Create user commands in mongodb

Source: Internet
Author: User
Tags auth mongodb

MongoDB's binary installation is extremely simple. By default, it is not authenticated by users according to the official documentation... Despite its high efficiency

Not safe.

The following describes how to use auth for user authentication (I haven't seen the keyFile method yet ..)

1) start mongodb without the-auth parameter
2) create a User Administrator.
Mongodb does not have super-privileged users such as root, but has User Administrator. It can manage other users ~~, However

No other special permissions.
If a User has the userAdminAnyDatabase permission, it becomes the User Administrator.

The code is as follows: Copy code
USE admin;
Or:
Db = db. getSiblingDB ('admin ')

Add user

The code is as follows: Copy code

Db. addUser ({USER: "root ",
Pwd: "123456 ",
Roles: ["userAdminAnyDatabase"]})
 
View all users in the admin Library:
USE admin;
Db. system. users. find ();
{"_ Id": ObjectId ("xxxxxx"), "pwd": "Xxxxxxxxxxxxxxxxxxxxxxx", "roles ":[

"UserAdminAnyDatabase"], "user": "root "}

In this way, a User Administrator named root with a password of 123456 is added to the admin database.

3) use the-auth parameter to start mongodb.

4) Use User Administrator to log on and complete authentication.

The code is as follows: Copy code

[Root @ yw-0-0 logs] # mongo xxx. xxx. xx. xxx
MongoDB shell version: 2.2.3
Connecting TO: xxx. xxx. xx. xxx/test
> USE admin;
Switched TO db admin
# Authentication. 1 indicates that authentication is successful.
> Db. auth ("root", "123456 ");
1
# View all users in the admin database:
> Db. system. users. find ();
{"_ Id": ObjectId ("xxxxxx"), "pwd": "Xxxxxxxxxxxxxxxxxxxxxxx", "roles ":[

"UserAdminAnyDatabase"], "user": "root "}
>
# If you view all the tables, you will be prompted to have no permissions, because the root user we created has only the permissions of user management:
> Show tables;
Tue Sep 24 10:37:00 EXEC error: src/mongo/shell/query. js: 128 error :{
"$ Err": "not authorized for query on cleanmaster. system. namespaces ",
"Code": 16550
}
Throw "error:" + tojson (ret );

5) create other users

All users follow the database, and user information is saved to the system. users table of the database.
When adding a user to multiple databases, you must define the user for each database.

> USE cm;
# Create a user cm with a password of 123456. The permissions are readWrite and dbAdmin.
> Db. Adduser( {USER: "cm", pwd: "123456", roles: ["readWrite", "dbAdmin"]})
Tue Sep 24 10:53:51 EXEC error: src/mongo/shell/db. js: 64 password can't be empty
Throw "password can't be empty ";
This problem has plagued me for a long time...
Later, we found that the client is 2.2.3 and the server is 2.4.6 ........
Switch to the latest client and you will be OK:
 

The code is as follows: Copy code

> Db. Adduser( {user: "cm", pwd: "123456", roles: ["readWrite", "dbAdmin"]})
{
"USER": "cm ",
"Pwd": "687312e8f13ef54ec5d213f4eadf1d98 ",
"Roles ":[
"ReadWrite ",
"DbAdmin"
],
"_ Id": ObjectId ("5241005872de6152c88ca17d ")
}
 
> Db. system. users. find ();
{"_ Id": ObjectId ("5241005872de6152c88ca17d"), "USER": "cm", "pwd ":

"687312e8f13ef54ec5d213f4eadf1d98", "roles": ["readWrite", "dbAdmin"]}
> Use cm
# Use New user authentication:
& Gt; db. auth ("cm", "123456 ");
1
> Show tables;
System. indexes
System. users

6) change the password

The code is as follows: Copy code

Db = db. getSiblingDB ('CM ')
# Change the new password to 1-6
Db. changeUserPassword ("cm", "1-6 ")

7) postscript

The reason why I wrote this article is that Baidu's materials are unreliable!

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.