MongoDB's binary installation is extremely simple. By default, it is not authenticated by users according to the official documentation... Despite its high efficiency
Not safe.
The following describes how to use auth for user authentication (I haven't seen the keyFile method yet ..)
1) start mongodb without the-auth parameter
2) create a User Administrator.
Mongodb does not have super-privileged users such as root, but has User Administrator. It can manage other users ~~, However
No other special permissions.
If a User has the userAdminAnyDatabase permission, it becomes the User Administrator.
The code is as follows: |
Copy code |
USE admin; Or: Db = db. getSiblingDB ('admin ')
|
Add user
The code is as follows: |
Copy code |
Db. addUser ({USER: "root ", Pwd: "123456 ", Roles: ["userAdminAnyDatabase"]}) View all users in the admin Library: USE admin; Db. system. users. find (); {"_ Id": ObjectId ("xxxxxx"), "pwd": "Xxxxxxxxxxxxxxxxxxxxxxx", "roles ":[ "UserAdminAnyDatabase"], "user": "root "} |
In this way, a User Administrator named root with a password of 123456 is added to the admin database.
3) use the-auth parameter to start mongodb.
4) Use User Administrator to log on and complete authentication.
The code is as follows: |
Copy code |
[Root @ yw-0-0 logs] # mongo xxx. xxx. xx. xxx MongoDB shell version: 2.2.3 Connecting TO: xxx. xxx. xx. xxx/test > USE admin; Switched TO db admin # Authentication. 1 indicates that authentication is successful. > Db. auth ("root", "123456 "); 1 # View all users in the admin database: > Db. system. users. find (); {"_ Id": ObjectId ("xxxxxx"), "pwd": "Xxxxxxxxxxxxxxxxxxxxxxx", "roles ":[ "UserAdminAnyDatabase"], "user": "root "} > # If you view all the tables, you will be prompted to have no permissions, because the root user we created has only the permissions of user management: > Show tables; Tue Sep 24 10:37:00 EXEC error: src/mongo/shell/query. js: 128 error :{ "$ Err": "not authorized for query on cleanmaster. system. namespaces ", "Code": 16550 } Throw "error:" + tojson (ret ); |
5) create other users
All users follow the database, and user information is saved to the system. users table of the database.
When adding a user to multiple databases, you must define the user for each database.
> USE cm;
# Create a user cm with a password of 123456. The permissions are readWrite and dbAdmin.
> Db. Adduser( {USER: "cm", pwd: "123456", roles: ["readWrite", "dbAdmin"]})
Tue Sep 24 10:53:51 EXEC error: src/mongo/shell/db. js: 64 password can't be empty
Throw "password can't be empty ";
This problem has plagued me for a long time...
Later, we found that the client is 2.2.3 and the server is 2.4.6 ........
Switch to the latest client and you will be OK:
The code is as follows: |
Copy code |
> Db. Adduser( {user: "cm", pwd: "123456", roles: ["readWrite", "dbAdmin"]}) { "USER": "cm ", "Pwd": "687312e8f13ef54ec5d213f4eadf1d98 ", "Roles ":[ "ReadWrite ", "DbAdmin" ], "_ Id": ObjectId ("5241005872de6152c88ca17d ") } > Db. system. users. find (); {"_ Id": ObjectId ("5241005872de6152c88ca17d"), "USER": "cm", "pwd ": "687312e8f13ef54ec5d213f4eadf1d98", "roles": ["readWrite", "dbAdmin"]} > Use cm # Use New user authentication: & Gt; db. auth ("cm", "123456 "); 1 > Show tables; System. indexes System. users |
6) change the password
The code is as follows: |
Copy code |
Db = db. getSiblingDB ('CM ') # Change the new password to 1-6 Db. changeUserPassword ("cm", "1-6 ") |
7) postscript
The reason why I wrote this article is that Baidu's materials are unreliable!