MongoDB on docker still can access anonymous users with initialed username and password option via DataGrip

Working with Data Connectors & Integrations
, , ,
1

Hi everyone
I’m trying to start a new simple MongoDB instance with Docker. I followed the guide from Docker Official to start a new instance like

docker run -d -P --name some-mongo \
	-e MONGO_INITDB_ROOT_USERNAME=mongoadmin \
	-e MONGO_INITDB_ROOT_PASSWORD=secret \
	mongo

I thought for any connections, client must provide a set of username and password. And then I tried to connect MongoDB with DataGrip 2023.1.1 without any username and password, it makes me surprise because the tool still can connect with MongoDB. Did something go wrong? I tried with MongoDB Compass then I can’t access like what I expected. Last try, I connect with mongosh, the shell still make connection successfully.

Screenshot from 2023-05-15 17-16-38
Screenshot from 2023-05-15 17-16-381191×234 24.6 KB

Can any explain that for me, what should I do to trully disable connection from annonymous users.
Thank you.

2

If you just connect, it will work because there are some basic operations that are unauthenticated, e.g. the hello command that you can try in mongosh with the db.hello() helper.

However, as soon as you start doing something that requires auth, you will get an error. For example, in mongosh something as simple as show collections will fail with an error:

MongoServerError: Command listDatabases requires authentication

When Compass connects it does a bunch of thing, e.g. calling hostInfo, listing databases and collections, etc. that require auth and that is the reason why it fails.

I don’t know exactly you DataGrip works, but it’s possible that it just establishes the connection and waits idly until there is some user action that needs to trigger an authenticated command.

1 Like
3

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.