Permissions operation for MongoDB

First, open permission authentication

MongoDB open access authentication under 1.windows

c:\users\administrator>SC Delete MongoDB//original created service delete [SC] DeleteService success if not enabled C:\Users\Administrator " E:\MongoDB\data\db " " E:\MongoDB\data\log\MongoDB.log " -auth--install"MongoDB"//-auth parameter Open permission authentication

Close permission authentication is to remove the auth parameter reboot MongoDB can be

MongoDB open access authentication under 2.Linux

Auth=true can be added to the boot configuration

Second, create the user

Create syntax: CreateUser (before 2.6 version is adduser)

CreateUser parameter {User: "username", pwd: "Password", CustomData: "Description of Current User", Roles:[{role: "Role", DB: "Database corresponding to Role"}]}

There are several database role types built in MongoDB:

1.read Executable Method: Find

2.readWrite Executable Method: Find,update,remove,insert

3.dbAdmin Management Database

4.dbOwner collection of three-in-one permissions

5.userAdmin users of this role can manage users of other roles

Db.createuser ({User:"Test",pwd:123456, Roles:[{role:"Read"Db:"Test"}]})//Create a read-only test user on the test databasesuccessfully added User: {"User":"Test",    "Roles" : [        {            "role":"Read",            "DB":"Test"}]}[c:\~]$ Mongo-u Test-p123456 //Exit and log in with the account you just createdMongoDB Shell version:2.6.5Connecting To:test//connect to test by defaultShow DBS//Show database is rejected -- the-17T12:Geneva:20.445+0800listdatabases failed:{"OK":0,    "errmsg":"Not authorized on Admin to execute command {listdatabases:1.0}",    "Code": -} at SRC/mongo/shell/mongo.js: -Show Tables//Display the table on the test database is allowedlocallocaltestsystem.indexessystem.profileuser3_collection

Third, create the role

To create a format:

Db.createrole ({
Role: "Character name",
privileges:[
{resource:{db: "Database Name", collection: "The collection name is not filled is any collection"},actions:["Permission Name"}
],
Roles:[]
})

>Db.createrole ({role:"Profile_find", privileges:[{resource:{db:"Test", collection:"System.profile"},actions:["Find"]}], roles:[]}) {"role":"Profile_find",        "Privileges" : [                {                        "Resource" : {                                "DB":"Test",                                "Collection":"System.profile"                        },                        "Actions" : [                                "Find"                        ]                }        ],        "Roles" : [ ]}

Permissions operation for MongoDB