mongoDB安全认证
来源:互联网 发布:js array to json 编辑:程序博客网 时间:2024/05/16 07:16
mongoDB的用户
- 为了更安全的访问mongodb,需要访问者提供用户名和密码,于是需要在mongodb中创建用户
- 采用了角色-用户-数据库的安全管理方式
- 常用系统角色如下:
- root:只在admin数据库中可用,超级账号,超级权限
- Read:允许用户读取指定数据库
- readWrite:允许用户读写指定数据库
查看当前数据库的用户
进入某个数据库,show users
#查看admin下的user>use admin> show users{"_id" : "admin.admin","user" : "admin","db" : "admin","roles" : [{"role" : "root","db" : "admin"}]}
查看所有的用户
所有用户存放在admin下的system.users中。
#需要创建用户,才有system.users表 >use admin> show collectionssystem.userssystem.version> db.system.users.find().pretty(){ "_id" : "admin.admin", "user" : "admin", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "Y6bNta3VDUJqk4xjQ0Vl2Q==", "storedKey" : "qEmqVlt9RrhCI7YlVbFexFD/KRY=", "serverKey" : "VW8aXgrus5gnIS91ctZtPkQ5Zbw=" } }, "roles" : [ { "role" : "root", "db" : "admin" } ]}{ "_id" : "student.student", "user" : "student", "db" : "student", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "r/47HvEW/Zl3DVABKhqkRw==", "storedKey" : "XpU9+rFnY9GNvHCPHehUJd0sOEY=", "serverKey" : "V5FhopPRzL5/l7daXcxYFhQp73g=" } }, "roles" : [ { "role" : "read", "db" : "student" } ]}{ "_id" : "student.studentW", "user" : "studentW", "db" : "student", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "ida3QywWsTAhjCd+cLOfvA==", "storedKey" : "+YOrrJus5SCPZQ4zYxWXjMs/agA=", "serverKey" : "o/mXTlmQW6umnRhNUHSTDBUiccM=" } }, "roles" : [ { "role" : "readWrite", "db" : "student" } ]}
创建超级管理用户
#进入admin数据库> use adminswitched to db admin> show collectionssystem.version> db.createUser({... user:'admin',... pwd:'123',... roles:[{role:'root',db:'admin'}]... })Successfully added user: {"user" : "admin","roles" : [{"role" : "root","db" : "admin"}]}> show users{"_id" : "admin.admin","user" : "admin","db" : "admin","roles" : [{"role" : "root","db" : "admin"}]}
创建只读用户
#进入student数据库,创建一个只对student有读权限的用户> use studentswitched to db student> db.createUser({... user:'student',... pwd:'123',... roles:[{role:'read',db:'student'}]... })Successfully added user: {"user" : "student","roles" : [{"role" : "read","db" : "student"}]}> show users{"_id" : "student.student","user" : "student","db" : "student","roles" : [{"role" : "read","db" : "student"}]}
创建读写用户
#进入student数据库,创建一个只对student读写权限的用户>use studet> db.createUser({... user:'studentW',... pwd:'123',... roles:[{role:'readWrite',db:'student'}]... })Successfully added user: {"user" : "studentW","roles" : [{"role" : "readWrite","db" : "student"}]}
启用安全认证
- 修改配置文件,启用身份验证
sudo vi /etc/mongodb.conf#添加auth = true
- 重启服务
sudo service mongod stopsudo service mongod start
- 终端连接
#mongo --help#管理员mongo -u 'admin' -p '123' --authenticationDatabase 'admin'#普通用户mongo -u student -p 123 --authenticationDatabase student
- 认证失败
MongoDB shell version v3.4.0connecting to: mongodb://127.0.0.1:27017MongoDB server version: 3.4.02017-09-14T15:43:52.639+0800 E QUERY [main] Error: Authentication failed. :DB.prototype._authOrThrow@src/mongo/shell/db.js:1459:20@(auth):6:1@(auth):1:2exception: login failed
用户管理
- 修改用户:可以修改pwd、roles属性
use studentdb.updateUser( 'student', {pwd:'12345'}, {roles:[{role:'read',db:'student'}]})
- 删除用户
use studentdb.dropUser('student')
阅读全文
0 0
- mongoDB安全认证机制
- mongodb 安全认证
- Mongodb用户安全认证
- mongoDB安全认证
- mongodb管理与安全认证
- mongodb学习2-安全认证
- mongodb管理与安全认证
- mongodb用户安全认证详解
- MongoDB安全及身份认证
- MongoDB安全及身份认证
- 关于MongoDB安全认证authorize
- MongoDB的安全与认证
- MongoDB:9-MongoDB的安全和认证
- mongoDB安全认证和php安全处理
- mongoDB学习笔记2--安全认证
- Mongodb安全认证及java调用
- MongoDB 开启安全认证及创建用户
- 10、Mongodb的用户认证和数据库的安全
- 9.14(周四)
- 461. Hamming Distance
- 经典SQL语句大全
- 常用字符与ASCII代码对照表
- day04_android入门
- mongoDB安全认证
- bzoj 2806 多个串匹配
- matlab find函数详解
- JavaScript-1-4:数据类型转换
- 将wierface标注转换为VOC格式
- [leetcode-1] Two sum
- Java基础部分第六节
- spring boot http调用其他服务并解析
- 利用git将网站上传到GitHub做静态服务器