博客
关于我
MongoDB用户管理
阅读量:151 次
发布时间:2019-02-27

本文共 4298 字,大约阅读时间需要 14 分钟。

用户管理范围

  • 用户名、密码
  • 角色(权限:只读,读写,超管等等)
  • 范围(对哪些库有执行权限)

启用认证

use admin> db.createUser({user:"root",pwd:"root",roles:[{role:"root",db:"admin"}]})Successfully added user: {	"user" : "root",	"roles" : [		{			"role" : "root",			"db" : "admin"		}	]}> db.auth("root","root")1

认证用户创建成功后退出修改mongodb配置文件然后重启

在行尾加入

vim mongod.confsecurity:    authorization: enabled
  • 验证认证用户是否创建成功
    未输入验证用户
mongo> show dbs> show tablesWarning: unable to run listCollections, attempting to approximate collection names by parsing connectionStatus> exit

输入验证用户

[root@localhost conf]# mongo -uroot -proot admin> show dbsadmin   0.000GBconfig  0.000GBlocal   0.000GB
  • 创建一个对test库的只读用户test-read
    用root登录mongodb
> use testswitched to db test> db.createUser({user:"test-read",pwd:"123456",roles:[{role:"read",db:"test"}]})Successfully added user: {	"user" : "test-read",	"roles" : [		{			"role" : "read",			"db" : "test"		}	]}
  • 验证test-read用户是否创建成功
> db.system.users.find(){ "_id" : "admin.root", "userId" : UUID("d0781985-a9ff-454a-bc60-cd4ac45902f8"), "user" : "root", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "PuLTpRJAnK2MdVwBj5KAlw==", "storedKey" : "tejQhliRyhTn+XDwTSO8vfzZJJY=", "serverKey" : "yRw+MD/ryymGrgGbsDNmnt9yYoE=" }, "SCRAM-SHA-256" : { "iterationCount" : 15000, "salt" : "/EeWxFocy/cxdnrD+XZ0Tx+z/FRnZv8ybpJdUg==", "storedKey" : "WjMLjd7zHwIKbyEiM/iaBsOWv75jRPUoN3m/tOONLFo=", "serverKey" : "UcYveQMY/k4TXhr10xBy+voU21kt4Mu3G52BrHDTdsE=" } }, "roles" : [ { "role" : "root", "db" : "admin" } ] }{ "_id" : "test.test-read", "userId" : UUID("6fad7d9d-9987-43a0-8fe5-63937251d9f7"), "user" : "test-read", "db" : "test", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "iiJEuG/mHAnhTjIpGY9jKw==", "storedKey" : "1KVPCa1Qv9rsWE0NHj5GFAxoz3E=", "serverKey" : "yiOmZzS5Y/y/mSyBI2dbjxgVjnI=" }, "SCRAM-SHA-256" : { "iterationCount" : 15000, "salt" : "BiE7N07G0pBdCkThO65OpZTiOoHkLn/tD1aDZg==", "storedKey" : "n+H+kStdlin08wFrqQn2Ab/iqDvYNzMIs2bRnkrVkO8=", "serverKey" : "oEftyIyv8RobzLlHtOPilWusXQdhu1hbnrZgZ2xYh/U=" } }, "roles" : [ { "role" : "read", "db" : "test" } ] }
  • 以test-read用户登录并创建一个test集合
mongo -u"test-read" -p123456 test > db.test.insert({name:"mongo"})WriteCommandError({	"ok" : 0,	"errmsg" : "not authorized on test to execute command { insert: \"test\", ordered: true, lsid: { id: UUID(\"8c9e94c8-d9bf-4378-b9eb-2f811162c374\") }, $db: \"test\" }",	"code" : 13,	"codeName" : "Unauthorized"})
  • 创建一个test库的读写用户
    还是以root用户登录
> use testswitched to db test> db.createUser({user:"test-rw",pwd:"123456",roles:[{role:"readWrite",db:"test"}]})Successfully added user: {	"user" : "test-rw",	"roles" : [		{			"role" : "readWrite",			"db" : "test"		}	]}
  • 退出以test-rw用户登录创建test集合
> db.test.insert({name:"mongo"})WriteResult({ "nInserted" : 1 })> show tablestest> db.test.find(){ "_id" : ObjectId("5f0bd0c96409669331de55cd"), "name" : "mongo" }
  • 再以test-read用户登录查看是否可读
> show tablestest> db.test.find(){ "_id" : ObjectId("5f0bd0c96409669331de55cd"), "name" : "mongo" }
  • 删除用户
    还是以root用户登录
> use testswitched to db test> db.dropUser("test-read")true> use adminswitched to db admin> db.system.users.find(){ "_id" : "admin.root", "userId" : UUID("d0781985-a9ff-454a-bc60-cd4ac45902f8"), "user" : "root", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "PuLTpRJAnK2MdVwBj5KAlw==", "storedKey" : "tejQhliRyhTn+XDwTSO8vfzZJJY=", "serverKey" : "yRw+MD/ryymGrgGbsDNmnt9yYoE=" }, "SCRAM-SHA-256" : { "iterationCount" : 15000, "salt" : "/EeWxFocy/cxdnrD+XZ0Tx+z/FRnZv8ybpJdUg==", "storedKey" : "WjMLjd7zHwIKbyEiM/iaBsOWv75jRPUoN3m/tOONLFo=", "serverKey" : "UcYveQMY/k4TXhr10xBy+voU21kt4Mu3G52BrHDTdsE=" } }, "roles" : [ { "role" : "root", "db" : "admin" } ] }{ "_id" : "test.test-rw", "userId" : UUID("87ced292-7002-4aa8-97f4-51fe2b2092eb"), "user" : "test-rw", "db" : "test", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "fm8yHKrzyzjZYu9z+zoKSA==", "storedKey" : "IGTHdZqX323gaeSubUnArB1CCfY=", "serverKey" : "3CfFP2T4LSxkuoQ43aJQbQiPQwA=" }, "SCRAM-SHA-256" : { "iterationCount" : 15000, "salt" : "sBhYrXGUIhP5M9CtTAiDrsR1Ph+B1RxIlC7xVw==", "storedKey" : "Ml88HbnDzTtt9swZZamPAL9TIWOeKIj7gdoLrTHhh54=", "serverKey" : "AFxnf9A3rQlmr8O5y3sTGID8aMAiHpteOOuFLgVNpP0=" } }, "roles" : [ { "role" : "readWrite", "db" : "test" } ] }

