mongodb用户管理
2016-02-15 00:00
627 查看
摘要: mongodb用户管理
MongoDB3.0权限,啥都不说了,谷歌百度出来的全是错的。先安装好盲沟,简单的没法说。
首先,不使用 –auth 参数,启动 mongoDB:
mongodb-linux-i686-3.0.0/bin/mongod -f mongodb-linux-i686-3.0.0/mongodb.conf
此时你 show dbs 会看到只有一个local数据库,那个所谓的admin是不存在的。
mongoDB 没有炒鸡无敌用户root,只有能管理用户的用户 userAdminAnyDatabase。
打开 mongo shell:
mongodb-linux-i686-3.0.0/bin/mongo
添加管理用户:
use admin
db.createUser(
{
user: "buru",
pwd: "12345678",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
roles 中的 db 参数是必须的,不然会报错:Error: couldn’t add user: Missing expected field “db”。另外,有很
多文章记录的是使用 db.addUser(…) 方法,这个方法是旧版的,3.0中已经不存在,详见:http://docs.mongodb.org/manual/reference/method/js-user-management。
切换到admin下,查看刚才创建的用户:
show users
或
db.system.users.find()
{ "_id" : "admin.buru", "user" : "buru", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "gwVwuA/dXvxgSHavEnlyvA==", "storedKey" : "l2QEVTEujpkCuqDEKqfIWbSv4ms=", "serverKey" : "M1ofNKXg2sNCsFrBJbX4pXbSgvg=" } }, "roles" : [ { "role" : "userAdminAnyDatabase", "db" : "admin" } ] }
怎么关闭 mongoDB?千万不要 kill -9 pid,可以 kill -2 pid 或 db.shutdownServer()
下面使用 –auth 参 数,重新启动 mongoDB:
mongodb-linux-i686-3.0.0/bin/mongod --auth -f mongodb-linux-i686-3.0.0/mongodb.conf
再次打开 mongo shell:
mongodb-linux-i686-3.0.0/bin/mongo
use admin
db.auth("buru","12345678") #认证,返回1表示成功
或
mongodb-linux-i686-3.0.0/bin/mongo -u buru -p 12345678 --authenticationDatabase admin
此时
show collections
报错
2015-03-17T10:15:56.011+0800 E QUERY Error: listCollections failed: {
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { listCollections: 1.0 }",
"code" : 13
}
at Error (<anonymous>)
at DB._getCollectionInfosCommand (src/mongo/shell/db.js:643:15)
at DB.getCollectionInfos (src/mongo/shell/db.js:655:20)
at DB.getCollectionNames (src/mongo/shell/db.js:666:17)
at shellHelper.show (src/mongo/shell/utils.js:625:12)
at shellHelper (src/mongo/shell/utils.js:524:36)
at (shellhelp2):1:1 at src/mongo/shell/db.js:643
因为,用户buru只有用户管理的权限。
下面创建用户,用户都跟着库走,创建的用户都是
use tianhe
db.createUser(
{
user: "bao",
pwd: "12345678",
roles: [
{ role: "readWrite", db: "tianhe" },
{ role: "read", db: "tianhe2" }
]
}
)
查看刚刚创建的用户。
show users
{
"_id" : "tianhe.bao",
"user" : "bao",
"db" : "tianhe",
"roles" : [
{
"role" : "readWrite",
"db" : "tianhe"
},
{
"role" : "read",
"db" : "tianhe2"
}
]
}
查看整个mongoDB全部的用户:
use admin
db.system.users.find()
{ "_id" : "admin.buru", "user" : "buru", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "gwVwuA/dXvxgSHavEnlyvA==", "storedKey" : "l2QEVTEujpkCuqDEKqfIWbSv4ms=", "serverKey" : "M1ofNKXg2sNCsFrBJbX4pXbSgvg=" } }, "roles" : [ { "role" : "userAdminAnyDatabase", "db" : "admin" } ] }
