MongoDB does not turn on authentication by default, so long as the client program can access the MongoDB server, it can connect to it.
<span style= "FONT-SIZE:18PX;" >mongoclient mongoclient = new Mongoclient ("182.92.229.156", 27017); You do not need a user password to connect. </span>However, in the production environment, it is generally necessary to turn on authorization authentication, only authorized users can connect to MongoDB, to allow access to the relevant resources, namely: User-Role-resources ~ This mode and other relational database permissions mode basically consistent, here do not do too much explanation.
To turn on authentication mode, first modify the MongoDB configuration file:/etc/mongod.conf (the path may be different from me ~)
To modify the configuration:
# Turn on/off security. OFF is currently the default #noauth =true auth=true #这个就是开启认证的配置
Restart MongoDB after opening to take effect:
sudo service mongod restart
It is important to note that before enabling authentication mode, you need to create an administrator user in MongoDB that does not provide the default user.
The following describes how to create an administrator user:
1, first switch to the admin database, the role of this library is used to store all the authorized users in MongoDB, the default this library does not exist, we first switch over, in use when it will be automatically created.
Use admin;
Successful switchover will show switched to DB admin
Db.createuser ({
"user": "Dbadmin",
"pwd": "123456",
"roles": [
{role: "Useradminanydatabase", DB: " Admin "},
{role:" Readwriteanydatabase ", DB:" admin "}
]},
{w:" Majority ", wtimeout:5000}
);Roles can have multiple settings:
"Roles": [
{role: "Useradminanydatabase", DB: "Admin"},
{role: "Readwriteanydatabase", DB: "admin"}
]},For example I set role: "ReadWrite", DB: "MyDB" then this user can only be in MyDB this database has read and write permissions.
But MongoDB provides several global database roles, such as the above
Useradminanydatabase, Readwriteanydatabase
Note that after the anddatabase, if this role is set, it means that the role is valid for all databases, although it sets the db: "admin".
After the system administrator user is set up, we can open the authentication mode in MongoDB, and then enter the MongoDB client in the mode of opening:
[Root@iz25ce2pyrlz ~]# MONGO MongoDB shell version:3.0.6 connecting to:test >
Switched to DB adminUse admin;
The second step is identity authentication:
Db.auth ("Dbadmin", "123456");
We can take a look at the system users:
<span style= "FONT-SIZE:18PX;" >db.system.users.find () </span>
{"_id": "Admin.dbadmin", "User": "Dbadmin", "db": "admin", "credentials": {"Scram-sha-1": {"IterationCount": 1000 0, "salt": "nuymhdgcmc4kxcghsaahbw==", "Storedkey": "widdwwncu5a88r5osix4bhdml0w=", "Serverkey": " 0jppriqexmndh3ij8rwygyj5rgq= "}}," Roles ": [{" Role ":" Useradminanydatabase "," db ":" Admin "}, {" Role ":" Readwritea Nydatabase "," db ":" Admin "}]}Then we can set up the authorized users in the specific data.
Db.createuser ({
"user": "MyDB",
"pwd": "MyDB",
"roles": [
{role: "ReadWrite", DB: "MyDB"}
]},
{w: "Majority", wtimeout:5000}
);Mongoclienturi connectionString = new Mongoclienturi ("mongodb://mydb:mydb@ your ip/?authsource=mydb&authmechanism= Scram-sha-1 ");
Mongoclient mongoclient = new Mongoclient (connectionString);The URL above configures the user name and password and the database to which you want to connect.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
