Open bilgeexuu1 opened 1 year ago
I'm sorry but I can't possibly help you with that information, that's something for you to debug.
Hey
my mongodb Database:
MongoDB server version: 4.4.22
> show dbs
mosquittoDB 0.000GB
> use mosquittoDB
switched to db mosquittoDB
> show collections
users
>
Databaes name: **mosquittoDB**
admin name: **mosquittoAdmin**
password: **mosquitto**
> use mosquittoDB
> show users
{
"_id" : "mosquittoDB.mosquittoAdmin",
"userId" : UUID("f1512b3f-8c20-491c-9582-36c7a2f3fb89"),
"user" : "mosquittoAdmin",
"db" : "mosquittoDB",
"roles" : [
{
"role" : "readWrite",
"db" : "mosquittoDB"
},
{
"role" : "readWrite",
"db" : "mosquittoDB"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
>
mosquitto.conf
socket_domain ipv4
protocol mqtt
pid_file /var/run/mosquitto/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
log_type all
log_facility 5
log_timestamp_format %Y-%m-%dT%H:%M:%S
connection_messages true
allow_anonymous false
listener 1885
socket_domain ipv4
listener 8883 127.0.0.1
protocol websockets
socket_domain ipv4
require_certificate false
include_dir /etc/mosquitto/conf.d
mosquitt-go-auth.conf
auth_plugin /etc/mosquitto/conf.d/go-auth.so
auth_opt_backends mongo
auth_opt_check_prefix false
auth_opt_log_level debug
auth_opt_log_dest file
auth_opt_log_file /var/log/mosquitto/mosquitto-go-auth.log
auth_opt_hasher bcrypt
auth_opt_hasher_cost 10
auth_opt_mongo_host 10.2.0.83
auth_opt_mongo_port 27017
auth_opt_mongo_dbname mosquittoDB
auth_opt_mongo_username mosquittoAdmin
auth_opt_mongo_password mosquitto
auth_opt_mongo_users users
auth_opt_mongo_acls acls
auth_opt_mongo_disable_superuser true
auth_opt_mongo_with_tls flase
auth_opt_mongo_insecure_skip_verify false
mosquitto publish :
root@www:/etc/mosquitto/conf.d# mosquitto_pub -h localhost -p 1883 -u User1 -P mosquitto -t /test/test/ -m "testtest"
mongodb.log:
{"t":{"$date":"2023-07-18T10:04:47.272+08:00"},"s":"I", "c":"NETWORK", "id":22943, "ctx":"listener","msg":"Connection accepted","attr":{"remote":"10.2.0.83:34426","connectionId":11,"connectionCount":5}}
{"t":{"$date":"2023-07-18T10:04:47.272+08:00"},"s":"I", "c":"NETWORK", "id":51800, "ctx":"conn11","msg":"client metadata","attr":{"remote":"10.2.0.83:34426","client":"conn11","doc":{"driver":{"name":"mongo-go-driver","version":"v1.11.6"},"os":{"type":"linux","architecture":"amd64"},"platform":"go1.20.5"}}}
{"t":{"$date":"2023-07-18T10:04:47.273+08:00"},"s":"I", "c":"ACCESS", "id":20251, "ctx":"conn11","msg":"Supported SASL mechanisms requested for unknown user","attr":{"user":"mosquittoAdmin @mosquittoDB"}}
{"t":{"$date":"2023-07-18T10:04:47.273+08:00"},"s":"I", "c":"ACCESS", "id":20249, "ctx":"conn11","msg":"Authentication failed","attr":{"mechanism":"SCRAM-SHA-256","speculative":true,"principalName":"mosquittoAdmin ","authenticationDatabase":"mosquittoDB","remote":"10.2.0.83:34426","extraInfo":{},"error":"UserNotFound: Could not find user \"mosquittoAdmin \" for db \"mosquittoDB\""}}
{"t":{"$date":"2023-07-18T10:04:47.273+08:00"},"s":"I", "c":"ACCESS", "id":20249, "ctx":"conn11","msg":"Authentication failed","attr":{"mechanism":"SCRAM-SHA-1","speculative":false,"principalName":"mosquittoAdmin ","authenticationDatabase":"mosquittoDB","remote":"10.2.0.83:34426","extraInfo":{},"error":"UserNotFound: Could not find user \"mosquittoAdmin \" for db \"mosquittoDB\""}}
{"t":{"$date":"2023-07-18T10:04:47.273+08:00"},"s":"I", "c":"NETWORK", "id":22944, "ctx":"conn11","msg":"Connection ended","attr":{"remote":"10.2.0.83:34426","connectionId":11,"connectionCount":4}}
{"t":{"$date":"2023-07-18T10:04:47.274+08:00"},"s":"I", "c":"-", "id":20883, "ctx":"conn10","msg":"Interrupted operation as its client disconnected","attr":{"opId":2696}}
{"t":{"$date":"2023-07-18T10:04:47.274+08:00"},"s":"I", "c":"NETWORK", "id":22944, "ctx":"conn10","msg":"Connection ended","attr":{"remote":"10.2.0.83:46480","connectionId":10,"connectionCount":3}}
{"t":{"$date":"2023-07-18T10:04:47.274+08:00"},"s":"I", "c":"NETWORK", "id":22943, "ctx":"listener","msg":"Connection accepted","attr":{"remote":"10.2.0.83:34428","connectionId":12,"connectionCount":4}}
{"t":{"$date":"2023-07-18T10:04:47.275+08:00"},"s":"I", "c":"NETWORK", "id":51800, "ctx":"conn12","msg":"client metadata","attr":{"remote":"10.2.0.83:34428","client":"conn12","doc":{"driver":{"name":"mongo-go-driver","version":"v1.11.6"},"os":{"type":"linux","architecture":"amd64"},"platform":"go1.20.5"}}}
mosquitto-go-auth.log :
time="2023-07-18T10:04:00+08:00" level=debug msg="checking user User1 with backend Mongo"
time="2023-07-18T10:04:00+08:00" level=debug msg="Mongo get user error: connection() error occurred during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism \"SCRAM-SHA-1\": (AuthenticationFailed) Authentication failed."