转载地址:http://wgpb.baihongyu.com/

你可能感兴趣的文章
MySQL 中开启二进制日志(Binlog)
查看>>
MySQL 中文问题
查看>>
MySQL 中日志的面试题总结
查看>>
mysql 中的all,5分钟了解MySQL5.7中union all用法的黑科技
查看>>
MySQL 中的外键检查设置:SET FOREIGN_KEY_CHECKS = 1
查看>>
Mysql 中的日期时间字符串查询
查看>>
mysql 中索引的问题
查看>>
MySQL 中锁的面试题总结
查看>>
MySQL 中随机抽样:order by rand limit 的替代方案
查看>>
MySQL 为什么需要两阶段提交?
查看>>
mysql 为某个字段的值加前缀、去掉前缀
查看>>
mysql 主从
查看>>
mysql 主从 lock_mysql 主从同步权限mysql 行锁的实现
查看>>
mysql 主从互备份_mysql互为主从实战设置详解及自动化备份(Centos7.2)
查看>>
mysql 主从关系切换
查看>>
MYSQL 主从同步文档的大坑
查看>>
mysql 主键重复则覆盖_数据库主键不能重复
查看>>
Mysql 事务知识点与优化建议
查看>>
Mysql 优化 or
查看>>
mysql 优化器 key_mysql – 选择*和查询优化器
查看>>