MongoDB Authentication

Description

Hello,
in an effort to make my Rocket.Chat Server more secure, I’d like to enable MongoDB Database Authentication. To achieve that, I changed the /etc/mongod.conf and added

security:
  authorization: "enabled"

Then I changed my databases accordingly:

use admin
show users
     {
                "_id" : "admin.rocketchat",
                "userId" : UUID("a95a7601-493d-4632-8ae5-bbe0358a1381"),
                "user" : "rocketchat",
                "db" : "admin",
                "roles" : [
                        {
                                "role" : "readWrite",
                                "db" : "local"
                        }
                ],
                "mechanisms" : [
                        "SCRAM-SHA-1",
                        "SCRAM-SHA-256"
                ]
        }

and also

use rocketchat
show users
{
        "_id" : "rocketchat.rocketchat",
        "userId" : UUID("83232493-b499-4041-813f-6bec70c4a2d5"),
        "user" : "rocketchat",
        "db" : "rocketchat",
        "roles" : [
                {
                        "role" : "dbOwner",
                        "db" : "rocketchat"
                }
        ],
        "mechanisms" : [
                "SCRAM-SHA-1",
                "SCRAM-SHA-256"
        ]
}

As described in Connecting to a MongoDB server with authentication enabled · Issue #8856 · RocketChat/Rocket.Chat · GitHub
I adapted the MONGO_URL and MONGO_OPLOG_URL in /lib/systemd/system/rocketchat.service accordingly to
mongodb://rocketchat:mySecretPass@localhost:27017/rocketchat?authSource=admin

Then I restarted both MongoDB and Rocket.Chat I opened Rocket.Chat in an Inkognito Tab but couldn’t log in, in fact I couldn’t even enter any login data, because the input fields merged into one:

What did I do wrong? Thanks for all answers in advance :slight_smile:

Server Setup Information

  • Version of Rocket.Chat Server: 3.9.4
  • Operating System: Debian 10 Buster (Kernel: Linux 4.19.0)
  • Deployment Method: manual installation
  • Number of Running Instances: 1
  • NodeJS Version: v12.20.1
  • MongoDB Version: 4.2.11
  • Proxy: nginx
  • Firewalls involved: ufw