MongoDB sets access permissions for users

MongoDB defaults to No access restrictions

Note: Windows-based platforms
MongoDB after the native installation is well-deployed
1. Enter the command: Show DBS, you will find it built with two databases, one named admin, one named Local. Local does not seem to be useful, if the use of the process found the use of the local table, hoping to be able to leave a message to remind, then we focus on the admin table
2. Input command: Use admin, you will find that the DB contains a system.user table, hehe, yes, this table is equivalent to the user table in MSSQL, used to store the Super administrator, then we add a super administrator to it to try
3. Input command: db.adduser (' sa ', ' sa '), here I add a super Admin user, username for Sa,password also SA, that is, we added a super administrator, then we come to test, Let's see if we can connect MongoDB again need not prompt to enter the user name, password, we first exit (CTRL + C)
4. Input command: Use admin
5. Enter the command: Show collections, see all the tables under the library, you will find that MongoDB does not prompt you to enter the user name, password, it is strange, what is the matter? Mentioned at the beginning of the article,
MongoDB default set to No access restrictions, that is, then we set it to require access restrictions, we look at the effect, how to set it?
6. In the registry, locate the MongoDB node, in its imgpath, we modify, add-auth as follows:
"D:\Program files\mongodb\bin\mongod"-dbpath e:\work\data\mongodb\db-logpath E:\work\data\mongodb\log-auth- Service
7. Input command: Use admin
8. Enter the command: Show collections, hehe, we found unable to view the table under the library, prompted: "$err": "Unauthorized db:admin lock Type:-1 client:127.0.0.1", it is clear that Prompt without permission, it seems that the key is here, we start MongoDB, we need to add the-auth parameter, so that we set the permissions to take effect, OK, next we use the user name, password that we just set up to access
9. Input command: Db.auth (' sa ', ' sa '), output a result value of 1, indicating that the user matches, if the user name, password is not correct, will enter 0
10. Enter the command: Show collections, hehe, the results came out, to here, the permissions set also only talk about more than half, and then down, we first exit (CTRL + C)
11. Enter the command: MONGO TestDB, we try to connect to a new library (regardless of whether the library exists, if it does not exist, add data to the library by default, the library is created), and then we want to see the table in that library
12. Enter command: Show collections, guys, no permissions, we enter the username and password created above
13. Enter the command: Db.auth (' sa ', ' sa '), enter the result 0, the user does not exist, this someone may not understand, just before the creation, how can not exist? The reason: When we visit the MongoDB database separately, the user name password is not the Super administrator, but the user in the System.user table of the library, notice, I say here is the case of individual access, what is not alone access situation? Then again, now what, no authority, then we try to add users to the library's System.user table
14. Input command: db.adduser (' Test ', ' 111111 '), wow, still prompt no permissions, this can do, the new database using Super Administrator also can not access, create users do not have permissions, oh, don't worry, then set the Super Administrator user, Then it must have access to all the libraries
15. Input command: Use admin
16. Input command: Db.auth (' sa ', ' sa ')
17. Input command: Use TestDB
18. Input command: Show collections, Haha, all the way, we found that can use Super Administrator user access to other libraries, hehe, this is not alone access to the situation, it is not difficult to find that we are first into the admin library, and then transferred to other libraries, Admin is the equivalent of a top-level official area, if you are a real estate, want to get a big project in the area to do, you want to do without the senior officials, it is not feasible, you need to go to their there, send some courtesy, then down to the place, engineering you can get hands, this speech is only a personal point of view, does not represent the blog park, that is, the project to get hands, will start to build, then we do not have to add a brick, add a tile have to go and that senior officials greet it, so we have to make this project legalized, we have to get the relevant procedures and documents to complete, not to be against the construction
19. Input command: db.adduser (' Test ', ' 111111 '), we add a user to the TestDB library, each time I access the library, I use the user just created, we first exit (CTRL + C)
20. Input command: MONGO TestDB
21. Enter command: Show collections, prompt without permission
22. Input command: Db.auth (' Test ', ' 111111 '), output 1, user present, validation successful
23. Enter command: Show collections, no longer prompt me no permission, congratulations, success
Note: When you need permission to access MongoDB, if you need to see all the libraries in MongoDB, we can only use Super admin privileges, enter the command show DBS to view.

Reprinted from: http://www.jb51.net/article/32090.htm

MongoDB sets access permissions for users