-
Type: Bug
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: 1.21.2, 1.22.0
-
Component/s: Compass, Connectivity
-
Not Needed
-
Iteration Huckleberry, Iteration Lime, Iteration Maracuja
MongoDB Shell works under the same user:
$ KRB5_TRACE=/dev/stdout mongo --host rhel-73.acme.qa -u Administrator@ACME.QA --authenticationMechanism GSSAPI --authenticationDatabase '$external' --gssapiServiceName mongodbenterprise --eval 'db.runCommand({connectionStatus:1}).authInfo.authenticatedUsers[0]' MongoDB shell version v4.2.6 connecting to: mongodb://rhel-73.acme.qa:27017/?authMechanism=GSSAPI&authSource=%24external&compressors=disabled&gssapiServiceName=mongodbenterprise [20086] 1591207829.121207: ccselect module realm chose cache FILE:/tmp/krb5cc_1000 with client principal Administrator@ACME.QA for server principal mongodbenterprise/rhel-73.acme.qa@ACME.QA [20086] 1591207829.121208: Getting credentials Administrator@ACME.QA -> mongodbenterprise/rhel-73.acme.qa@ACME.QA using ccache FILE:/tmp/krb5cc_1000 [20086] 1591207829.121209: Retrieving Administrator@ACME.QA -> mongodbenterprise/rhel-73.acme.qa@ACME.QA from FILE:/tmp/krb5cc_1000 with result: 0/Success [20086] 1591207829.121211: Creating authenticator for Administrator@ACME.QA -> mongodbenterprise/rhel-73.acme.qa@ACME.QA, seqnum 372782601, subkey rc4-hmac/1834, session key rc4-hmac/8392 [20086] 1591207829.121212: Negotiating for enctypes in authenticator: aes256-cts, aes128-cts, aes256-sha2, aes128-sha2, des3-cbc-sha1, rc4-hmac, camellia128-cts, camellia256-cts [20086] 1591207829.121217: Read AP-REP, time 1591207830.121213, subkey aes256-cts/5014, seqnum 201794735 Implicit session: session { "id" : UUID("4831e6be-d20c-486b-b36f-dfd7a1a457fc") } MongoDB server version: 4.2.6 { "user" : "Administrator@ACME.QA", "db" : "$external" }
MongoDB Compass fails using the same settings (see the attached screenshot).