I am unable to authenticate mongodb remotely. I'm running MongoDB 3.0.0 provided by the DigitalOcean One-Click installer, and I can't seem to set up authentication properly.
I have 1 database called wbio_production. I followed mongodb docs tutorials as best as I could. When I execute:
> db.auth("siteUserAdmin","MYPASSWORD")
1
> db.getUsers()
The output of that is:
{
"_id" : "admin.siteUserAdmin",
"user" : "siteUserAdmin",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
And when I switch to the wbio_production database and perform the same getUsers():
> use wbio_production
switched to db wbio_production
> db.getUsers()
[
{
"_id" : "wbio_production.herokuUser",
"user" : "herokuUser",
"db" : "wbio_production",
"roles" : [
{
"role" : "userAdmin",
"db" : "wbio_production"
},
{
"role" : "readWrite",
"db" : "wbio_production"
}
]
}
]
When I fill out the connection form in Robomongo however, it cannot successfully connect to the database. Authorization always fails, however it does successfully connect to the database.
I have tried the following combinations of using the users above:
DB: Admin, User: siteUserAdmin
DB: Admin, User: herokuUser
DB: wbio_production, User: siteUserAdmin
DB: wbio_production, User: herokuUser
All of them wind up with some output coming back in the heroku logs similar:
failed with error 13: "not authorized for query on
wbio_production.mongoid_forums_forums"
I have tried reinstalling mongodb, recreating users based off different tutorials, and just trying different peoples explanations. I've spent about 5 hours now looking for a solution to my issue, and now I must turn to SO for your advice. I'm sure this is a simple error on my part that I am not understanding from the docs or something I am continuously missing in the set up.
What must I do to get a secured and functional MongoDB server? Thanks!
You need to configure mongod with its binding so clients can connect remotely.
bind_ip = 0.0.0.0
Robomongo authentication does not work with MongoDB 3+. I recommend switching over to MongoChef. http://3t.io/mongochef/. I highly recommend it, as it contains MANY more capabilities than Robomongo does.
Another thing to keep in the back of your mind...
If you are also using Mongoid, it is currently undergoing a large rewrite. Mongoid 5 will drop Moped https://www.mongodb.com/blog/post/announcing-ruby-driver-20-rewrite.
Take a look at my other answer on what to do if you are using Mongoid 4 with MongoDB 3+. Rails Mongoid fails to authenticate - failed with error 13: "not authorized for query on my_db.my_collection"
Related
I am trying to follow this youtube tutorial.
I am getting stuck at inserting the first piece of data. Ania demonstrates it at 20.46 as follows:
mutation insertGenres {
action: insertreference_list(value: {label: "genre", value: "action"}) {
value{
value
},
}
When I try this, I get an error that says:
{
"errors": [
{
"message": "Validation error of type FieldUndefined: Field 'insertreference_list' in type 'Mutation' is undefined # 'insertreference_list'",
"locations": [
{
"line": 2,
"column": 3
}
],
"extensions": {
"classification": "ValidationError"
}
}
]
}
When I google the error, a lot of responses tell people to use mutations instead of queries - but I've started from a mutation. I would like to know how to resolve the error, but I'd also like to find the skills to improve my search strategy for finding answers.
When I look at the documentation for using GraphQL with DataStax, I see a different format to the write structure, which is as follows:
insertbook(value: bookInput!, ifNotExists: Boolean, options:
UpdateOptions): bookMutationResult
It has a colon and a fragment of text after it. It also explicitly states the ifNotExists: Boolean and options. I don't know if there may have been a change to how to use DataStax since the time Ania recorded the tutorial that means it is no longer a current demonstration of how to use the tool, or if there is an answer for this and I just haven't found it yet.
You didn't provide details of how you've configured your Astra DB for Ania's Netflix Clone tutorial so I'm going to assume that you've named your keyspace as netflix.
It seems as though you haven't followed the instructions correctly and have missed steps. I can replicate the error you reported if I skip at least one of the steps in the tutorial.
In step 5 of the tutorial, you needed to do the following:
✅ In graphQL playground, change tab to now use graphql. Edit the end of the URl to change from system to the name of your keyspace: netflix
✅ Populate HTTP HEADER variable x-cassandra-token on the bottom of the page with your token as shown below (again !! yes this is not the same tab)
Switch tabs
In order to insert data, you need to switch to the graphql tab.
If you try to insert the data in the graphql-schema tab, you will get the error you reported.
Set keyspace
You need to update the URI of your GraphQL playground in the graphql tab to use the keyspace name netflix instead of system. For example:
https://db_id-us-west1.apps.astra.datastax.com/api/graphql/system
change to:
https://db_id-us-west1.apps.astra.datastax.com/api/graphql/netflix
If you try to insert data into the system keyspace, you will get the error you reported because the reference_list table does not exist in that keyspace. Cheers!
I've deployed the vanilla CouchDB Docker container, tag "latest" on DigitalOcean's App Platform.
I set the admin user using environment variables and I successfully were able to curl to the database server on https port 443, not 5984 as a raw install. Then I created the system databases as outlined in the docker documentation.
The initial load of the Fauxton UI worked (using _utils), however login fails on an UI level. The login form submits the form with name/password, CouchDB replies with:
{
"ok":true,
"name":"couchadmin",
"roles":[
"_admin"
]
}
A toast appears "You have been logged in", the AuthSession cookies gets set, but Fauxton won't let me access any function, just redirects to the login page again.
