In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-29 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >
Share
Shulou(Shulou.com)05/31 Report--
This article mainly introduces the mongodb-based user rights management example analysis, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, the following let the editor take you to understand it.
Start mongodb and connect
. / bin/mongod-f conf/mongod.conf./bin/mongo 127.0.0.1 purl 12345
View the default database situation
> show dbsadmin 0.000GBlocal 0.000GB > use adminswitched to db admin > show tablessystem.version
As you can see, there is nothing but some basic information in the database at present.
Before creating and setting user permissions, take a look at the documentation.
Create a user
# demodb.createUser ({user: "reportsUser", pwd: "12345678", roles: [{role: "read", db: "reporting"}, {role: "read", db: "products"}, {role: "read", db: "sales"}, {role: "readWrite", db: "accounts"}]})
Database built-in role
Database user role
Read (read the specified database)
ReadWrite (read and write specified database)
Database management role
DbAdmin (database administrator)
DbOwner (database owner, merged with readWrite, dbAdmin and userAdmin roles.)
UserAdmin (user administrator who can find the specified database to create, delete and manage users)
Cluster management role
ClusterAdmin (Cluster Administrator)
ClusterManager (Cluster Manager)
ClusterMonitor (collection monitor)
HostManager (host manager)
Backup recovery role
Backup (backup)
Restore (restore)
All database roles
ReadAnyDatabase (read any database)
ReadWriteAnyDatabase (read and write any database)
UserAdminAnyDatabase (user manages any database)
DbAdminAnyDatabase (any database administrator)
Superuser role
Root
Internal role
_ _ system
With the creation syntax and parameter description, let's start the practice.
Note that the account is bound with the database, authorized in that library, and verified (auth) in that library.
Otherwise, it will fail.
Create an account to manage authorized permissions
> db.createUser (. {. User: 'admin',... Pwd: '123456. Roles: [{role: 'userAdminAnyDatabase', db:' admin'}]. }) Successfully added user: {"user": "admin", "roles": [{"role": "userAdminAnyDatabase", "db": "admin"}]}
Then exit the database
> use adminswitched to db admin > db.shutdownServer ()
Restart mongodb and remember to add auth = true to the configuration file mongod.conf
. / bin/mongod-f conf/mongod.conf./bin/mongo 127.0.0.1 conf/mongod.conf./bin/mongo 12345 > show dbs # No authentication, no permission, error will occur "errmsg": "not authorized on admin to execute command > use admin > db.auth ('admin',' 123456')" returns 1 indicates authorization success, 0 indicates failure > show dbs # has been authorized and can be viewed
Create an account with read and write permissions
> use bookswitched to db book > db.createUser (. {... User: 'zhangsan',... Pwd: 'zhangsan',... Roles: [{role: 'read', db:' book'}]. }) Successfully added user: {"user": "zhangsan", "roles": [{"role": "read", "db": "book"}]} > db.createUser (. {. User: 'lisi',... Pwd: 'lisi',... Roles: [{role: 'readWrite', db:' book'}]. }) Successfully added user: {"user": "lisi", "roles": [{"role": "readWrite", "db": "book"}]} > show users {"_ id": "book.lisi", "user": "lisi", "db": "book", "roles": [{"role": "readWrite" "db": "book"}} {"_ id": "book.zhangsan", "user": "zhangsan", "db": "book", "roles": [{"role": "read", "db": "book"}]}
Then verify that the user permissions are correct
> db.book.insert ({book: 'comic book'}) # failed to verify WriteResult ({"writeError": {"code": 13, "errmsg": "not authorized on book to execute command {insert:\" book\ ", documents: [{_ id: ObjectId ('5959b56edcc047dfe5c9b336'), book:\" comic book\ "}], ordered: true}"}) > db.auth (' lisi' 'lisi') 1 > db.book.insert ({book:' comic book'}) WriteResult ({"nInserted": 1}) > db.auth ('zhangsan',' zhangsan') # users cut to zhangsan1 > db.book.find () # you can view {"_ id": ObjectId ("5959b59fdcc047dfe5c9b337"), "book": "comic book"} > db.book.insert ({book: 'choosing days'}) # No write permission Will fail WriteResult ({"writeError": {"code": 13, "errmsg": "not authorized on book to execute command {insert:\" book\ ", documents: [{_ id: ObjectId ('5959b650dcc047dfe5c9b338'), book:\" Nature selection\ "}], ordered: true}"}})
Create a root super privilege account
This super permission includes authorizing and manipulating database collection data, which is relatively simple, as long as role is set to root
> use adminswitched to db admin > db.auth ('admin',' 123456') 1 > db.createUser (. {. User: 'dongsheng',... Pwd: '123456. Roles: [{role: 'root', db:' admin'}]. }) Successfully added user: {"user": "dongsheng", "roles": [{"role": "root", "db": "admin"}]} > db.auth ('dongsheng' '123456') 1 > use bookswitched to db book > db.book.insert ({book:' The Smiling、Proud Wanderer'}) WriteResult ({"nInserted": 1}) > db.book.find () {"_ id": ObjectId ("5959b59fdcc047dfe5c9b337"), "book": "comic book"} {"_ id": ObjectId ("5959b7abdcc047dfe5c9b339"), "book": "The Smiling、Proud Wanderer"} Thank you for reading this article carefully I hope the article "sample Analysis of user Rights Management based on mongodb" shared by the editor will be helpful to you. At the same time, I also hope that you will support and pay attention to the industry information channel. More related knowledge is waiting for you to learn!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 221
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.