Mongodb用户分为三种
1、全局用户
2、数据库对应用户
3、只读用户
查看所有的数据库
> show dbs admin 0.078GB book_blog 0.078GB local 0.078GB mydb 0.078GB newdb 0.078GB test 0.078GB
查看现有所有的有哪些用户,要切换到admin数据库中
> use admin switched to db admin > db.system.users.find() { "_id" : "admin.root", "user" : "root", "db" : "admin", "credentials" : { "MONGODB-CR" : "1a0f1c3c3aa1d592f490a2addc559383" }, "roles" : [ { "role" : "root", "db" : "admin" } ] } { "_id" : "test.test_user", "user" : "test_user", "db" : "test", "credentials" : { "MONGODB-CR" : "6076b96fc3fe6002c810268702646eec" }, "roles" : [ { "role" : "dbOwner", "db" : "test" } ] } { "_id" : "test.read_only", "user" : "read_only", "db" : "test", "credentials" : { "MONGODB-CR" : "f497e180c9dc0655292fee5893c162f1" }, "roles" : [ { "role" : "read", "db" : "test" } ] } >
创建一个全局用户global_user密码为global123
创建全局用户要切换到admin数据库中
> use admin switched to db admin > db.addUser("global_user","global123") WARNING: The ‘addUser‘ shell helper is DEPRECATED. Please use ‘createUser‘ instead Successfully added user: { "user" : "global_user", "roles" : [ "root" ] }
> db.system.users.find() { "_id" : "admin.root", "user" : "root", "db" : "admin", "credentials" : { "MONGODB-CR" : "1a0f1c3c3aa1d592f490a2addc559383" }, "roles" : [ { "role" : "root", "db" : "admin" } ] } { "_id" : "test.test_user", "user" : "test_user", "db" : "test", "credentials" : { "MONGODB-CR" : "6076b96fc3fe6002c810268702646eec" }, "roles" : [ { "role" : "dbOwner", "db" : "test" } ] } { "_id" : "test.read_only", "user" : "read_only", "db" : "test", "credentials" : { "MONGODB-CR" : "f497e180c9dc0655292fee5893c162f1" }, "roles" : [ { "role" : "read", "db" : "test" } ] } { "_id" : "admin.global_user", "user" : "global_user", "db" : "admin", "credentials" : { "MONGODB-CR" : "cad9c3ca71940e1e57c49dcca9e36f7a" }, "roles" : [ { "role" : "root", "db" : "admin" } ] } >
开启验证权限
停止mongodb
[root@server bin]# /usr/local/mongodb/bin/mongod --dbpath=/data/mongodb_data/data/ --logpath=/data/mongodb_data/logs/mongodb.log --auth --fork
重新登入
[root@server ~]# mongodb MongoDB shell version: 2.6.3 connecting to: test > show dbs 2014-07-23T15:20:16.161+0800 listDatabases failed:{ "ok" : 0, "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }", "code" : 13 } at src/mongo/shell/mongo.js:47 > use admin switched to db admin > show dbs 2014-07-23T15:20:41.848+0800 listDatabases failed:{ "ok" : 0, "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }", "code" : 13 } at src/mongo/shell/mongo.js:47 > db.auth("global_user","global123") 1 > show dbs admin 0.078GB book_blog 0.078GB local 0.078GB mydb 0.078GB newdb 0.078GB test 0.078GB >
创建对应数据库的用户
> use newdb switched to db newdb > db.addUser("new_user","new123") WARNING: The ‘addUser‘ shell helper is DEPRECATED. Please use ‘createUser‘ instead Successfully added user: { "user" : "new_user", "roles" : [ "dbOwner" ] } >
从以下可以看出,在没有授权验证前,是无法访问的
[root@server ~]# mongodb MongoDB shell version: 2.6.3 connecting to: test > show dbs 2014-07-23T15:28:15.546+0800 listDatabases failed:{ "ok" : 0, "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }", "code" : 13 } at src/mongo/shell/mongo.js:47 > use admin switched to db admin > show dbs 2014-07-23T15:28:24.734+0800 listDatabases failed:{ "ok" : 0, "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }", "code" : 13 } at src/mongo/shell/mongo.js:47 > db.auth("new_user","new123") Error: 18 { ok: 0.0, errmsg: "auth failed", code: 18 } 0 > use newdb switched to db newdb > db.auth("new_user","new123")