What do I miss?
Update
Checked the network tab again, there's more going on:
POST to _session, result as above
GET tp _session, result:
{"ok":true,"userCtx":{"name":null,"roles":[]},"info":{"authentication_handlers":["cookie","default"]}}
name and roles are null/empty. Then GET repeats a final time with the same result
** Update 2 **
When I query _session?basic=true I get a proper response:
{
ok: true,
userCtx: {
name: "couchadmin",
roles: [
"_admin",
"user",
"admin"
]
},
info: {
authentication_handlers: [
"cookie",
"default"
],
authenticated: "cookie"
}
}
Looks like the session cookie is eaten somewhere along the line.
In your first POST to _SESSION, can you check what response headers you get and whether it includes a session cookie?
Turns out that the cookie is eaten somewhere in the bowels of the DigitalOcean App platform. I redeployed a CouchDB Droplet instead of an app and everything works as expected.
This also solved the (not yet tackled) need of storage persistence. An app is epidermal, while a droplet retains data (still need to backup) with attached block storage.
am getting this error message
{
"code": "Neo.TransientError.Database.DatabaseUnavailable",
"message": "Requested database is not available. Requested database name: 'graph.db'."
}
while sending a request through rest API, with this statement
{
"statements" : [ {
"statement" : "CREATE (n) RETURN id(n)"
} ]
}
I'm guessing you probably don't have a database called graph.db. That is the name of the file system directory, not the database. Unless you've set up a database yourself, use neo4j, which is the default.
As Nigel said, it'll be because you don't have a graph by that name.
I ran into this issue recently, after upgrading from 3.5.3 to 4.1, and having to figure out some new behaviours (why yes, I have been living under a rock).
Read through the server's logs - it reports the database name while it's starting up. If you're using a Docker instance, as I am, docker logs <instance-id> is your friend.
I have a Rails application running on heroku and i am connecting at two dbs hosted in mongolab (X and Y).
I have configured two heroku env variables containing the connection strings.
When i query on Y all works fine but when i query on X db it gives me the error 16550 : "not authorized for query on X.table".
I have setted up correctly both env variables for these connections and also have a valid user to access X db.
If i connect with the shell all works fine.
How can i solve this?
Here is the error message in rails:
{"status":"500",
"error":"The operation: #<Moped::Protocol::Query\n #length=88\n #request_id=4\n #response_to=0\n
#op_code=2004\n #flags=[:slave_ok]\n
#full_collection_name=\"X.table\"\n
#skip=0\n #limit=0\n
#selector={\"_id\"=>\"5252c92521e4af681a000002\"}\n
#fields=nil>\n
failed with error 16550: \"not authorized for query on X.table\"\n\n
See https://github.com/mongodb/mongo/blob/master/docs/errors.md\nfor details about this error."}
I solved this, if someone comes here with the same problem : look at your table model, if as in my case it is "stored_in" another database you must specify there the session of the the uri = evn variables on datbase.yml
No matter what I do I cannot seem to get Ruby's Mongo driver to connect to a Replica Set. I've dug through all the tickets and SO questions on the subject and tried every combination of syntaxes. Ultimately, though, I've ended up just trying to use the driver API in the Rails console like so:
Mongo::ReplSetConnection.new(['db1.yada.to:27017', 'db2.yada.to:27017'], :read => :primary).db("yada_production")
But no matter what it always spits back, instantly:
Mongo::ConnectionFailure: Failed to connect to primary node.
When I log into the db servers and access mongo from there I see db1 is PRIMARY> while db2 is SECONDARY>
Additionally I can telnet over to the db servers from the application server on port 27017 just fine. Switching the connection back to a single server with Connection.new works without issue.
I am going insane. I originally was using Mongo ruby driver 1.4 + Rails 3.1 + Mongoid 2.3 + MongoDB 2.0.6 but am now upgraded to 1.6.2 + Rails 3.2 + 2.4.12 + 2.0.6 with the same issue.
I was originally using it with auth but I have turned auth off for now to simplify things.
Is this just totally broken? It seems like other people have had similar issues but none of the 'solutions' work for me. Anyone else out there have ideas?
I figured out my problem. My mongo replica set looks like this:
PRIMARY> rs.status()
{
"set" : "yada",
"date" : ISODate("2012-07-30T06:30:23Z"),
"myState" : 1,
"members" : [
{
"_id" : 0,
"name" : "YADAdb1:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"optime" : {
"t" : 1343627448000,
"i" : 2
},
"optimeDate" : ISODate("2012-07-30T05:50:48Z"),
"self" : true
},
{
"_id" : 1,
"name" : "db2.yada.to:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 16022,
"optime" : {
"t" : 1343627448000,
"i" : 2
},
"optimeDate" : ISODate("2012-07-30T05:50:48Z"),
"lastHeartbeat" : ISODate("2012-07-30T06:30:22Z"),
"pingMs" : 0
}
],
"ok" : 1
}
Notice that even though the FQDN of db1 is db1.yada.com, the node is initialized with its local hostname. It appears that you must use the exact name provided by rs.status() or connection will fail. This means if it isn't resolvable with DNS, you need to add it to your /etc/hosts on your connecting server. Once I did that the connection worked.
There was a response to this effect in the mongoid bugs, which I read, but I didn't fully understand what they were implying in the dialog. I assumed they only needed to modify /etc/hosts because there was no public DNS entry for the server. Now it makes sense that the exact name in Mongo is mandatory.