{ "_id" : "tianhe.bao", "user" : "bao", "db" : "tianhe", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "//xy1V1fbqEHC1gzQqZHGQ==", "storedKey" : "ZS/o54zzl/FdcXLQJ98KdAVTfF0=", "serverKey" : "iIpNYz2Gk8KhyK3zgz6muBt0PI4=" } }, "roles" : [ { "role" : "readWrite", "db" : "tianhe" }, { "role" : "read", "db" : "tianhe2" } ] }
创建完毕,验证一下:
use buru
show collections
2015-03-17T10:30:06.461+0800 E QUERY Error: listCollections failed: {
"ok" : 0,
"errmsg" : "not authorized on buru to execute command { listCollections: 1.0 }",
"code" : 13
}
at Error (<anonymous>)
at DB._getCollectionInfosCommand (src/mongo/shell/db.js:643:15)
at DB.getCollectionInfos (src/mongo/shell/db.js:655:20)
at DB.getCollectionNames (src/mongo/shell/db.js:666:17)
at shellHelper.show (src/mongo/shell/utils.js:625:12)
at shellHelper (src/mongo/shell/utils.js:524:36)
at (shellhelp2):1:1 at src/mongo/shell/db.js:643
`
显然没权限,先auth:
db.auth("bao","12345678")
1
show collections
news
system.indexes
wahaha
完毕!
mongoDB 3.0 安全权限访问控制
mongoDB 3.0 安全权限访问控制MongoDB3.0权限,啥都不说了,谷歌百度出来的全是错的。先安装好盲沟,简单的没法说。
首先,不使用 –auth 参数,启动 mongoDB:
mongodb-linux-i686-3.0.0/bin/mongod -f mongodb-linux-i686-3.0.0/mongodb.conf
此时你 show dbs 会看到只有一个local数据库,那个所谓的admin是不存在的。
mongoDB 没有炒鸡无敌用户root,只有能管理用户的用户 userAdminAnyDatabase。
打开 mongo shell:
mongodb-linux-i686-3.0.0/bin/mongo
添加管理用户:
use admin
db.createUser(
{
user: "buru",
pwd: "12345678",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
roles 中的 db 参数是必须的,不然会报错:Error: couldn’t add user: Missing expected field “db”。另外,有很
多文章记录的是使用 db.addUser(…) 方法,这个方法是旧版的,3.0中已经不存在,详见:http://docs.mongodb.org/manual/reference/method/js-user-management。
切换到admin下,查看刚才创建的用户:
show users
或
db.system.users.find()
{ "_id" : "admin.buru", "user" : "buru", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "gwVwuA/dXvxgSHavEnlyvA==", "storedKey" : "l2QEVTEujpkCuqDEKqfIWbSv4ms=", "serverKey" : "M1ofNKXg2sNCsFrBJbX4pXbSgvg=" } }, "roles" : [ { "role" : "userAdminAnyDatabase", "db" : "admin" } ] }
怎么关闭 mongoDB?千万不要 kill -9 pid,可以 kill -2 pid 或 db.shutdownServer()
下面使用 –auth 参 数,重新启动 mongoDB:
mongodb-linux-i686-3.0.0/bin/mongod --auth -f mongodb-linux-i686-3.0.0/mongodb.conf
再次打开 mongo shell:
mongodb-linux-i686-3.0.0/bin/mongo
use admin
db.auth("buru","12345678") #认证,返回1表示成功
或
mongodb-linux-i686-3.0.0/bin/mongo -u buru -p 12345678 --authenticationDatabase admin
此时
show collections
报错
2015-03-17T10:15:56.011+0800 E QUERY Error: listCollections failed: {
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { listCollections: 1.0 }",
"code" : 13
}
at Error (<anonymous>)
