MongoDB Add user and permissions settings detailed _mongodb

For example: MySQL installation configuration, there is a MySQL database, which has a user table, used to store users, as well as user rights, and MongoDB this most like relational database, there is no such a table.

One, to grasp the authority, understand that the following 4 basically is almost

1,mongodb is not a default administrator account, so you need to add the Administrator account first, in the Open authority authentication.
2, switch to the admin database, add the account number is the administrator account.
3, users can only log on at the user's database, including the administrator account.
4, administrators can manage all databases, but can not directly manage other databases, you must first after the Admin database authentication. It's a little weird.

Second, add administrator account

[Root@localhost zhangy]# MONGO
MongoDB shell version:2.4.6 connecting To:tank
> Use admin          // Switch to admin database
switched to DB admin
> show collections;
System.indexes
system.users          //user table
> Db.system.users.find ();   User table has no data
> Db.adduser (' Tank ', ' test ');  Add an administrator account
{
  "user": "Tank",
  "readOnly": false,
  "pwd": "988432606980d0695e4f668f6bbc643a",
  "_id": ObjectId ("529e5d543b6a4608ac833429")
}

Third, open the user authority to start authentication

[Root@localhost zhangy]# vim/etc/mongodb.conf      //Remove the comments in front of Auth=true
[root@localhost zhangy]#/etc/init.d/ Mongod restart   //reboot effective

Four, users can only log in the user's database, administrators need to pass admin authentication to manage other databases

[Root@localhost zhangy]# MONGO
MongoDB shell version:2.4.6 connecting To:tank
> show dbs;      Show all databases failed because no certification
Wed Dec 4 06:39:50.925 listdatabases failed:{"OK": 0, "errmsg": "Unauthorized"} at src/mongo/ shell/mongo.js:46
> Db.auth (' Tank ', ' test ');  Authentication failed because this user does not belong to tank this database
error:18 {code:18, ok:0.0, errmsg: "Auth fails"}
0 > Use
admin    //Switch to Admin database
switched to DB admin
> Db.auth (' Tank ', ' test ');  Successfully authenticated in admin database
1
> Use tank;      Switch to tank database
switched to DB tank
> show collections;  will not be prompted without permission
contact
system.indexes
Users

Five, add the general use of the Kai

> Use tank;
Switched to DB tank
> Db.adduser (' tank1 ', ' test ');   Added a writable user Tank1
{"_id" to the tank database
  : ObjectId ("529e5f8474b4c660718a70f3"),
  "user": "Tank1",
  " ReadOnly ": false,
  " pwd ":" 35dd47abff098f5b4f0b567db8edeac5 "
}
> Db.adduser (' tank2 ', ' test ', true); /Added a read-only user tank2
{
  "user": "Tank2", "readOnly" to the tank database:
  true,
  "pwd": " 1792916c544d247538ded52e6df7b887 ",
  " _id ": ObjectId (" 529e67553992b24438d5e315 ")
}
> Exit  / /exit
bye
[root@localhost zhangy]# MONGO
MongoDB shell version:2.4.6 connecting To:tank
> Db.auth (' Tank1 ', ' test ');  The user you just added can log on.

Six, PHP Client connection
1, recommended method one

$mongo = new MONGO ();  

$db = $mongo->selectdb (' tank ');  Switch to the tank database 

$db->authenticate ("Tank3", "Test");  Certification

$users = $db->selectcollection ("users");//Select the users table

$cursor = $users->find ();  Read Data

foreach ($cursor as $id => $value) {
  echo "$id:"; Print_r ($value); echo "<br>";
}

This is a better way to understand that the root command line operates at the same procedure.

2, recommended method two

$mongo = new MONGO ("Mongodb://tank3:test@127.0.0.1:27017/tank");  Authentication user, here's database, only the authentication function

$db = $mongo->selectdb (' tank ');//Select database

$users = $db->selectcollection ("Users" );

$cursor = $users->find ();

foreach ($cursor as $id => $value) {
  echo "$id:"; Print_r ($value); echo "<br>";
}

The above two methods differ in that a first-choice database is certified, one is first authenticated in the selected database.