MongoDB set access permissions for the user _mongodb

MongoDB has been in use for a long time, and the MongoDB data store has not been used for permission access (MongoDB default is set to unrestricted access restrictions), and today it took a little time to study, the results of the study are as follows:

Note: Research results based on Windows platform
MongoDB after the native installation is deployed
1. Input command: Show DBS, you will find that it has two databases built in, one named admin, one named Local. Local does not seem to have any use, if the use of the process to find the purpose of this local table, I hope to be able to message reminders, then we focus on the admin table
2. Input command: Use admin, you will find that the DB contains a system.user table, oh, yes, this table is equivalent to MSSQL in the user table, used to store the Super administrator, then we will add a super administrator to try
3. Input command: db.adduser (' sa ', ' sa '), here I add a super Admin user, username for Sa,password also for SA, that is, if we add Super admin, then let's test it, Let's see if we can connect again MongoDB need not prompt to enter username, password, we exit first (CTRL + C)
4. Input command: Use admin
5. Input command: Show collections, view all the tables under the library, you will find that MongoDB did not prompt you to enter the username, password, it is strange, this is how it? At the beginning of the article it was mentioned that
MongoDB default is set to no permission access restrictions, that is, then we set it to require permission access restrictions, we see the effect, how to set it?
6. In the registry, find the MongoDB node, in its imgpath, we modify, add-auth, as follows:
"D:\Program files\mongodb\bin\mongod"-dbpath e:\work\data\mongodb\db-logpath E:\work\data\mongodb\log-auth- Service
7. Input command: Use admin
8. Input command: Show collections, hehe, we found that the table under the library can not be viewed, prompted: "$err": "Unauthorized db:admin lock Type:-1 client:127.0.0.1", it is obvious that Hint does not have permissions, it seems that the key is here, we start MongoDB, we need to add-auth parameters, so that we can set the permissions to take effect, OK, next we use the user name and password set up just now to access
9. Input command: Db.auth (' sa ', ' sa '), output a result value of 1, indicating that the user matching, if the user name, password is not correct, will enter 0
10. Input command: Show collections, oh, the result came out, here, permission settings only talked about half, and then down, we first exit (CTRL + C)
11. Input command: MONGO TestDB, we try to connect to a new library (whether or not the library exists, if it does not exist, add data to the library, the library will be created by default), and then we want to look at the table in the library
12. Input command: Show collections, Boy, no permission, we enter the username and password created above
13. Input command: Db.auth (' sa ', ' sa '), enter the result 0, the user does not exist, this person may not understand, just before the creation, how can not exist? The reason is: when we access the MongoDB database alone, the user name password is not a super administrator, but the user in the System.user table of the library, notice that I am talking about the situation of the individual visit, what is not a separate access situation? And then, now, without permission, we try to add users to the System.user table of the library.
14. Input command: db.adduser (' Test ', ' 111111 '), wow, still hint does not have permission, this can do, the new database using Super Administrator also can not access, create users do not have permissions, oh, do not worry, then set up a super administrator users, Then it must have access to all the libraries.
15. Input command: Use admin
16. Input command: Db.auth (' sa ', ' sa ')
17. Input command: Use TestDB
18. Input command: Show collections, Haha, all the way, we found that we can use Super administrator access to other libraries, oh, this is not a separate access to the situation, it is not difficult to find, we are first into the admin library, and then transferred to other libraries, Admin is equivalent to a top level official area, if you are a property developer, want to do a big project in the place, you want to do without the senior officials, it is not workable, you need to go to them first, send a gift, then down to the place, the project you can get the hand, this statement is only a personal point of view, does not represent the blog Park; that is, the project to get the hand, we will start to build, then we do not have every brick, add a tile to go with the senior officials to greet it, so we have to legalize the project, we have to make the relevant formalities and documents complete, not against the building
19. Input command: db.adduser (' Test ', ' 111111 '), we add a user to the TestDB library, each time we visit the library, I use the user just created, we first exit (CTRL + C)
20. Input command: MONGO TestDB
21. Input command: Show collections, prompt does not have permission
22. Input command: Db.auth (' Test ', ' 111111 '), output result 1, user exists, verify successful
23. Input command: Show collections, no further prompts I do not have permission, congratulations, success
Note: When you need to use permissions to access MongoDB, if you need to view all the libraries in MongoDB, we can only view them by entering the command show DBS via Super admin privileges.