Uploaded image for project: 'Node.js Driver'
  1. Node.js Driver
  2. NODE-478

Cannot db.authenticate with Multiple mongos in Seed URI (SCRAM-SHA-1)

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Critical - P2 Critical - P2
    • 2.0.34
    • Affects Version/s: 2.0.33
    • Component/s: None
    • Environment:
      CentOS 6.6
      node v0.10.38
      mongodb db version v3.0.3, git version: b40106b36eecd1b4407eb1ad1af6bc60593c6105, OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013

      Given the connection URL mongodb://127.0.0.1:27017,127.0.0.1:27016/thing where 127.0.0.1:2701[6,7] are mongos instances, after successfully connecting, when attempting to authenticate, the callback of db.authenticate is never received or a MongoError: could not authenticate error is thrown (both results have been witnessed).

      Stack trace of thrown error:

      /tmp/mdblogin/node_modules/mongodb/lib/utils.js:97
          process.nextTick(function() { throw err; });
                                              ^
      MongoError: could not authenticate
          at /tmp/mdblogin/node_modules/mongodb/node_modules/mongodb-core/lib/topologies/server.js:1053:28
          at ScramSHA1.auth (/tmp/mdblogin/node_modules/mongodb/node_modules/mongodb-core/lib/auth/scram.js:108:25)
          at Server.auth (/tmp/mdblogin/node_modules/mongodb/node_modules/mongodb-core/lib/topologies/server.js:1058:40)
          at Mongos.auth (/tmp/mdblogin/node_modules/mongodb/node_modules/mongodb-core/lib/topologies/mongos.js:620:17)
          at Mongos.auth (/tmp/mdblogin/node_modules/mongodb/lib/mongos.js:364:22)
          at Db.authenticate (/tmp/mdblogin/node_modules/mongodb/lib/db.js:1115:21)
          at /tmp/mdblogin/index.js:11:5
          at /tmp/mdblogin/node_modules/mongodb/lib/mongo_client.js:403:11
          at process._tickCallback (node.js:448:13)
      

      When using a single mongos in the connection string, connecting and authenticating is successful and quick, i.e. mongodb://127.0.0.1:27017/thing.

      I can reproduce this with the following service topology:

      They are started with the following:

      Unable to find source-code formatter for language: shell. Available languages are: actionscript, ada, applescript, bash, c, c#, c++, cpp, css, erlang, go, groovy, haskell, html, java, javascript, js, json, lua, none, nyan, objc, perl, php, python, r, rainbow, ruby, scala, sh, sql, swift, visualbasic, xml, yaml
      #!/bin/bash
      mongod -f mongod.conf;
      mongod -f mongoc.conf;
      sleep 5;
      mongos -f mongos0.conf;
      mongos -f mongos1.conf;
      

      Setup notes:

      • mongod shardsvr is the only shard sh.addShard('127.0.0.1:27018');
      • running in auth mode with default SCRAM-SHA-1 auth method

      The following users exist (root is on configsvr/mongos and mongod; username is on thing database only):

      use admin;
      db.createUser({
      	user: 'root',
      	pwd: 'root',
      	roles: ['root','restore']
      });
      
      use thing;
      db.createUser({
      	user: 'username',
      	pwd: 'password',
      	roles: [
      		{role:'readWrite',db:'thing'},
      		{role:'dbAdmin',db:'thing'},
      	]
      });
      

      I have attached a script test.js that illustrates this behavior.

      This type of connection string worked successfully in driver version 1.4. I have not tested on anything other than CentOS.

      AFAIK, there is no workaround. I'm not sure how to add more than one mongos to the connection string in order to satisfy redundancy and resiliancy requirements.

        1. test.js
          0.9 kB
        2. mongos1.conf
          0.4 kB
        3. mongos0.conf
          0.4 kB
        4. mongod.conf
          0.8 kB
        5. mongoc.conf
          0.8 kB

            Assignee:
            christkv Christian Amor Kvalheim
            Reporter:
            zammit.andrew@gmail.com Andrew Zammit
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: