简介:由于mongodb数据的用户管理是基于单个库的管理,他的管理策略大概如下
如果验证了admin库的账户,那么所有的库都可以访问
如果验证了非admin库的账户,那么此权限只能访问当前库下的数据
步骤建议:
如果要对数据库进行账户设置,最好我们首先不要开启数据库验证,然后进入admin库,创建密码
退出添加 -auth 验证重启mongodb然后使用admin库的账户进行验证,如果通过那么进入其它库进行账户创建,完成后重新登录进行验证
验证如下:
启动mongod
mongod.exe --dbpath=E:\mongodb\db -auth -auth 开启用户验证,如果启动没有添加此参数那么用户验证将失败
首先进入admin库
use admin
查看当前数据的用户
show collections 能返回两个表
添加admin库的sa账户密码为sa
db.addUser('sa','sa')
ctrl+c 退出当前登录
重新登录并进入admin库和test库检查是否能够查询当前表
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
> use admin
switched
to
db admin
> show collections
Mon Oct 13 17:11:01 uncaught exception: error: {
"$err"
:
"unauthorized db:admin lock type:-1 client:127.0.0.1"
,
"code"
: 10057
}
> use test
switched
to
db admin
> show collections
Mon Oct 13 17:13:51 uncaught exception: error: {
"$err"
:
"unauthorized db:test lock type:-1 client:127.0.0.1"
,
"code"
: 10057
}
|
验证admin库里面的sa账户是否能够查看admin库和test库的信息
|
1
2
3
4
5
6
7
8
9
10
11
|
> db.auth(
'sa'
,
'sa'
)
1
> show collections
system.indexes
system.users
> use test
switched
to
db test
> show collections
system.indexes
system.users
>
|
进入test库并创建用户test密码test
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
> use test
switched
to
db test
> db.addUser(
'test'
,
'test'
)
{
"updatedExisting"
:
true
,
"n"
: 1,
"connectionId"
: 10,
"err"
:
null
,
"ok"
: 1
}
{
"_id"
: ObjectId(
"543b80be1d60b11044c2fc59"
),
"user"
:
"test"
,
"readOnly"
:
false
,
"pwd"
:
"a6de521abefc2fed4f5876855a3484f5"
}
>
|
ctrl+c退出重新登录,验证test账户能够访问test库和admin库
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
> db.auth(
'test'
,
'test'
)
1
> show collections
system.indexes
system.users
> use admin
switched
to
db admin
> show collections
Mon Oct 13 17:21:06 uncaught exception: error: {
"$err"
:
"unauthorized db:admin lock type:-1 client:127.0.0.1"
,
"code"
: 10057
}
>
|
验证admin库的admin帐号,看是否能查看admin库的信息
|
1
2
3
4
5
6
7
8
|
> use admin
switched
to
db admin
> db.auth(
'sa'
,
'sa'
)
1
> show collections
system.indexes
system.users
>
|
PS:当验证用户的时候,如果返回1证明有此用户,如果返回0证明没有此用户 如:
|
1
2
3
4
|
> use admin
switched
to
db admin
> db.auth(
'sa'
,
'sa'
)
1
|
当主从也是用用户验证来同步的情况下,要在master和slave上设置同一用户同一密码:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
D:\mongodb\bin>mongo.exe 127.0.0.1:27018
MongoDB shell version: 2.0.9
connecting
to
: 127.0.0.1:27018/test
>
> use admin
switched
to
db admin
> db.addUser(
'root'
,
'123'
)
{
"n"
: 0,
"connectionId"
: 1,
"err"
:
null
,
"ok"
: 1 }
{
"user"
:
"root"
,
"readOnly"
:
false
,
"pwd"
:
"c2eb464922307de3bc3aaf9593f1d49b"
,
"_id"
: ObjectId(
"543cca62a23db6161efcdf78"
)
}
> use
local
switched
to
db
local
> db.addUser(
'repl'
,
'123'
)
{
"n"
: 0,
"connectionId"
: 1,
"err"
:
null
,
"ok"
: 1 }
{
"user"
:
"repl"
,
"readOnly"
:
false
,
"pwd"
:
"f544158855b8fbf525ce926d8605a348"
,
"_id"
: ObjectId(
"543cca6aa23db6161efcdf79"
)
}
> show dbs;
admin 0.078125GB
local
0.078125GB
> bye
D:\mongodb\bin>mongo.exe 127.0.0.1:27017
MongoDB shell version: 2.0.9
connecting
to
: 127.0.0.1:27017/test
> show dbs
Tue Oct 14 15:04:16 uncaught exception: listDatabases failed:{
"errmsg"
:
"need to login"
,
"ok"
: 0 }
> db.auth(
'root'
,
'123'
)
0
> use admin
switched
to
db admin
> db.auth(
'root'
,
'123'
)
1
> show dbs
admin 0.078125GB
local
12.072265625GB
test (empty)
> bye
D:\mongodb\bin>mongo.exe 127.0.0.1:27018
MongoDB shell version: 2.0.9
connecting
to
: 127.0.0.1:27018/test
> show dbs;
Tue Oct 14 15:04:59 uncaught exception: listDatabases failed:{
"errmsg"
:
"need to login"
,
"ok"
: 0 }
> use admin
switched
to
db admin
> db.auth(
'root'
,
'123'
)
1
> show dbs
admin 0.078125GB
local
0.078125GB
> bye
D:\mongodb\bin>mongo.exe 127.0.0.1:27017
MongoDB shell version: 2.0.9
connecting
to
: 127.0.0.1:27017/test
> use sean
switched
to
db sean
> db.addUser(
'sean'
,
'123'
)
Tue Oct 14 15:05:44 uncaught exception: error {
"$err"
:
"unauthorized db:sean lock type:-1 client:127.0.0.1"
,
"code"
: 10057
}
> bye
D:\mongodb\bin>mongo.exe 127.0.0.1:27018
MongoDB shell version: 2.0.9
connecting
to
: 127.0.0.1:27018/test
> show dbs
Tue Oct 14 15:06:26 uncaught exception: listDatabases failed:{
"errmsg"
:
"need to login"
,
"ok"
: 0 }
> use admin
switched
to
db admin
> show dbs
Tue Oct 14 15:06:30 uncaught exception: listDatabases failed:{
"errmsg"
:
"need to login"
,
"ok"
: 0 }
> db.auth(
'root'
,
'123'
)
1
> show dbs;
admin 0.078125GB
local
0.078125GB
sean 0.078125GB
> use sean
switched
to
db sean
> show dbsbye
D:\mongodb\bin>mongo.exe 127.0.0.1:27018
MongoDB shell version: 2.0.9
connecting
to
: 127.0.0.1:27018/test
> use sean
switched
to
db sean
> db.auth(
'sean'
,
'123'
)
1
> show collections
system.indexes
system.users
>
|
本文转自 xinsir999 51CTO博客,原文链接:http://blog.51cto.com/xinsir/1563383,如需转载请自行联系原作者
