0

What I am trying to do:

  1. I want to have my schema require a log in to order to gain access

    • From my understanding, you must first use the --auth flag to enable authorization. When I do this in the compass shell, it says auth is not recognized/defined

  2. I want to be able to create new users with different sets of permissions

    • Neither of the create user commands listed below work for me

My suspicions on the issue:

I think the reason I am struggling might be because I am on a local host connection provided by the MongoDB compass. I am new to MongoDB and am just practicing. My connection URI is mongodb://localhost:27017

Things I have tried:

  1. Using the advanced connection options in compass GUI

  2. Running the below in test and admin

// running: 
--auth

db.auth()

db.createUser({user: "max", pwd: "max", roles: ["userAdminAnyDatabase"]})

db.createUser({
user: "max",
pwd: "max",
roles: [{role: "userAdminAnyDatabase", db: "admin"}, {"readWriteAnyDatabase"}]
})

The create functions give this error:

clone(t={}){const r=t.loc||{};return e({loc:new Position("line"in r?r.line:this.loc.line,"column"in r?r.column:...<omitted>...)} could not be cloned.
Wayne
  • 660
  • 6
  • 16
  • Sorry, what's the problem that you are facing? Note also that the terminal at the bottom of Compass _is_ the MongoDB shell (which I believe is what you mean when referring to the "_mongod terminal_"). Also to confirm, the `mongod` process you are connecting to is running on your local machine, or are you connecting to an Atlas cluster? – user20042973 Sep 30 '22 at 16:06
  • I am trying to set up authentication. I do not believe it's connected to atlas, I believe it is all just stored locally. Should I reword my question? "All I am trying to do is make it so that users need to validate before accessing the DB and users will have different permissions. (Please note I am on localhost if that is the issue I can't find anything that says that)" – Wayne Sep 30 '22 at 17:25
  • the mongod terminal is something different. It used to be installed with MongoDB, but no longer is by default. All the videos I see are old and working in the mongod terminal not the MongoDB compass shell – Wayne Sep 30 '22 at 17:32

1 Answers1

1

I'm going to attempt an answer based on the discussion in the comments. There are definitely still some things that I am not clear on, so please do add additional details to help clarify.

the mongod terminal is something different. It used to be installed with MongoDB, but no longer is by default. All the videos I see are old and working in the mongod terminal not the MongoDB compass shell

You are correct that the earlier shell (mongo) that used to ship with the database no longer does. It has been replaced with a newer one (mongosh) which is still functionally mostly the same, but with some additional expanded capabilities. You can mostly still use the older shell to connect to MongoDB though there really shouldn't be any reason for doing so.

It is the newer mongosh utility that is now bundled with Compass.

You can see here that the db.createUser() method is included as one of the mongosh Methods in the navigation on the left side of the page. So that method and functionality should be present in this newer shell.

I believe it is all just stored locally.

This comment doesn't really make sense. It's true that MongoDB credentials are stored by the cluster itself so it is "local" in that regard. But nothing is going to be stored outside of that such as in Compass or on your local machine.

I do not believe it's connected to atlas

What are the actual connection settings you used when opening Compass to connect to a system?

To get back to the original request, what is the actual outcome that you are seeing when running those commands? Are you getting an error message or?

Knowing that would allow us to troubleshoot further. If you do happen to be running these commands against an Atlas cluster and seeing that the users don't exist shortly after doing so, then you will want to use the Atlas interface instead.

Edit

Based on the updated question, it seems part of the confusion is around what and where to run some commands.

Working backwards, the specific error that you mention is caused by a syntax error. In your array of roles the second entry should either just be a string or a fully-formed object. So try changing

roles: [{role: "userAdminAnyDatabase", db: "admin"}, {"readWriteAnyDatabase"}]

to

roles: [{role: "userAdminAnyDatabase", db: "admin"}, {role:"readWriteAnyDatabase",db:"admin"}]

Also I see now that you seem to be adding the --auth flag to the commands that are being run in the shell. This is incorrect. Rather that is a parameter that is included when you start the mongod process, see here. You can still create users without mongod enforcing authentication, but you'll want to restart the mongod process itself with the right configuration (eg with --auth) to actually prevent users from interacting with the data without properly authenticating.

user20042973
  • 4,096
  • 2
  • 3
  • 14
  • I am going to revise the whole question but in the meantime. I am not connected to an atlas database I am just practicing on a localhost connection through the mongoDB compass. I am sorry my question is poorly worded I will try and do better. – Wayne Sep 30 '22 at 18:10
  • 1
    No worries at all - there's a lot to unpack here. What I am most curious about is the specific behavior/errors you get when calling the `db.createUser()` commands – user20042973 Sep 30 '22 at 18:19
  • I have updated my question I hope it is significantly better – Wayne Sep 30 '22 at 18:27
  • Very helpful, added on to my answer in response. – user20042973 Sep 30 '22 at 19:01
  • What do you mean when you say that I will want to restart the mongod process itself? And thank you very much for taking the time – Wayne Sep 30 '22 at 19:03
  • I was able to make a new user however after doing what I believe you meant by restarting the local host instance. It allows you to make queries without signing in. – Wayne Sep 30 '22 at 19:08
  • 2
    If you run `db.adminCommand("getCmdLineOpts")` in the shell it will reveal how the `mongod` is configured to run. It'll need to have some auth stuff. Also be aware of [Localhost Exception](https://www.mongodb.com/docs/manual/core/localhost-exception/) that might be influencing your tests. Also, [here is the tutorial to configure SCRAM authentication](https://www.mongodb.com/docs/manual/tutorial/configure-scram-client-authentication/) which is basically covers what you are trying to do. – user20042973 Sep 30 '22 at 19:14
  • Awesome thank you so much, you're a life saver! If I was doing this on a production database that was hosted on Atlas, I would just do all of these steps through Atlas? Or would I do the same steps in compass and that would transfer over to Atlas? – Wayne Sep 30 '22 at 19:27
  • 1
    You do not do ANY of this with Atlas. Atlas manages the cluster (including starting it with authentication). User management for Atlas clusters is described in the link in my answer just before the edited addendum. Cheers! – user20042973 Sep 30 '22 at 19:29
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/248485/discussion-between-wayne-and-user20042973). – Wayne Sep 30 '22 at 19:57