time="2023-07-18T10:04:00+08:00" level=error msg="connection() error occurred during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism \"SCRAM-SHA-1\": (AuthenticationFailed) Authentication failed."
Sorry, but again, I can't help you with this. I'm not a user of MongoDB nor have it installed, and can't tell why you get unable to authenticate using mechanism "SCRAM-SHA-1"
.
mongo check :
mongodump "mongodb://mosquittoAdmin:mosquitto@10.2.0.83:27017/?authSource=mosquittoDB" --db mosquittoDB --out /var/log/mongodb/file.sql
result:
root@www:/etc/mosquitto/conf.d$ bsondump /var/log/mongodb/file.sql/mosquittoDB/users.bson
{"_id":{"$oid":"64b5f0b693b227b69efa4b46"},"username":"User1","password":"$2a$12$H6coqkebGKS4JctrMv7CtuRdxOrEP6fSCwwd6pd.2R1DvkZNotm4e","secret":" password-mosquitto","acls":[{"topic":"/+/+/#","acc":{"$numberInt":"3"}}]}
{"_id":{"$oid":"64b5f14e93b227b69efa4b47"},"username":"User2","password":"$2a$12$Fxzpr8uDobhhdUWDCZeMSuhdgaVvYjRcNmgwTKlpYKDrKGsUlUv2i","secret":" password-mosquitto2","acls":[{"topic":"/+/+/#","acc":{"$numberInt":"3"}}]}
2023-07-18T10:35:28.544+0800 2 objects found
root@www:/etc/mosquitto/conf.d$
Hi
Have you tried to add "auth_opt_mongo_authsource admin" in mosquitt-go-auth.conf? It just works for me. . . Also, there is a typo in mosquitt-go-auth.conf line "auth_opt_mongo_with_tls flase"
Hi
Have you tried to add "auth_opt_mongo_authsource admin" in mosquitt-go-auth.conf? It just works for me. . . Also, there is a typo in mosquitt-go-auth.conf line "auth_opt_mongo_with_tls flase"
root@www:/var/log/mosquitto# tail -F /var/log/mosquitto/mosquitto-go-auth.log time="2023-08-11T14:14:30Z" level=debug msg="Mongo get user error: connection() error occurred during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism \"SCRAM-SHA-1\": (AuthenticationFailed) Authentication failed." time="2023-08-11T14:14:30Z" level=error msg="connection() error occurred during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism \"SCRAM-SHA-1\": (AuthenticationFailed) Authentication failed."
From you config file
mosquitt-go-auth.conf
auth_plugin /etc/mosquitto/conf.d/go-auth.so auth_opt_backends mongo auth_opt_check_prefix false auth_opt_log_level debug auth_opt_log_dest file auth_opt_log_file /var/log/mosquitto/mosquitto-go-auth.log auth_opt_hasher bcrypt auth_opt_hasher_cost 10 auth_opt_mongo_host 10.2.0.83 auth_opt_mongo_port 27017 auth_opt_mongo_dbname mosquittoDB auth_opt_mongo_username mosquittoAdmin auth_opt_mongo_password mosquitto auth_opt_mongo_users users auth_opt_mongo_acls acls auth_opt_mongo_disable_superuser true auth_opt_mongo_with_tls flase auth_opt_mongo_insecure_skip_verify false
In line
auth_opt_mongo_username mosquittoAdmin
You have whitespace behind that line
Try to remove those whitespace
"2023-07-17T17:02:17+08:00" level=debug msg="checking user mosquitto with backend Mongo" time="2023-07-17T17:02:17+08:00" level=debug msg="Mongo get user error: connection() error occurred during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism \"SCRAM-SHA-1\": (AuthenticationFailed) Authentication failed."