Mongo admin database credentials don't work in other databases on server

0
votes

The documentation for Mongo states that when authentication is enabled, and for users added to the admin database, these users should be able to access the other databases in Mongo, with the rights granted at the admin database level.

"The admin database is unique. Users with normal access to the admin database have read and write access to all databases. Users with read only access to the admin database have read only access to all databases." http://docs.mongodb.org/manual/administration/security/

But in testing with the C# library version 1.7.0.4714, this is not the case. Only accounts created in a specific database have access to that database.

I have tested with credentials on the connection string and by setting credentials explicitly at the database level in C#

server.GetDatabase(...
new MongoClient(a connectionString ...

Does anyone know if this expected behavior? or can suggest a resolution.

3
mongodbmongodb-.net-driver
possible duplicate of Mongodb C# driver - can't use admin authentication to access other databases - Andrew Orsich

3 Answers

0
votes

The answer was already posted here on stackoverflow :)

Mongodb C# driver - can't use admin authentication to access other databases

the username used should have (admin) after it to use that account.

0
votes

This is not a mongodb problem. I am sure that you could authenticate from mongodb shell like this:

use admin
db.auth(user, pass)

This is a mongodb c# driver trick. A long time ago i spent some time to read c# driver code in order to understand this.

So connection string should be like this:

mongodb://admin(admin):1@localhost:27020/myDb

The trick in (admin) in order to tell the driver that you are going to authenticate via admin user.

0
votes

There is another way to connect with authentication against the admin database.

The downside is that you have to setup the whole connection object instead of packing all info solely on a connection string.

Instead of instantiating the MongoClient with a connection string like

var connectionString = "mongodb://localhost";
var client = new MongoClient(connectionString);

you can create a MongoClientSettings object, set the credentials (along with any other connection settings) and instantiate the client passing that object

string authenticationDB = "admin"
string authenticationUsername = "user"
string authenticationPassword = "pass"
MongoClientSettings settings = new MongoClientSettings();
settings.Credentials = new[] { MongoCredential.CreateMongoCRCredential(authenticationDB, authenticationUsername, authenticationPassword) };

settings.Servers = new[] { new MongoServerAddress("host_1"), new MongoServerAddress("host_2"), new MongoServerAddress("host_3") };
settings.ConnectionMode = ConnectionMode.ReplicaSet;

var client = new MongoClient(settings);
var db = client.GetServer().GetDatabase(database);

http://docs.mongodb.org/ecosystem/tutorial/authenticate-with-csharp-driver/