a174162052ff99913bc2ca9a839d618
      OpenSSL version: OpenSSL 1.0.2o  27 Mar 2018
      allocator: system
      modules: none
      build environment:
          distarch: x86_64
          target_arch: x86_64
      kdz-mbp:mongodb kdz$ mongo "mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/admin?ssl=true"
      MongoDB shell version v3.6.5
      connecting to: mongodb://cluster0-shard-00-00-gc2qe.mongodb.net:27017/admin?ssl=true
      MongoDB server version: 3.6.4
      MongoDB Enterprise Cluster0-shard-0:SECONDARY>
      bye
      kdz-mbp:mongodb kdz$ mongo "mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/?ssl=true"
      MongoDB shell version v3.6.5
      connecting to: mongodb://cluster0-shard-00-00-gc2qe.mongodb.net:27017/?ssl=true
      MongoDB server version: 3.6.4
      2018-05-24T20:44:33.789+0200 E QUERY    [thread1] Error: Authentication failed. :
      DB.prototype._authOrThrow@src/mongo/shell/db.js:1608:20
      @(auth):6:1
      @(auth):1:2
      exception: login failed
      

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: