MongoDB Quick Start Note (vii) MongoDB user management operations _mongodb

Source: Internet
Author: User
Tags auth mongodb

MongoDB Introduction

MongoDB is a database based on distributed file storage. Written by the C + + language. Designed to provide scalable, high-performance data storage solutions for WEB applications.

MongoDB is a product between relational database and non relational database, and is the most powerful and relational database in the relational database.

1, modify the start MongoDB require user authentication

Add parameter--auth can be.

Now we remove the MongoDB service and add the service again.

Copy Code code as follows:

Mongod--dbpath "D:\work\MongoDB\data"--logpath "D:\work\MongoDB\log\mongodb.log"--install "--servicename"- -auth

2, create the user, and use the created user login

Open the Shell interface, the default test data, and then look at all the databases, and found the error, because no user authentication.

User authentication is done using Db.auth ("User", "pwd").

User: Username

PWD: Password

Because there is no user in the database, you need to start the data in a user-less authenticated manner, creating a new user under the Admin database.

Copy Code code as follows:

Db.createuser ({User: "", pwd: ", Roles:[{role:" ", DB:" "}]})

Create a user under the current database

User: Username

PWD: Password

Roles: Role Information

[Roles: Role name, DB: Action on the specified database]

> Db.createuser ({User: "admin", pwd: "admin", Roles:[{role: "Useradminanydatabase", DB: "admin"})
Successfully added User: {"
user": "admin",
"roles": [
{
"role": "Useradminanydatabase",
"db": "A DMin "
}
]

To start the database using user authentication, in database admin, use admin login

> Db.auth ("admin", "admin")

1

Status 1 indicates a successful validation and 0 indicates a validation failure

Create users by default to the currently used data.

For example: The data currently in use is admin, new user under Admin data

Copy Code code as follows:

Db.createuser ({User: "Zyh", pwd: "Zyh", Roles:[{role: "ReadWrite", DB: "Zyhdb"}]})

Use the Zyh login under the Admin database to read and write Zyhdb collection.

When you are under ZYHDB, you cannot use the Zyh login because the user zyh is under the admin database.

3. View users under Current data

Show users displays all users under the current database

Use a user with administrative rights to log in to see, for example, after using ZYH login, execution will complain; After using admin login, display user

Copy Code code as follows:

> Db.auth ("Zyh", "Zyh")
1
> Show Users
2016-06-01t20:32:30.639+0800 E QUERY [Thread1] Error:not authorized on Admin to execute command {usersinfo:1.0}:
_geterrorwithcode@src/mongo/shell/utils.js:25:13
Db.prototype.getusers@src/mongo/shell/db.js:1523:1
Shellhelper.show@src/mongo/shell/utils.js:743:9
Shellhelper@src/mongo/shell/utils.js:650:15
@ (SHELLHELP2): 1:1
> Db.auth ("admin", "admin")
1
> Show Users
{
"_id": "Admin.admin",
"User": "admin",
"DB": "admin",
"Roles": [
{
"Role": "Useradminanydatabase",
"DB": "admin"
}
]
}
{
"_id": "Admin.zyh",
"User": "Zyh",
"DB": "admin",
"Roles": [
{
"Role": "ReadWrite",
"DB": "Zyhdb"
}
]
}

You can also use Db.getusers () to view all users

Use Db.getuser ("user") to query specific information for the specified user

4, modify user information

Copy Code code as follows:

Db.changeuserpassword ("User", "newpwd"), modify password

User: Username

NEWPWD: New Password

Db.updateuser ("user", {roles:[{role: "", DB: ""}]})

Modify user Information

Copy Code code as follows:

Db.grantrolestouser ("User", [{role: "", DB: ""}])

Append role

Copy Code code as follows:

Db.revokerolesfromuser ("User", [{role: "", DB: ""}])

Cancel role

5, delete the user

Db.dropuser ("user") deletes the specified user
Db.dropallusers () Delete all users under current data

Attached: Common built-in role description

Database user roles (roles for each database)

Read permissions to the Non-system collection and read permissions for the following system collection: System.indexes,system.js,system.namespaces
ReadWrite Read and write access to the Non-system collection and read and write permissions on the System.js

Database administration roles (data management roles that each database contains)
Dbadmin the ability to complete administrative tasks, such as schema-related tasks, indexes, and statistical information collection. cannot be used to manage users and roles
Dbowner all the permissions required to manage the database. Contains (permissions for ReadWrite, Dbadmin, useradmin roles)
Useradmin Create and Modify permissions for roles and users in the current database

Cluster Management Role

The Admin database contains the following roles for managing the entire system, not just for a single database
Clusteramin provides maximum permissions for cluster management. Includes permissions for the Clustermanager, Clustermonitor, Hostmanager roles
Clustermanager manages and monitors the cluster and can access the local and config databases.
Clustermonitor Read access to the cluster
Hostmanager Management and health servers

Backup and restore Roles

The Admin database contains the following roles for backing up and restoring data
Backup permissions
Restore Restoration Permissions

All-database roles
The admin data provides the following roles that are valid for all databases.
Readanydatabase provides read access to all databases
Readwriteanydatabase provides write access to all databases
Useradminanydatabase provides administrative rights to all database users
Dbadminanydatabase dbadmin permissions on all databases

Super role

Role description
Root has the highest privileges
Other roles can also customize settings

The above content is small to introduce the MongoDB Quick Start Note (vii) MONGODB user management Operations related knowledge, I hope to help!

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.