You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fixed the problem: the user was not created for Mongodb 4.x
When creating a user, a password hash is used and the "digestPassword" option is set to "false". By default in Mongodb 4.x the parameter "mechanisms" is set to ["SCRAM-SHA-1","SCRAM-SHA-256"], but according to the documentation (https://docs.mongodb.com/manual/reference/command/createUser/ ) for SCRAM-SHA-256 "digestPassword" cannot be "false".
Example:
$ mongo admin --quiet --host 127.0.0.1:27017 --eval "load('/root/.mongorc.js'); db.runCommand({\"createUser\":\"test\",\"pwd\":\"398fefcb5925a718fd0c812bbeb7e101\",\"customData\":{\"createdBy\":\"Puppet Mongodb_user['test']\"},\"roles\":[\"clusterMonitor\"],\"digestPassword\":false})"
output:
{
"ok" : 0,
"errmsg" : "Use of SCRAM-SHA-256 requires undigested passwords",
"code" : 2,
"codeName" : "BadValue"
}
If you remove SCRAM-SHA-256, it works correctly:
$ mongo admin --quiet --host 127.0.0.1:27017 --eval "load('/root/.mongorc.js'); db.runCommand({\"createUser\":\"test\",\"pwd\":\"398fefcb5925a718fd0c812bbeb7e101\",\"customData\":{\"createdBy\":\"Puppet Mongodb_user['test']\"},\"roles\":[\"clusterMonitor\"],\"digestPassword\":false, \"mechanisms\":[\"SCRAM-SHA-1\"]})"
output:
{ "ok" : 1 }
Thus, you need to add SCRAM-SHA-256 support, not use "password_hash" and set digestPassword to "true", or just use SCRAM-SHA-1, which seemed to me the simplest solution, which does not require global changes.
0 commit comments