Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Authentication in mongoose using SCRAM-SHA-1

Tags:

mongoose

I recently upgraded from MongoDB 2.6 to 3.0.4 and also upgraded the Mongoose version to 4.0.0.

Now when ever i try to connect to mongo using mongoose:

mongoose.connect('mongodb://user:password@host:port/dbname')

On mongo logs i receive this message

SCRAM-SHA-1 authentication failed for user on dbname from client xxx.xxx.xxx.xxx

I checked in mongodb, the user exists in the admin. The command that i used is db.system.users.findOne({user:'user'})

The information returned by this statement contains SCRAM-SHA-1 information.

My question is how to specify SCRAM related information in mongoose while establishing connection. I read lots of articles, but failed to understand how its done

like image 989
sunitj Avatar asked Jul 14 '15 05:07

sunitj

People also ask

What is SCRAM SHA authentication?

Salted Challenge Response Authentication Mechanism (SCRAM) is a password-based mutual authentication protocol designed to make an eavesdropping attack (i.e. man-in-the-middle) more difficult.

Is SCRAM SHA-1 secure?

There are significant security concerns with that mechanism, which could be addressed by the use of a challenge response authentication mechanism protected by TLS." This means that implementing SCRAM with SHA-1 won't add any extra protection for passwords transmitted through TLS.

What authentication mechanisms are available in the community version of MongoDB?

In this guide, you can find sample code for connection to MongoDB with each authentication mechanism available in the MongoDB Community Edition: DEFAULT , SCRAM-SHA-256 , SCRAM-SHA-1 , MONGODB-CR , MONGODB-AWS , and X. 509 .

2 Answers

Found the solution, I didn't passed the authDatabase name, that's why the connection failed. Earlier i was using this

mongoose.connect('mongodb://user:password@host:port/dbname')

Now i used this

mongoose.connect('mongodb://user:password@host:port/dbname?authSource=dbWithUserCredentials')

Found this solution on Discussion thread of Mongoose itself

Edit:

Don't forget to replace dbWithUserCredentials with your own. In most cases dbWithUserCredentials would be admin. All the credentials for login like username, password are already specified in the parameter passed to mongoose.connect().

like image 126
sunitj Avatar answered Sep 18 '22 03:09

sunitj

I had a similar problem. It was fixed after updating mongoose to v4.1.11.

like image 34
YaTaras Avatar answered Sep 19 '22 03:09

YaTaras
Sign in to Comment

Related questions

Mongodb timestamp is very inaccurate - mongoose
Invalid value for schema Array path
How do update a specific field in mongoose?
Why doesn't MongoDB save my properties
how to update nested object of mongoose document for only provided keys
mongodb mongoose unit of maxDistance
Mongoose MongoDB: updating objects in a nested array
Find objects created in last week in mongo
How can convert string to date with mongo aggregation?
Update a record where _id = :id with Mongoose
Mongoose: doesn't put _id to embedded document
How to build a conditional query in Mongoose?
Node mongoose find query in loop not working
Mongoose connection events with createConnection
mongoose schema set max length for a String [duplicate]
MongoDB Error: Cannot use retryable writes with limit=0
How do I define a different primary key other than _id in Mongoose?
Why do my MongooseJS ObjectIds fail the equality test?
NodeJS - MongooseJS schema error that i cant figure out
Auto increment document number in Mongo / Mongoose

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!