at DB._getCollectionInfosCommand (src/mongo/shell/db.js:643:15)
at DB.getCollectionInfos (src/mongo/shell/db.js:655:20)
at DB.getCollectionNames (src/mongo/shell/db.js:666:17)
at shellHelper.show (src/mongo/shell/utils.js:625:12)
at shellHelper (src/mongo/shell/utils.js:524:36)
at (shellhelp2):1:1 at src/mongo/shell/db.js:643
因为,用户buru只有用户管理的权限。
下面创建用户,用户都跟着库走,创建的用户都是
use tianhe
db.createUser(
{
user: "bao",
pwd: "12345678",
roles: [
{ role: "readWrite", db: "tianhe" },
{ role: "read", db: "tianhe2" }
]
}
)
查看刚刚创建的用户。
show users
{
"_id" : "tianhe.bao",
"user" : "bao",
"db" : "tianhe",
"roles" : [
{
"role" : "readWrite",
"db" : "tianhe"
},
{
"role" : "read",
"db" : "tianhe2"
}
]
}
查看整个mongoDB全部的用户:
use admin
db.system.users.find()
{ "_id" : "admin.buru", "user" : "buru", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "gwVwuA/dXvxgSHavEnlyvA==", "storedKey" : "l2QEVTEujpkCuqDEKqfIWbSv4ms=", "serverKey" : "M1ofNKXg2sNCsFrBJbX4pXbSgvg=" } }, "roles" : [ { "role" : "userAdminAnyDatabase", "db" : "admin" } ] }
{ "_id" : "tianhe.bao", "user" : "bao", "db" : "tianhe", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "//xy1V1fbqEHC1gzQqZHGQ==", "storedKey" : "ZS/o54zzl/FdcXLQJ98KdAVTfF0=", "serverKey" : "iIpNYz2Gk8KhyK3zgz6muBt0PI4=" } }, "roles" : [ { "role" : "readWrite", "db" : "tianhe" }, { "role" : "read", "db" : "tianhe2" } ] }
创建完毕,验证一下:
use buru
show collections
2015-03-17T10:30:06.461+0800 E QUERY Error: listCollections failed: {
"ok" : 0,
"errmsg" : "not authorized on buru to execute command { listCollections: 1.0 }",
"code" : 13
}
at Error (<anonymous>)
at DB._getCollectionInfosCommand (src/mongo/shell/db.js:643:15)
at DB.getCollectionInfos (src/mongo/shell/db.js:655:20)
at DB.getCollectionNames (src/mongo/shell/db.js:666:17)
at shellHelper.show (src/mongo/shell/utils.js:625:12)
at shellHelper (src/mongo/shell/utils.js:524:36)
at (shellhelp2):1:1 at src/mongo/shell/db.js:643
`
显然没权限,先auth:
db.auth("bao","12345678")
1
show collections
news
system.indexes
wahaha
完毕!
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 分享微信开发Html5轻游戏中的几个坑
- 如何在 Fedora 上安装 MongoDB 服务器
- PHP添加yaf xhprof mongodb 同理
- mongodb安装
- 如何在 Ubuntu 上安装 MongoDB
- 信息安全聚合 Sec-News 的重构之路
- perl操作MongoDB报错undefined symbol: HeUTF8解决方法
- C#中使用1.7版本驱动操作MongoDB简单例子
- MongoDB系列教程(四):设置用户访问权限
- php实现的mongodb操作类实例
- 解决mongodb在ubuntu下启动失败,提示couldn‘t remove fs lock errno:9 Bad file descriptor的错误
- 在PostgreSQL的基础上创建一个MongoDB的副本的教程
- 用户管理的备份(一致性备份、非一致性备份、脱机备份、联机备份)
- 关于mongoose连接mongodb重复访问报错的解决办法
- java操作mongodb示例分享
- mysql命令行下用户管理方法分享
- php对mongodb的扩展(初出茅庐)
- 作为PHP程序员应该了解MongoDB的五件事
- 基于MySQL到MongoDB简易对照表的详解
- MongoDB入门教程之C#驱动操作实例