Mongo Auth and Superdesk Server Initialization
  • Vote Up0Vote Down James BrabsonJames Brabson
    Posts: 16Member
    If mongodb is set up to use authorization, I cannot initialize the superdesk server data.

    Steps to replicate:

    1. Setup mongodb to use auth. Restart mongodb.

    2. Connect to mongo, use admin database, create user with root permissions (obviously lower is preferred, but for this test "root" still causes the error, and when testing it's easiest to use the highest level of auth to ensure it's not mongo roles that's causing the problem)

    use admin
    db.createUser(
       {
          user:  "superdeskadmin",
          pwd:   "MyPass12345",
          roles: 
             [
                "root"
             ]
       }
    )

    3. cd $path/server

    4. vi settings.py, then add the following lines to the end of the file:



    MONGO_DBNAME = env('MONGO_DBNAME','superdesk')

    MONGO_URI = env('MONGO_URI','mongodb://superdeskadmin:MyPass12345@localhost/superdesk?authSource=admin')
    
LEGAL_ARCHIVE_DBNAME = env('LEGAL_ARCHIVE_DBNAME','legal_archive')

    LEGAL_ARCHIVE_URI = env('LEGAL_ARCHIVE_URI','mongodb://superdeskadmin:MyPass12345@localhost/legal_archive?authSource=admin')

    ARCHIVED_DBNAME = env('ARCHIVED_DBNAME','archived')

    ARCHIVED_URI = env('ARCHIVED_URI','mongodb://superdeskadmin:MyPass12345@localhost/archived?authSource=admin')


    5. sudo python3 manage.py app:initialize_data

    No matter what I do, I get this error:



    pymongo.errors.OperationFailure: not authorized on contentapi to execute command { createIndexes: "api_audit", indexes: [ { key: { subscriber: 1 }, name: "subscriber", background: true } ] }

    6. On the exact same server, turn off auth for mongodb, restart mongo. Everything works fine.


    Is this just me and something tweaky in my setup (currently Amazon Lightsail's pre-installed Bitnami Mean)? Has anyone else gotten mongodb and superdesk server initialization working with auth turned on in mongo?

    *edit - missing parenthesis added
    Post edited by James Brabson at 2017-08-21 19:32:07
  • 2 Comments sorted by
  • Vote Up0Vote Down Grisha KostyukGrisha Kostyuk
    Posts: 52Member, Sourcefabric Team
    Hi James,

    I think you should also update the setting for content-api CONTENTAPI_MONGO_URI with the same username and password


    Hope it helps.
  • Vote Up0Vote Down James BrabsonJames Brabson
    Posts: 16Member
    Thanks, I'll try it. That wasn't in the Mongo connections section, so I hadn't noticed it. I appreciate the help.
Add a Comment