Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 3.6.10, 4.0.5, 4.1.6
Affects Version/s: 3.6.1
Component/s: Security
Labels:
None

Backwards Compatibility:
Minor Change
Backport Requested:

v4.0, v3.6
Sprint:
Platforms 2018-07-16, Platforms 2018-07-30, Platforms 2018-08-13, Platforms 2018-08-27, Platforms 2018-09-10, Service Arch 2018-10-22, Service Arch 2018-11-05, Service Arch 2018-11-19
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

https://docs.mongodb.com/manual/reference/connection-string/
Documentation states:

/database Optional. The name of the database to authenticate if the connection string includes authentication credentials in the form of username:password@. If /database is not specified and the connection string includes credentials, the driver will authenticate to the admin database.

3.4, correct:

kdz-mbp:mongodb kdz$ mongo --version
MongoDB shell version v3.4.14
git version: fd954412dfc10e4d1e3e2dd4fac040f8b476b268
OpenSSL version: OpenSSL 1.0.2o  27 Mar 2018
allocator: system
modules: none
build environment:
    distarch: x86_64
    target_arch: x86_64
kdz-mbp:mongodb kdz$ mongo "mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/admin?ssl=true"
MongoDB shell version v3.4.14
connecting to: mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/admin?ssl=true
MongoDB server version: 3.6.4
WARNING: shell and server versions do not match
MongoDB Enterprise Cluster0-shard-0:SECONDARY>
bye
kdz-mbp:mongodb kdz$ mongo "mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/?ssl=true"
MongoDB shell version v3.4.14
connecting to: mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/?ssl=true
MongoDB server version: 3.6.4
WARNING: shell and server versions do not match
MongoDB Enterprise Cluster0-shard-0:SECONDARY>
bye

However this seems to be broken in 3.6 client

kdz-mbp:mongodb kdz$ mongo --version
MongoDB shell version v3.6.5
git version: a20ecd3e3a174162052ff99913bc2ca9a839d618
OpenSSL version: OpenSSL 1.0.2o  27 Mar 2018
allocator: system
modules: none
build environment:
    distarch: x86_64
    target_arch: x86_64
kdz-mbp:mongodb kdz$ mongo "mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/admin?ssl=true"
MongoDB shell version v3.6.5
connecting to: mongodb://cluster0-shard-00-00-gc2qe.mongodb.net:27017/admin?ssl=true
MongoDB server version: 3.6.4
MongoDB Enterprise Cluster0-shard-0:SECONDARY>
bye
kdz-mbp:mongodb kdz$ mongo "mongodb://admin:__secret__@cluster0-shard-00-00-gc2qe.mongodb.net:27017/?ssl=true"
MongoDB shell version v3.6.5
connecting to: mongodb://cluster0-shard-00-00-gc2qe.mongodb.net:27017/?ssl=true
MongoDB server version: 3.6.4
2018-05-24T20:44:33.789+0200 E QUERY    [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1608:20
@(auth):6:1
@(auth):1:2
exception: login failed

causes

SERVER-35768 gssapiServiceName URL parameter does not work

Closed

duplicates

SERVER-27655 Redact echoed mongo shell URIs

Closed

Assignee:: Tyler Kaye
Reporter:: Kamil Dziedzic
Participants:: Githook User, Kamil Dziedzic, Nick Brewer, Tyler Kaye
Votes:: 0 Vote for this issue
Watchers:: 8 Start watching this issue

Created:: May 24 2018 06:53:38 PM UTC
Updated:: Oct 29 2023 10:31:26 PM UTC
Resolved:: Nov 16 2018 06:49:08 PM UTC
Confidence Status Last Update:: 24/Oct/18 6:15 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates