Shulou(Shulou.com)06/01 Report--

1. Start the MongoDB service without access control

Sudo service mongod start

2. Connect to the instance

Mongo-port 27017

Specify additional command line options to connect Mongo shell to the deployment Mongodb server, such as-- host

3. The created user administrator

Use admin

Db.createUser (

{

User: "myUserAdmin"

Pwd: "abc123"

Roles: [{role: "userAdminAnyDatabase", db: "admin"}]

}

)

4. Restart the MongoDB instance and enable access control

1. Restart the mongod instance. If you use the settings of the configuration file, security.authorization:

Vi / etc/mongod.conf

Modify the content:

Security:

Authorization: enabled

2. Note: spaces must be added between keys and values, otherwise the parsing will report an error

Restart the service:

Sudo service mongod start

5. User administrator authentication

1. Authorize when creating a connection mongo shell. Specify-u,-p, and the-- authenticationDatabase

Mongo-port 27017-u "myUserAdmin"-p "abc123"-authenticationDatabase "admin"

2. Mongo shell connection is not authenticated and db.auth () authorization is used.

Use admin

Db.auth ("myUserAdmin", "abc123")

-after the server starts authentication, how to add users-

1. Start the access control of MongoDB instance

Start the mongod instance AUTH command line option, if you use the settings of the configuration file, security.authorization.

Sudo service mongod start

2. Connect the MongoDB instance through localhost exception

Add the first user, using Localhost Exception, to connect to a mongod instance. Mongo shell and mongod instances must be run from the same host

3. Create users in the same way as above

-Security access for ordinary users-

1. Start MongoDB

Service mongod start

2. Open MongoDB shell again

1. Mongo-port 27017-u "myUserAdmin"-p "abc123"-authenticationDatabase "admin"

2 、 mongo

Use admin

Db.auth ("myUserAdmin", "abc123")

3. Show collections: error report

Because the user myUserAdmin only uses the user's administrative rights

3. Create users, and users follow the database

Create a user for myuseradmin myUserAdmin in the admin database

Use admin

Db.createUser (

{

User: "myUserAdmin"

Pwd: "abc123"

Roles: [{role: "userAdminAnyDatabase", db: "admin"}]

}

)

4. View the user you just created

Show users

5. View all users of the entire MongoDB

Use admin

Db.system.users.find ()

Db.system.users.find () .pretty ()

6. Create and verify

Use test

Db.auth ('test1','test1')

one

Show collections

Ypmlist

-modify permissions-

1. Updateuser () method:

1. Examples

Db.updateUser (

"

{

CustomData: {}

Roles: [

{role: ", db:"} |"

...

]

Pwd: ""

}

WriteConcern: {}

)

2. Parameter introduction:

1. Username: the user name to update.

2. Update: a document that replaces the user data, which completely replaces the corresponding data of the user.

3. WriteConcern: optional, write operation level.

3. Specify the fields to update and their new values:

1. CustomData: optional. Any information.

2. Roles: optional. The role granted to the user. Update the values of the previous array overwritten to the role array

3. Pwd: optional. User password

-modify permission operation-

Example:

Use admin

Switched to db admin

Db.auth ("myUserAdmin", "abc123")

one

Use test

Db.updateUser (

"test1"

{

Pwd: "itcast"

CustomData: {title: "Senior Manager"}

"roles": [

{

"role": "readWrite"

"db": "test"

}

{

"role": "readWrite"

"db": "example"

}

}

)

-Super user-

Use admin

Db.createUser (

{

User: "itcast"

Pwd: "itcast"

Roles: [{role: "root", db: "admin"}]

}

)

2. Default role of the system:

1. Read: allows users to read the specified database

2. ReadWrite: allows users to read and write to a specified database

3. DbAdmin: allows users to perform management functions in a specified database, such as index creation, deletion, viewing statistics, or accessing system.profile

4. UserAdmin: allows users to write to the system.users collection. You can create, delete and manage users in the specified database.

5. ClusterAdmin: available only in the admin database, giving users administrative permissions for all shard and replication set related functions.

6. ReadAnyDatabase: available only in admin databases, giving users read permissions to all databases

7. ReadWriteAnyDatabase: available only in admin databases, giving users read and write permissions to all databases

8. UserAdminAnyDatabase: available only in admin databases, giving users userAdmin permissions for all databases

9. DbAdminAnyDatabase: available only in admin databases, giving users dbAdmin permissions for all databases.

10. Root: only available in the admin database. Super account, super privilege

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.