<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 03:07:23 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-4933] auth not working at all</title>
                <link>https://jira.mongodb.org/browse/SERVER-4933</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;According to &lt;a href=&quot;http://www.mongodb.org/display/DOCS/Security+and+Authentication&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://www.mongodb.org/display/DOCS/Security+and+Authentication&lt;/a&gt;, if you run with --auth, you can still do anything to a db until the first user for that db is created.  However, I just did an experiment to verify this, and found that even after I created a user for a db, I was able to do anything without having to authenticate.&lt;/p&gt;


&lt;p&gt;$ ./mongo&lt;br/&gt;
MongoDB shell version: 2.1.1-pre-&lt;br/&gt;
connecting to: test&lt;br/&gt;
&amp;gt;&lt;br/&gt;
&amp;gt; use bezos&lt;br/&gt;
switched to db bezos&lt;br/&gt;
&amp;gt; db.foob.insert(&lt;/p&gt;
{blah:1}
&lt;p&gt;);&lt;br/&gt;
&amp;gt; db.foob.insert(&lt;/p&gt;
{blah:2}
&lt;p&gt;);&lt;br/&gt;
&amp;gt; db.foob.find();&lt;/p&gt;
{ &quot;_id&quot; : ObjectId(&quot;4f35a84ccf5576708e221733&quot;), &quot;blah&quot; : 1 }
{ &quot;_id&quot; : ObjectId(&quot;4f35a853cf5576708e221734&quot;), &quot;blah&quot; : 2 }
&lt;p&gt;&amp;gt; db.addUser(&quot;scott&quot;, &quot;tiger&quot;, false);&lt;/p&gt;
{
        &quot;user&quot; : &quot;scott&quot;,
        &quot;readOnly&quot; : false,
        &quot;pwd&quot; : &quot;0cbd24414b7e463fdaaec5ec64f3982f&quot;,
        &quot;_id&quot; : ObjectId(&quot;4f35a87acf5576708e221735&quot;)
}
{ &quot;n&quot; : 0, &quot;connectionId&quot; : 1, &quot;err&quot; : null, &quot;ok&quot; : 1 }
&lt;p&gt;&amp;gt; db.foob.insert(&lt;/p&gt;
{blah:3}
&lt;p&gt;);&lt;br/&gt;
&amp;gt; db.foob.find();&lt;/p&gt;
{ &quot;_id&quot; : ObjectId(&quot;4f35a84ccf5576708e221733&quot;), &quot;blah&quot; : 1 }
{ &quot;_id&quot; : ObjectId(&quot;4f35a853cf5576708e221734&quot;), &quot;blah&quot; : 2 }
{ &quot;_id&quot; : ObjectId(&quot;4f35a888cf5576708e221736&quot;), &quot;blah&quot; : 3 }
&lt;p&gt;&amp;gt; db.auth(&quot;scott&quot;, &quot;tiger&quot;);&lt;br/&gt;
1&lt;br/&gt;
&amp;gt; db.foob.find();&lt;/p&gt;
{ &quot;_id&quot; : ObjectId(&quot;4f35a84ccf5576708e221733&quot;), &quot;blah&quot; : 1 }
{ &quot;_id&quot; : ObjectId(&quot;4f35a853cf5576708e221734&quot;), &quot;blah&quot; : 2 }
{ &quot;_id&quot; : ObjectId(&quot;4f35a888cf5576708e221736&quot;), &quot;blah&quot; : 3 }
&lt;p&gt;&amp;gt; exit&lt;br/&gt;
bye&lt;/p&gt;

&lt;p&gt;Given this, I stopped my server to make sure I was really running with --auth.  It was in my config file, so I started again:&lt;/p&gt;

