mongodb中的用户及权限管理
<h2>1.1 注意</h2><div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">验证库: 建立用户时use到的库及用户的验证库,在使用用户时,要加上验证库才能登陆。
对于管理员用户,必须在admin下创建.
</span><span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">. 建用户时,use到的库,就是此用户的验证库
</span><span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">. 登录时,必须明确指定验证库才能登录
</span><span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)">. 通常,管理员用的验证库是admin,普通用户的验证库一般是所管理的库设置为验证库
</span><span style="color: rgba(128, 0, 128, 1)">4</span><span style="color: rgba(0, 0, 0, 1)">. 如果直接登录到数据库,不进行use,默认的验证库是test,不是我们生产建议的.
</span><span style="color: rgba(128, 0, 128, 1)">5</span>. 从3.<span style="color: rgba(128, 0, 128, 1)">6</span> 版本开始,不添加bindIp参数,默认不让远程登录,只能本地管理员登录。</pre>
</div>
<h2>1.2 用户创建语法</h2>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">use admin
db.createUser
{
user: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)"><name></span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
pwd: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)"><cleartext password></span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
roles: [
{ role: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)"><role></span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
db: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)"><database></span><span style="color: rgba(128, 0, 0, 1)">"</span> } | <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)"><role></span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
...
]
}
基本语法说明:
user:用户名
pwd:密码
roles:
role:角色名
db:作用对象
role:root, readWrite,read <br>
使用验证数据库登录:
mongo </span>-u oldboy -p <span style="color: rgba(128, 0, 128, 1)">123</span> <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.53</span>/oldboy</pre>
</div>
<h2>1.3 用户管理例子(创建管理员)</h2>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">创建超级管理员:管理所有数据库(必须use admin再去创建)
$ mongo
use admin
db.createUser(
{
user: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">root</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
pwd: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">root123</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
roles: [ { role: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">root</span><span style="color: rgba(128, 0, 0, 1)">"</span>, db: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">admin</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> } ]
}
)</span></pre>
</div>
<h2>验证创建的用户</h2>
<div class="cnblogs_code">
<pre>db.auth(<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">root</span><span style="color: rgba(128, 0, 0, 1)">'</span>,<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">root123</span><span style="color: rgba(128, 0, 0, 1)">'</span>)</pre>
</div>
<p> </p>
<h2>启用密码登录功能 - 配置文件中,加入以下配置并重新启动</h2>
<div class="cnblogs_code">
<pre>vim /mongodb/conf/<span style="color: rgba(0, 0, 0, 1)">mongo.conf
security:
authorization: enabled
# 关闭并重启mongo
mongod </span>-f /mongodb/conf/mongo.conf --<span style="color: rgba(0, 0, 0, 1)">shutdown
mongod </span>-f /mongodb/conf/mongo.conf </pre>
</div>
<h2>登录验证</h2>
<div class="cnblogs_code">
<pre>mongo -uroot -<span style="color: rgba(0, 0, 0, 1)">proot123admin
mongo </span>-uroot -proot123<span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.53</span>/<span style="color: rgba(0, 0, 0, 1)">admin
或者
mongo
use admin
db.auth(</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">root</span><span style="color: rgba(128, 0, 0, 1)">'</span>,<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">root123</span><span style="color: rgba(128, 0, 0, 1)">'</span>)</pre>
</div>
<p> </p>
<p> </p>
<h2>查看用户:</h2>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">use admin
db.system.users.find().pretty()</span></pre>
</div>
<p> </p>
<h2>创建应用用户</h2>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">use oldboy
db.createUser(
{
user: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">app01</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
pwd: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">app01</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
roles: [ { role: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">readWrite</span><span style="color: rgba(128, 0, 0, 1)">"</span> , db: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">oldboy</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> } ]
}
)
mongo</span>-uapp01 -papp01 app</pre>
</div>
<h2>查询mongodb中的用户信息</h2>
<div class="cnblogs_code">
<pre>mongo -uroot -proot123 <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.53</span>/<span style="color: rgba(0, 0, 0, 1)">admin
db.system.users.find().pretty()</span></pre>
</div>
<h2>1.4 删除用户(root身份登录,use到验证库)</h2>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">删除用户
db.createUser({user: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">app02</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pwd: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">app02</span><span style="color: rgba(128, 0, 0, 1)">"</span>,roles: [ { role: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">readWrite</span><span style="color: rgba(128, 0, 0, 1)">"</span> , db: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">oldboy1</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> } ]})
mongo </span>-uroot -proot123 <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.53</span>/<span style="color: rgba(0, 0, 0, 1)">admin
use oldboy1
db.dropUser(</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">app02</span><span style="color: rgba(128, 0, 0, 1)">"</span>)</pre>
</div>
<h2>1.5 用户管理注意事项</h2>
<div class="cnblogs_code">
<pre><span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">. 建用户要有验证库,管理员admin,普通用户是要管理的库
</span><span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">. 登录时,注意验证库
mongo </span>-uapp01 -papp01 <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.51</span>:<span style="color: rgba(128, 0, 128, 1)">27017</span>/<span style="color: rgba(0, 0, 0, 1)">oldboy
</span><span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)">. 重点参数
net:
port: </span><span style="color: rgba(128, 0, 128, 1)">27017</span><span style="color: rgba(0, 0, 0, 1)">
bindIp: </span><span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.51</span>,<span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span><span style="color: rgba(0, 0, 0, 1)">
security:
authorization: enabled</span></pre>
</div>
<p> </p>
<p> </p>
<p> </p>
<p>0</p><br><br>
来源:https://www.cnblogs.com/quzq/p/13276131.html
頁:
[1]