I hava tried to create a user in database "admin" with roles of "root","readWriteManyDatabase" in mongodb to connect to different databases, but it seems that i can not use
this user to directly connect to the other databases, but i can do operations on other databases after run db.auth() in database admin.
So, is there any way i can use to connect directly to different databases with a same user but do not need to first connect to database "admin"
Make sure you're authentication with the admin database when connecting to the database server, this can be specified on the MongoDB Connection string by passing a query string parameter of authSource. For example:
mongodb://username:password#my-server/my-db?&authSource=admin
If you don't specify an auth source then it will try to authenticate using the database specified, in this case my-db
If you're using the shell you can specify this as an arugment of authenticationDatabase for example:
mongo localhost -u user -p password --authenticationDatabase admin
Related
I am trying to deploy a very simple nodejs api through Heroku and utilizing the clearDB add on so I can connect to the MySQL db the api utilizes. I had everything connected and working then realized I had hard coded and exposed the database user and password information. I reset the password on clearDB to reset the exposed information. So far I have created environment variables locally and the config variable for the new password on Heroku but now the app crashes anytime I try to connect to the db, is there somewhere else that the new password will be needed?
ClearDB stores the username and password information inside the URL to the db so if you only updated it in the config variable for the password you will also need to update it in the variable containing the URL string as well.
I have a node.js app that uses MongoDB as a database.
I have also the management of MongoDB.
When the app starts, it connects to MongoDB without any problem.
I am trying to let the user defines which database he/she will connect to. To do that I create mongo.conf like that:
And in the app, I defined the connection uri like that:
MONGODB_URL="mongodb://< username>:< password>#34.72.5.46:27017/"
The database user has the root role. As I mentioned, in first opening the app connects to the database. In the first opening, I am using mongoose.connect
But when the user inserts a database name that doesn't exist, via the app, I am using mongoose.createConnection. And then I get this error:
MongoNetworkError: failed to connect to server [34.72.5.46:27017] on first connect [MongoError: Authentication failed.
What should I do?
I solved my issue. It has been needed to add "?authSource=admin" at the end of the mongo URI
I want to access MySql database hosted on domain my_domain_name using pymysql ( python library) .
My code is:
connection = pymysql.connect('my_domain_name', user, passd, db)
But I receive this error
(1045, "Access denied for user 'root'#'ip-address' (using password: YES)")
In most answers, people suggest that:
either password is wrong or 'root' user do not have privileges to
access database
But, I can access the database using direct link as: http://www.my_domain_name/phpmyadmin/index.php using same user and password.
I will appreciate your kind help. Thanks
Note: 'my_domain_name' is being converted to an ip_address. When I place this IP to my browser, it takes me to the website of my Internet provider.
Update:
It is clear that domain_name is being replaced with ip_address of Internet provider. How can I resolve this issue? Please do share any link. Thanks.
MySQL access control depends on the IP address of the client not the IP address of the server.
I assume that you're connecting to some cloud instance of MySQL, in other words, it's not running on your local machine. (If it's local just use "localhost" instead of "my_domain_name.")
When you connect to the MySQL server "my_domain_name," it sees an incoming connection from your public IP address. (If you Google for "what's my IP address," the address that Google shows you should match the one in the error message.) If you enter that IP address into your browser, you'll be connecting to your own router. If you got that router from your ISP, it's possible they set it up so that connecting to the router redirects you to the ISP's own home page.
In MySQL, the client address is part of a user's identity. In other words, john#host1 and john#host2 are two different users to MySQL. You specify the host when you create the user:
# Only applies to john connecting from host1
CREATE USER 'john'#'host1' IDENTIFIED BY 'password';
You can also use a wildcard for the client address, which means a user with that name connecting from any client address.
# john can connect from any host
CREATE USER 'john'#'%' IDENTIFIED BY 'password';
Your MySQL instance was probably set up with a user called root#localhost. To connect from somewhere else, you could create another root#my-ip-address user where my-ip-address is your address, however, this user will not be the same as root#localhost. You will have to grant it privileges identical to root#localhost. Accessing MySQL in this way could be inconvenient because if your IP address ever changes, you will lose access. You could create a user root#% instead, which will work from any client, but then you are allowing access to your MySQL server from any client address as long as the user has the password.
The reason you can login from the web administration console is that when you access the console, you're not connecting to the database directly, instead you're interacting with the console, and the console is connecting to the database. The console is running on the same server as MySQL, so when it connects to MySQL, the connection is coming from localhost.
If you want command line access to MySQL, a better strategy would be to SSH to the MySQL server, then use mysql locally to connect as root#localhost.
The issue was that by default, MySql server does't assign necessary privileges to the user to access database remotely. So, open your SqlServer console and use this command to assign privileges to the 'root' user as:
GRANT ALL ON root.* TO 'root'#'ip_address_of_server' IDENTIFIED BY 'password_for_root' ;
FLUSH PRIVILEGES;
OR
GRANT ALL ON root.* TO 'root'#'server_name' IDENTIFIED BY 'password_for_root' ;
FLUSH PRIVILEGES;
Refer to this answer for more information:
pymysql cannot connect to mysql
We would like to hide the Database Schema Passwords from WebLogic administrators because the database contains high secured data.
I am trying to find an official Oracle way how to define a Connection Pool where the password is read from an external Password Server but I have not found anything on the internet.
Can Weblogic communicate with Password Servers (eg. Pleasant) in order to read passwords of DB connections from external "secret" store?
UPDATE 1
Of course, we can write Java code which reads passwords from an external secret store and creates Connection Pool on a programmatic way but this seems for me as a big hack.
UPDATE 2
I also checked JPA and Hibernate documentation. I cannot see any official way to configure a JPA data source this way.
The solution is to create and use a Wallet as described in this documentation.
Enjoy !
Lets say an application is written purely using JavaScript with node.js that connects directly to the MongoDB backend.
In this scenario is it possible to have a secure application where users login and have privilege separation like administrative/user/guest. If so how does this work? What would it require?
Node.js has some modules for various authentication methods, connect-auth looks like a good place to start. You could then map your authenticated node.js credentials to a MongoDB database user when connecting to the database.
Security in MongoDB is currently fairly basic, user permissions restrict access per database and can be either read/write or read-only, so you might use a database per user.
CouchDB has a concept of users and authentication.
Take a look at the _users database documentation
I have some code that talks to _users