&lt;p&gt;$ ./mongo&lt;br/&gt;
MongoDB shell version: 2.1.1-pre-&lt;br/&gt;
connecting to: test&lt;br/&gt;
&amp;gt; use bezos&lt;br/&gt;
switched to db bezos&lt;br/&gt;
&amp;gt; show collections&lt;br/&gt;
foob&lt;br/&gt;
system.indexes&lt;br/&gt;
system.users&lt;br/&gt;
&amp;gt; db.foob.find();&lt;/p&gt;
{ &quot;_id&quot; : ObjectId(&quot;4f35a84ccf5576708e221733&quot;), &quot;blah&quot; : 1 }
{ &quot;_id&quot; : ObjectId(&quot;4f35a853cf5576708e221734&quot;), &quot;blah&quot; : 2 }
{ &quot;_id&quot; : ObjectId(&quot;4f35a888cf5576708e221736&quot;), &quot;blah&quot; : 3 }
&lt;p&gt;&amp;gt; db.system.users.find();&lt;/p&gt;
{ &quot;_id&quot; : ObjectId(&quot;4f35a87acf5576708e221735&quot;), &quot;user&quot; : &quot;scott&quot;, &quot;readOnly&quot; : f
alse, &quot;pwd&quot; : &quot;0cbd24414b7e463fdaaec5ec64f3982f&quot; }
&lt;p&gt;&amp;gt; db.runCommand(&lt;/p&gt;
{getCmdLineOpts:1}
&lt;p&gt;);&lt;/p&gt;
{ &quot;errmsg&quot; : &quot;access denied; use admin db&quot;, &quot;ok&quot; : 0 }
&lt;p&gt;&amp;gt; use admin&lt;br/&gt;
switched to db admin&lt;br/&gt;
&amp;gt; db.runCommand(&lt;/p&gt;
{getCmdLineOpts:1}
&lt;p&gt;);&lt;br/&gt;
{&lt;br/&gt;
        &quot;argv&quot; : [&lt;br/&gt;
                &quot;C:\\cygwin\\home\\cwestin\\mongo&lt;br class=&quot;atl-forced-newline&quot; /&gt;mongod.exe&quot;,&lt;br/&gt;
                &quot;--config&quot;,&lt;br/&gt;
                &quot;../sandbox/mongodb.conf&quot;&lt;br/&gt;
        ],&lt;br/&gt;
        &quot;parsed&quot; : &lt;/p&gt;
{
                &quot;auth&quot; : &quot;true&quot;,
                &quot;config&quot; : &quot;../sandbox/mongodb.conf&quot;,
                &quot;dbpath&quot; : &quot;c:/cygwin/home/cwestin/sandbox/dbfiles&quot;,
                &quot;directoryperdb&quot; : &quot;true&quot;,
                &quot;logappend&quot; : &quot;true&quot;,
                &quot;logpath&quot; : &quot;c:/cygwin/home/cwestin/sandbox/mongodb.log&quot;,
                &quot;rest&quot; : &quot;true&quot;
        }
&lt;p&gt;,&lt;br/&gt;
        &quot;ok&quot; : 1&lt;br/&gt;
}&lt;br/&gt;
&amp;gt;&lt;/p&gt;

&lt;p&gt;I used getCmdLineOpts to verify that auth is indeed on.  But you can see that I can still insert and query against this database without authenticating.&lt;/p&gt;
</description>
                <environment></environment>
        <key id="30398">SERVER-4933</key>
            <summary>auth not working at all</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="randolph@mongodb.com">Randolph Tan</assignee>
                                    <reporter username="cwestin">Chris Westin</reporter>
                        <labels>
                    </labels>
                <created>Fri, 10 Feb 2012 23:53:59 +0000</created>
                <updated>Fri, 30 Mar 2012 14:27:03 +0000</updated>
                            <resolved>Wed, 15 Feb 2012 15:18:51 +0000</resolved>
                                    <version>2.1.0</version>
                                                    <component>Security</component>
                                        <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="88640" author="renctan" created="Wed, 15 Feb 2012 15:18:51 +0000"  >&lt;p&gt;Auth will only work if you have at least one user in the admin database.&lt;/p&gt;</comment>
                            <comment id="88639" author="renctan" created="Wed, 15 Feb 2012 15:17:45 +0000"  >&lt;p&gt;I added the following note just right after the &quot;or add the first user from the localhost interface&quot; to make it clearer what it means:&lt;/p&gt;

&lt;p&gt;(you cannot add the first user from a connection that is not local with respect to mongod)&lt;/p&gt;</comment>
                            <comment id="87970" author="renctan" created="Mon, 13 Feb 2012 19:18:41 +0000"  >&lt;p&gt;As I read the docs again entirely, it did mention that you have to have an admin user (with the must in bold &lt;img class=&quot;emoticon&quot; src=&quot;https://jira.mongodb.org/images/icons/emoticons/smile.png&quot; height=&quot;16&quot; width=&quot;16&quot; align=&quot;absmiddle&quot; alt=&quot;&quot; border=&quot;0&quot;/&gt;):&lt;/p&gt;

&lt;p&gt;&quot;You must either have added a user to the admin db before starting the server with authentication, or add the first user from the localhost interface.&quot;&lt;/p&gt;

&lt;p&gt;The phrase &quot;the first user from the localhost interface&quot; was not clear to me at first and I have to ask Mathias what it really means.&lt;/p&gt;</comment>
                            <comment id="87953" author="cwestin" created="Mon, 13 Feb 2012 18:33:03 +0000"  >&lt;p&gt;No, I didn&apos;t create an admin user.  The screen cap above shows everything I did.  If having an admin user is required, perhaps the docs need to be fixed.&lt;/p&gt;</comment>
                            <comment id="87880" author="renctan" created="Mon, 13 Feb 2012 16:00:46 +0000"  >&lt;p&gt;Hi Chris,&lt;/p&gt;

&lt;p&gt;Did you have an admin user when you tried doing this? I was able to reproduce this only when I don&apos;t have an admin user. The docs didn&apos;t mention explicitly that you need to have an admin user to have authentication activated but I was told before that you need to do so. I am not sure if that is by design since this was not mentioned in the docs at all (the creation of admin user was, however, included in the step-by-step tutorial).&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>5.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Mon, 13 Feb 2012 16:00:46 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        12 years, 1 week ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>ian@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            12 years, 1 week ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10000" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Old_Backport</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10000"><![CDATA[No]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10032" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Operating System</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10026"><![CDATA[ALL]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>cwestin</customfieldvalue>
            <customfieldvalue>randolph@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrodrj:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrityn:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>23507</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hs9w0v:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>