Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Graylog cannot authenticate on MongoDB if password contains the sign + #5680

Closed
frantz45 opened this Issue Feb 13, 2019 · 3 comments

Comments

Projects
None yet
4 participants
@frantz45
Copy link

frantz45 commented Feb 13, 2019

Expected Behavior

Graylog should authenticate on MongoDB

Current Behavior

Graylog does not authenticate on MongoDB

Possible Solution

Choose a password without the sign +

Steps to Reproduce (for bugs)

  1. Enable authentication on MongoDB
  2. Restart MongoDB service
  3. Create a MongoDB user with the sign + in the password
  4. Configure mongodb_uri = mongodb://grayloguser:secret+@localhost:27017/graylog
  5. Restart Graylog
  6. Graylog's logs (server.log) say "Authentication failed on MongoDB error code 18"
  7. Try to connect to MongoDB from bash with the same mongodb_uri and it works:
    mongo mongodb://grayloguser:secret+@localhost:27017/graylog

MongoDB doc does not say the sign + needs to be encoded:
If the username or password includes the at sign @, colon :, slash /, or the percent sign % character, use percent encoding.
https://docs.mongodb.com/manual/reference/connection-string/

Context

Puppet automatically chooses a password for the graylog MongoDB user. + was in the charset used.

Your Environment

  • Graylog Version: 2.4.6
  • Elasticsearch Version: 5.6
  • MongoDB Version: 3.6.6
  • Operating System: CentOS 7
  • Browser version: Firefox ESR

@mariussturm mariussturm referenced this issue Feb 28, 2019

Closed

Update mongodb-driver version to 3.10.1 #5736

4 of 9 tasks complete
@mariussturm

This comment has been minimized.

Copy link
Member

mariussturm commented Feb 28, 2019

Hi @frantz45,
thanks for the report! This is a bug in the mongodb library version we use for 3.0. The issue was already fixed upstream here: mongodb/mongo-java-driver@4a44f05
I have created a PR to get this into Graylog 3.0.1 #5736

@mariussturm mariussturm self-assigned this Feb 28, 2019

@mariussturm

This comment has been minimized.

Copy link
Member

mariussturm commented Mar 12, 2019

@frantz45 unfortunately we can't jump easily to a more recent mongo-java-driver version. For now the user needs to escape plus signs by hand with this string: %2B.

We will add this to the examples in the default configuration.

bernd added a commit that referenced this issue Mar 22, 2019

kmerz added a commit that referenced this issue Mar 26, 2019

@bernd

This comment has been minimized.

Copy link
Member

bernd commented Mar 26, 2019

Since we have a (documented #5795) workaround now, I will close this ticket. The underlying issue is not fixed, but will be fixed once we update the MongoDB driver.

@bernd bernd closed this Mar 26, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.