New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MongoDB\Driver\Exception\AuthenticationException with no credentials? #966
Comments
We'll need at least two things to help make sense of this issue:
Lastly, I'll note that you're using version 1.6.0alpha1 of the driver. The most recent stable release is 1.5.3. I don't think that's relevant to your problem, as both versions happen to use the same versions of libmongoc (that will be bumped before the final 1.6.0 release); however, it's worth pointing this out and reminding you that any production application should stick to a stable release. |
Cross-referencing this with what I believe is a duplicate thread on the mongodb-user listserv: https://groups.google.com/d/msg/mongodb-user/nVyDeZqFVQM/FOOwkYZxAwAJ |
Here's my code in the controller (MVC):
Code for the open() function - regarding the MongoDB\Driver\Manager - is at https://github.com/yiisoft/yii2-mongodb/blob/7f8d9862ac6c133d63afda171860ca9b61563d27/src/Connection.php#L344. Stack Trace: (Full trace at https://app.box.com/s/u9rmr594nbrrec9yz9c1j6vh9fqoupbt - it was too long to copy-and-paste.)
I have switched to the stable version and can't remember why I used the alpha in the beginning. Do I need to download any extra libraries from |
It's something on the Yii end, not the php driver. I discovered that if I executed commands without the Yii mongodb extension (but with the php driver) things work fine. So I'm going to close this issue for now. |
To answer your previous question, libmongoc and libbson are bundled with the PECL extension and statically compiled by default. Windows users should only need the DLL file available for download on the PECL website. Linux and macOS users have the option of using libmongoc/libbson as system libraries via extra I'm not familiar with the This error code appears in various places within libmongoc, but it more often than not comes with a verbose error message generated by libmongoc. The string "Authentication failed." does not appear in either libmongoc or the PHP driver, so I assume it originates from the server. I found one occurrence of it in a constant definition within In both of those cases, there should be an accompanying message in the server log. Cross-referencing with that log message should reveal exactly which code point was reached. I'm not very familiar with the server internals, but I believe both of these paths would only be reached if a driver was authenticating with the server. Coming back to libmongoc, I looked up two places where the driver might actually use the
I think this is enough to conclude that the driver and server were certainly engaging in some authentication exchange. I believe there is also a clue in your connection string:
The When this string is parsed by Beyond that, I will open a libmongoc ticket to see if we can add some validation for this edge case and perhaps raise an error during URI parsing if the driver finds an empty string for the username. One other tool that might have provided some context here (at the expense of a lot of output) is the |
If it turns out that there isn't any valid use cases for empty credentials, it would be great if the driver would just skip the username and password fields (rather than throwing an exception, for example). That's what we are doing right now, although in our application code. if (empty($uriOptions['username'])) {
unset($uriOptions['username']);
unset($uriOptions['password']);
} The "replicaSet" option has the same problem, by the way, so if you do end up implementing a fix for the credential fields (and unless there is a valid use case for empty replica set names, of course), it would be great if you could implement the same fix for that field, as well. |
Edit |
@CathChen003: If you've configured the server to require authentication by creating users and assigning roles, then an exception would be expected when failing to provide credentials in the driver or any other client (e.g. Compass, shell). Your original post indicated that you were not intending to use authentication, which is why I concluded that the
@lindelius: I understand the desire to simply ignore an empty string, but I think raising an error would be more consistent if we conclude that an empty string is an invalid username. Likewise with an empty "replicaSet" option, raising an exception would clearly highlight to the user that their connection string or URI options are malformed. I'm not sure why your application code would need to work around this. Are you assigning the URI option directly from an environment variable, which may be empty? Alternatively, if this is coming from a library integration (e.g. Symfony bundle parsing some configuration file), perhaps the integration can be improved to detect when an option should be unset vs. an empty string. In the meantime, I created PHPC-1347 to ensure we don't lose track of your suggestion for the |
@jmikola I don't recall requiring authentication while setting up MongoDB. I can connect fine through Compass or shell without providing user/pwd details... |
@jmikola Yupp, we are using Laravel so the values initially come from env files that are then directly assigned to a config file that consist of a PHP array with a specific, pre-defined structure. We would either have to add more obtrusive code to the beginning of those config files and dynamically change the structure of the array (i.e. adding the URI option fields to the config array based on whether the env values are empty), or keep the current code in the place where we construct the Manager instance. https://github.com/laravel/laravel/blob/master/.env.example This is a relatively new issue, by the way. I'm fairly sure it started when we upgraded to version 1.5. Before we upgraded, the driver (or the server, I'm not sure which server version we were running then or whether we upgraded our replica set at the same time) skipped these fields when they contained empty values. The current functionality isn't so much of an issue (our current "work-around" works perfectly fine, and it's only like 5 rows of code), it's just not ideal. |
@CathChen003: I think we're misunderstanding each other. In your previous comment, you stated that you "created a user in the admin database and accessed the other DB with the user/pwd credentials." Enable Auth walks through the process for configure MongoDB to use authentication. after creating the first administrator user, the If you only created a user on the server without requiring authentication, then I presume the server will allow clients to authenticate if they attempt to do so; however, the server will not require authentication and clients that choose not to do so will be able to connect and access the database(s) as they wish. That may explain why Compass and the shell continued to work without authentication, even after you created a user. I'm going to reiterate that the proper solution is to remove the lone |
@jmikola OK, I understand now. Thanks! |
Closing, as both referenced JIRA issues have since been fixed and released. |
Description
I'm trying to connect to MongoDB through PHP, but I get the error: "MongoDB\Driver\Exception\AuthenticationException Authentication failed." I don't have a username or password set up, so I'm pretty confused. I can connect to MongoDB through shell and compass, both without entering any username/password. I already tried looking up the issue in several different places (stackoverflow, mongodb-user groups.google.com, etc.) for several days but I can't find any help so I decided to post an issue here. I'm using the Yii2 framework but I don't think this problem is related to that.
Environment
Windows 10 (64-bit)
PHP version 7.2.2 on XAMPP
MongoDB 4.0.6
Mongo PHP Driver 1.6.0alpha1 for PHP 7.2 Threaded x86
phpinfo():
Expected and Actual Behavior
Expected connection to MongoDB, but resulted in error thrown.
I would include more info if I knew what to include. This is my first time working with MongoDB (and NoSQL in general) so I'm pretty unknowledgeable in this area.
Thanks in advance. :)
The text was updated successfully, but these errors were encountered: