First, open permission authentication
MongoDB open access authentication under 1.windows
c:\users\administrator>SC Delete MongoDB//original created service delete [SC] DeleteService success if not enabled C:\Users\Administrator " E:\MongoDB\data\db " " E:\MongoDB\data\log\MongoDB.log " -auth--install"MongoDB"//-auth parameter Open permission authentication
Close permission authentication is to remove the auth parameter reboot MongoDB can be
MongoDB open access authentication under 2.Linux
Auth=true can be added to the boot configuration
Second, create the user
Create syntax: CreateUser (before 2.6 version is adduser)
CreateUser parameter {User: "username", pwd: "Password", CustomData: "Description of Current User", Roles:[{role: "Role", DB: "Database corresponding to Role"}]}
There are several database role types built in MongoDB:
1.read Executable Method: Find
2.readWrite Executable Method: Find,update,remove,insert
3.dbAdmin Management Database
4.dbOwner collection of three-in-one permissions
5.userAdmin users of this role can manage users of other roles
Db.createuser ({User:"Test",pwd:123456, Roles:[{role:"Read"Db:"Test"}]})//Create a read-only test user on the test databasesuccessfully added User: {"User":"Test", "Roles" : [ { "role":"Read", "DB":"Test"}]}[c:\~]$ Mongo-u Test-p123456 //Exit and log in with the account you just createdMongoDB Shell version:2.6.5Connecting To:test//connect to test by defaultShow DBS//Show database is rejected -- the-17T12:Geneva:20.445+0800listdatabases failed:{"OK":0, "errmsg":"Not authorized on Admin to execute command {listdatabases:1.0}", "Code": -} at SRC/mongo/shell/mongo.js: -Show Tables//Display the table on the test database is allowedlocallocaltestsystem.indexessystem.profileuser3_collection
Third, create the role
To create a format:
Db.createrole ({
Role: "Character name",
privileges:[
{resource:{db: "Database Name", collection: "The collection name is not filled is any collection"},actions:["Permission Name"}
],
Roles:[]
})
>Db.createrole ({role:"Profile_find", privileges:[{resource:{db:"Test", collection:"System.profile"},actions:["Find"]}], roles:[]}) {"role":"Profile_find", "Privileges" : [ { "Resource" : { "DB":"Test", "Collection":"System.profile" }, "Actions" : [ "Find" ] } ], "Roles" : [ ]}
Permissions operation for MongoDB