Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for SCRAM-SHA-1 authentication (MongoDB 3.0+) #766

Closed
stennie opened this issue Feb 26, 2015 · 63 comments

Comments

@stennie
Copy link
Contributor

commented Feb 26, 2015

Related to #520 (updating the shell to 3.0), but adding here as an explicit placeholder for those searching.

Until this issue is resolved, Robomongo only supports users created with the older MONGODB-CR authentication.

Impact is:

  • users migrated from previous versions of MongoDB to 3.0 will still be able to authenticate
  • new users created in MongoDB 3.0 with SCRAM-SHA-1 authentication will not be able to authenticate

@stennie stennie added the enhancement label Feb 26, 2015

@stennie stennie added this to the Robomongo 0.9.0 milestone Feb 26, 2015

@dstrickland67

This comment has been minimized.

Copy link

commented Feb 27, 2015

You talked about a fork before christmas. Any idea of the status?

@stennie

This comment has been minimized.

Copy link
Contributor Author

commented Mar 13, 2015

@dstrickland-mdl Sorry, missed notification on your comment here.

Have finally had some time & tuits to get the 0.8.5 releases packaged this week, so getting that out of the way in order to focus on 0.9.0 release with MongoDB 3.0 changes. I hadn't built all of the release packages before, but now have the environments set up so the next round will be much less painful :).

I have to cleanup & rebase my WIP for 3.0, but have rough code integration done (client & shell updates). I'll definitely be looking for testers as this is the most significant amount of code change in a long while.

If you'd like to help sanity check the 0.8.5 release, I've created issues with preview packages linked. Unfortunately 0.8.5 doesn't include any 3.0 changes, but there have been a lot of other improvements: https://github.com/paralect/robomongo/blob/master/whats-new.txt.

@stennie stennie self-assigned this Mar 18, 2015

@stennie

This comment has been minimized.

Copy link
Contributor Author

commented Mar 29, 2015

A workaround of downgrading authentication has been noted elsewhere (although it only addresses MongoDB 3.0 auth compatibility, not WiredTiger support). Best practice would be to use updated drivers and tools with full compatibility.

You can downgrade the authSchema using:

// Use MongoDB 2.6 auth schema (default auth mechanism: MONGODB-CR)
use admin;
db.system.version.save({ "_id" : "authSchema", "currentVersion" : 3 })

Any users created should now use the older MONGODB-CR authentication.

NOTE: This won't change the credentials for any existing users, so you will need to change their passwords.

To find users with SCRAM-SHA-1 auth:

use admin;
db.system.users.find({ "credentials.SCRAM-SHA-1" : { $exists: true}}, { user: 1, db: 1})

To find users with the older MONGODB-CR auth:

use admin;
db.system.users.find({ "credentials.MONGODB-CR" : { $exists: true}}, { user: 1, db: 1})
@ghost

This comment has been minimized.

Copy link

commented Jun 17, 2015

Could we get a backport for this once it's fixed before the 0.9 release? This is a major roadblock for me right now.

@tim-to

This comment has been minimized.

Copy link

commented Jun 17, 2015

I switched to use mongochef instead of waiting

 On Wednesday, June 17, 2015 9:13 AM, csimonadorf <notifications@github.com> wrote:

Could we get a backport for this once it's fixed before the 0.9 release? This is a major roadblock for me right now.—
Reply to this email directly or view it on GitHub.

@iboxgithub

This comment has been minimized.

Copy link

commented Jun 23, 2015

+1 this will be useful =)

@albsala

This comment has been minimized.

Copy link

commented Jun 29, 2015

+1 and thanks for the workaround

@brifordwylie

This comment has been minimized.

Copy link

commented Jul 9, 2015

+1

1 similar comment
@joelkim

This comment has been minimized.

Copy link

commented Jul 12, 2015

+1

@mirchow

This comment has been minimized.

Copy link

commented Jul 18, 2015

A backport of support SCRAM-SHA-1 would indeed be so welcome, as we upgraded databases and cannot use this tool anymore. Any ETA on 0.9 release btw? Thanks

@jdarling

This comment has been minimized.

Copy link

commented Jul 24, 2015

Any word on a fix for this? We are migrating to MongoDB 3.0.4 and this is stopping us from using RoboMongo to work against the cluster.

@waelrammo

This comment has been minimized.

Copy link

commented Jul 31, 2015

+1

@hossein

This comment has been minimized.

Copy link

commented Aug 2, 2015

Can I ask if this is checked in into your repo yet?

If you at least push the 0.9 beta sources someone would be interested to backport it.

