MongoDB set access rights, set user

Source: Internet
Author: User
Tags auth

MongoDB has been used for a long time, and MongoDB-based data storage has not been used to access permissions (MongoDB defaults to unrestricted access restrictions), today took a little time to study, the research results are as follows:

Note: The research results are based on the Windows platform

MongoDB after the native installation is well-deployed

1. Enter the command: Show DBS, you will find it built with two databases, one named admin, one named Local. Local does not seem to be useful, if the use of the process found the use of the local table, hoping to be able to leave a message to remind, then we focus on the admin table

2. Input command: Use admin, you will find that the DB contains a system.user table, hehe, yes, this table is equivalent to the user table in MSSQL, used to store the Super administrator, then we add a super administrator to it to try

3. Input command: db.adduser (' sa ', ' sa '), here I add a super Admin user, username for Sa,password also SA, that is, we added a super administrator, then we come to test, Let's see if we can connect MongoDB again need not prompt to enter the user name, password, we first exit (CTRL + C)

4. Input command: Use admin

5. Enter the command: Show collections, see all the tables under the library, you will find that MongoDB does not prompt you to enter the user name, password, it is strange, what is the matter? Mentioned at the beginning of the article,

MongoDB default set to No access restrictions, that is, then we set it to require access restrictions, we look at the effect, how to set it?

6. In the registry, locate the MongoDB node, in its imgpath, we modify, add -authas follows:

"D:\Program files\mongodb\bin\mongod"-dbpath e:\work\data\mongodb\db-logpath e:\work\data\mongodb\log -auth -service

7. Input command: Use admin

8. Enter the command: Show collections, hehe, we found unable to view the table under the library, prompted: "$err": "Unauthorized db:admin lock Type:-1 client:127.0.0.1", it is clear that Prompt without permission, it seems that the key is here, we start MongoDB, we need to add the -auth parameter, so that we set the permissions to take effect, OK, next we use the user name, password that we just set up to access

9. Input command: Db.auth (' sa ', ' sa '), output a result value of 1, indicating that the user matches, if the user name, password is not correct, will enter 0

10. Enter the command: Show collections, hehe, the results came out, to here, the permissions set also only talk about more than half, and then down, we first exit (CTRL + C)

11. Enter the command: MONGO TestDB, we try to connect to a new library (regardless of whether the library exists, if it does not exist, add data to the library by default, the library is created), and then we want to see the table in that library

12. Enter command: Show collections, guys, no permissions, we enter the username and password created above

13. Enter the command: Db.auth (' sa ', ' sa '), enter the result 0, the user does not exist, this someone may not understand, just before the creation, how can not exist? The reason: When we visit the MongoDB database separately, the user name password is not the Super administrator, but the user in the library's System.user table, note that I am talking about the situation of individual access , what is What about a situation where there is no separate access ? Then again, now what, no authority, then we try to add users to the library's System.user table

14. Input command: db.adduser (' Test ', ' 111111 '), wow, still prompt no permissions, this can do, the new database using Super Administrator also can not access, create users do not have permissions, oh, don't worry, then set the Super Administrator user, Then it must have access to all the libraries

15. Input command: Use admin

16. Input command: Db.auth (' sa ', ' sa ')

17. Input command: Use TestDB

18. Input command: Show collections, Haha, all the way, we found that can use Super Administrator user access to other libraries, hehe, this is not alone access to the situation, it is not difficult to find that we are first into the admin library, and then transferred to other libraries, Admin is the equivalent of a top-level official area, if you are a real estate, want to get a big project in the area to do, you want to do without the senior officials, it is not feasible, you need to go to their there, send some courtesy, then down to the place, engineering you can get hands, this speech is only a personal point of view, does not represent the blog park, that is, the project to get hands, will start to build, then we do not have to add a brick, add a tile have to go and that senior officials greet it, so we have to make this project legalized, we have to get the relevant procedures and documents to complete, not to be against the construction

19. Input command: db.adduser (' Test ', ' 111111 '), we add a user to the TestDB library, each time I access the library, I use the user just created, we first exit (CTRL + C)

20. Input command: MONGO TestDB

21. Enter command: Show collections, prompt without permission

22. Input command: Db.auth (' Test ', ' 111111 '), output 1, user present, validation successful

23. Enter command: Show collections, no longer prompt me no permission, congratulations, success

So tired! Write your breath and finish, huh?

Note: When you need permission to access MongoDB, if you need to see all the libraries in MongoDB, we can only use Super admin privileges, enter the command show DBS to view.

MongoDB set access rights, set up users (GO)

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.