How to put username &password in MongoDB(Security&Authentication)?(配置用户认证在MongoDB)

Default do not need username and password authenticate when access mongoDB ,I want to set up the user name & password for my mongoDB. so that any remote access will ask for the user name & password. one way is following:

Shutdown Server and exit
Restart Mongod with –auth option or using config file.

tip:
The username & password will work the same for mongodump and mongoexport.

[mongo@db231 bin]$ mongo
MongoDB shell version: 2.6.0
connecting to: test
> dbs
2014-04-30T15:38:24.804+0800 ReferenceError: dbs is not defined
> show dbs
admin  (empty)
local  0.078GB
test   0.078GB
> use admin
switched to db admin
> db.addUser('root','mongo');
WARNING: The 'addUser' shell helper is DEPRECATED. Please use 'createUser' instead
Successfully added user: { "user" : "root", "roles" : [ "root" ] }

> db
admin
> show dbs
2014-04-30T15:46:32.070+0800 listDatabases failed:{
        "ok" : 0,
        "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
        "code" : 13
} at src/mongo/shell/mongo.js:47
> 

[mongo@db231 bin]$ mongo 
MongoDB shell version: 2.6.0
connecting to: test
Error while trying to show server startup warnings: not authorized on admin to execute command { getLog: "startupWarnings" }
> use admin
switched to db admin
> show collections;
2014-04-30T15:48:02.980+0800 error: {
        "$err" : "not authorized for query on admin.system.namespaces",
        "code" : 13
} at src/mongo/shell/query.js:131
> db.auth('root','mongo');
1
> show collections;
system.indexes
system.users
system.version
> db.system.users.find();
{ "_id" : "admin.root", "user" : "root", "db" : "admin", "credentials" : { "MONGODB-CR" : "7bc9aa6753e5241290fd85fece372bd8" }, "roles" : [ { "role" : "root", "db" : "admin" } ] 

}

TIP:
Deprecated since version 2.6: Use db.createUser() and db.updateUser() instead of db.addUser() to add users to MongoDB.



db.createUser( { "user" : "anbob",
                 "pwd": "mongo",                
                 "roles" : [ { role: "clusterAdmin", db: "admin" },
                             { role: "readAnyDatabase", db: "admin" },
                             "readWrite"
                             ] },
               { w: "majority" , wtimeout: 5000 } )


> use test
switched to db test
> db.createUser( { "user" : "anbob",
...                  "pwd": "mongo",                
...                  "roles" : [ { role: "clusterAdmin", db: "admin" },
...                              { role: "readAnyDatabase", db: "admin" },
...                              "readWrite"
...                              ] },
...                { w: "majority" , wtimeout: 5000 } );
Successfully added user: {
        "user" : "anbob",
        "roles" : [
                {
                        "role" : "clusterAdmin",
                        "db" : "admin"
                },
                {
                        "role" : "readAnyDatabase",
                        "db" : "admin"
                },
                "readWrite"
        ]
}

> show collections
fs.chunks
fs.files
system.indexes
testtab
> use admin
switched to db admin
> db.system.users.find();
{ "_id" : "admin.root", "user" : "root", "db" : "admin", "credentials" : { "MONGODB-CR" : "7bc9aa6753e5241290fd85fece372bd8" }, "roles" : [ { "role" : "root", "db" : "admin" } ] 

}
{ "_id" : "test.anbob", "user" : "anbob", "db" : "test", "credentials" : { "MONGODB-CR" : "870c3c636f8f34ab73c5974df971190f" }, "roles" : [ { "role" : "clusterAdmin", "db" : 

"admin" }, { "role" : "readAnyDatabase", "db" : "admin" }, { "role" : "readWrite", "db" : "test" } ] }
> exit


[mongo@db231 bin]$ mongo
MongoDB shell version: 2.6.0
connecting to: test
Error while trying to show server startup warnings: not authorized on admin to execute command { getLog: "startupWarnings" }
> db.auth('anbob','mongo');
1
> show collections;
fs.chunks
fs.files
system.indexes
testtab

> use test
switched to db test
> db.auth('root','mongo')
Error: 18 { ok: 0.0, errmsg: "auth failed", code: 18 }
0
> db.auth('anbob','mongo')
1



[root@db231 log]# vi /etc/mongodb.conf 

# mongodb.conf

# Where to store the data.
# Note: if you run mongodb as a non-root user (recommended) you may
# need to create and set permissions for this directory manually,
# e.g., if the parent directory isn't mutable by the mongodb user.
dbpath=/data/db

#where to log
logpath=/var/log/mongodb/mongodb.log

logappend=true


# Turn on/off security. Off is currently the default
#noauth = true
auth = true

fork = true
bind_ip = 192.168.168.231
port = 27017
quiet = true
journal = true

[mongo@db231 bin]$ mongod --shutdown
killing process with pid: 4227
[mongo@db231 bin]$ mongod --config /etc/mongodb.conf 
about to fork child process, waiting until server is ready for connections.
forked process: 4867
child process started successfully, parent exiting
[mongo@db231 bin]$ ps -ef|grep mongo|grep -v grep
root      3873  3839  0 10:32 pts/2    00:00:00 su - mongo
mongo     3874  3873  0 10:32 pts/2    00:00:00 -bash
mongo     4867     1  0 16:17 ?        00:00:00 mongod --config /etc/mongodb.conf
mongo     4879  3874  0 16:18 pts/2    00:00:00 ps -ef


[mongo@db231 bin]$ mongo 192.168.168.231/test -u anbob -p mongo
MongoDB shell version: 2.6.0
connecting to: 192.168.168.231/test
> db
test


Recommend MongoDB Client:
Robomongo and UMongo

Nosql

对不起,这篇文章暂时关闭评论。

 
posted @ 2014-07-02 20:13  seasonzone  阅读(773)  评论(0编辑  收藏  举报