发表新帖
发表新帖

create secure database in mongodb

前端 未结
关注
2 1743
眼角桃花
眼角桃花 2021-02-02 03:50

I want to create the database in mongodb that\'s secure.

Secure means the application has to pass username/password to connect to my database in mongodb.

相关标签:
2条回答
  • 天涯浪人
    2021-02-02 04:10
    • Create a Admin user for the mongo instance,

    > use admin

    > db.addUser("admin", "xyzxyz")

    • Switch to db for which authentication is required

    > use newdb

    > db.addUser("newuser", "strongpwd")

    • Stop the mongo instance/service. If mongodb was installed via ppa, then it is configured as a service.

    sudo service mongodb stop

    If it was installed from source, stop the process using:

    /etc/init.d/mongodb stop

    • Change the config file to use authentication by default

    vim /etc/mongodb.conf

    auth = true

    • Start mongodb. If it is a service

    sudo service mongodb restart

    else

    mongod --config /etc/mongodb.conf

    • Check if auth is enabled:

    > show collections on newdb should give the error

    "$err" : "not authorized for query on newdb.system.namespaces",
"code" : 16550

    and should work after

    > db.auth("newuser", "strongpwd")

    Now the db newdb is secured.

    0 讨论(0)
  • 天命终不由人
    2021-02-02 04:22

    From Mongo Java Tutorial

    MongoDB can be run in a secure mode where access to databases is controlled through name and password authentication. When run in this mode, any client application must provide a name and password before doing any operations. In the Java driver, you simply do the following with the connected mongo object :

    boolean auth = db.authenticate(myUserName, myPassword);

    If the name and password are valid for the database, auth will be true. Otherwise, it will be false. You should look at the MongoDB log for further information if available.

    Most users run MongoDB without authentication in a trusted environment.

    Configuring Authentication and Security

    Authentication is stored in each database's system.users collection. For example, on a database projectx, projectx.system.users will contain user information.

    We should first configure an administrator user for the entire db server process. This user is stored under the special admin database.

    If no users are configured in admin.system.users, one may access the database from the localhost interface without authenticating. Thus, from the server running the database (and thus on localhost), run the database shell and configure an administrative user:

    $ ./mongo
> use admin
> db.addUser("theadmin", "anadminpassword")

    We now have a user created for database admin. Note that if we have not previously authenticated, we now must if we wish to perform further operations, as there is a user in admin.system.users.

    > db.auth("theadmin", "anadminpassword")

    We can view existing users for the database with the command:

    > db.system.users.find()

    Now, let's configure a "regular" user for another database.

    > use projectx
> db.addUser("joe", "passwordForJoe")

    Finally, let's add a readonly user. (only supported in 1.3.2+)

    > use projectx
> db.addUser("guest", "passwordForGuest", true)
    0 讨论(0)
 看不清?
提交回复
热议问题