Please take into account people's interest on this bug vs other topics, as well as vote count on this StackOverflow question.

@narzero

This comment has been minimized.

Copy link

commented Aug 4, 2015

+1

1 similar comment
@jamesabbottsmith

This comment has been minimized.

Copy link

commented Aug 6, 2015

+1

@mattisx

This comment has been minimized.

Copy link

commented Aug 12, 2015

+1! <3

@men232

This comment has been minimized.

Copy link

commented Aug 14, 2015

+1

7 similar comments
@ghost

This comment has been minimized.

Copy link

commented Aug 24, 2015

+1

@ajutras

This comment has been minimized.

Copy link

commented Aug 30, 2015

+1

@moattarwork

This comment has been minimized.

Copy link

commented Sep 1, 2015

+1

@valencianok

This comment has been minimized.

Copy link

commented Sep 2, 2015

+1

@lukaszpaczos

This comment has been minimized.

Copy link

commented Sep 2, 2015

+1

@gregcarlin

This comment has been minimized.

Copy link

commented Sep 3, 2015

+1

@manikandants

This comment has been minimized.

Copy link

commented Sep 7, 2015

👍

@fariza

This comment has been minimized.

Copy link

commented Oct 14, 2015

+1

5 similar comments
@harrylaou

This comment has been minimized.

Copy link

commented Oct 14, 2015

+1

@gizmo410

This comment has been minimized.

Copy link

commented Oct 16, 2015

+1

@LNWPOR

This comment has been minimized.

Copy link

commented Oct 16, 2015

+1

@Scarysize

This comment has been minimized.

Copy link

commented Oct 17, 2015

+1

@moconnell

This comment has been minimized.

Copy link

commented Nov 6, 2015

+1

@stennie stennie removed their assignment Nov 6, 2015

@pbozzi

This comment has been minimized.

Copy link

commented Nov 7, 2015

+1

6 similar comments
@sauron918

This comment has been minimized.

Copy link

commented Nov 15, 2015

+1

@tiagocpontesp

This comment has been minimized.

Copy link

commented Nov 17, 2015

+1

@mariobaldini

This comment has been minimized.

Copy link

commented Nov 24, 2015

+1

@georgiosd

This comment has been minimized.

Copy link

commented Nov 25, 2015

+1

@pritamkarmakar

This comment has been minimized.

Copy link

commented Nov 28, 2015

+1

@AddoSolutions

This comment has been minimized.

Copy link

commented Dec 15, 2015

+1

@jamesabbottsmith

This comment has been minimized.

Copy link

commented Dec 16, 2015

I still think Robomongo is a great product and wish this issue was resolved.

Mongo has recently released Compass which seems to do a similar job though (with a few extra features). I haven't used it extensively but it may be worth checking out.

https://www.mongodb.com/products/compass

@bench

This comment has been minimized.

Copy link

commented Dec 21, 2015

+1

6 similar comments
@bdiegel

This comment has been minimized.

Copy link

commented Dec 28, 2015

+1

@baldiri

This comment has been minimized.

Copy link

commented Dec 29, 2015

+1

@bdipak

This comment has been minimized.

Copy link

commented Jan 11, 2016

+1

@tomchomiak

This comment has been minimized.

Copy link

commented Jan 15, 2016

+1

@thirdy

This comment has been minimized.

Copy link

commented Jan 18, 2016

+1

@lianyi

This comment has been minimized.

Copy link

commented Jan 19, 2016

+1

@anorsich

This comment has been minimized.

Copy link
Contributor

commented Feb 1, 2016

@lianyi @thirdy @tomchomiak I have awesome news for all of you. Latest Robomongo release 0.9.0 RC4 supports SCAM-SHA-1/MONGODB-CR authentications. You can select proper authentication from dropdown when creating connection to the mongodb. Let us know if work for you. Feel free to reopen this ticket if it does not.

@anorsich anorsich closed this Feb 1, 2016

@manikandants

This comment has been minimized.

Copy link

commented Feb 9, 2016

Thanks 👍 working great!!! Back to Robomongo..

@anorsich

This comment has been minimized.

Copy link
Contributor

commented Feb 9, 2016

@manikandants Awesome! (dancing)

@tomchomiak

This comment has been minimized.

Copy link

commented Apr 26, 2016

woo-hoo!

@dharshanr

This comment has been minimized.

Copy link

commented May 24, 2016

Will this work in a sharded cluster since db.system.version is not writable?

@juliashibalko juliashibalko self-assigned this Jun 16, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
You can’t perform that action at this time.