【转】MongoDB：用户认证(2)

时间:2014-05-22 15:53来源:网络整理作者:网络点击: 次

分享到：

db.addUser('skytf_select','skytf_select',true); { "user" : "skytf_select", "readOnly" : true, "pwd" : "e344f93a69f20ca9f3dfbc40da4a3082",

> db.addUser('skytf_select','skytf_select',true);
{
        "user" : "skytf_select",
        "readOnly" : true,
        "pwd" : "e344f93a69f20ca9f3dfbc40da4a3082",
        "_id" : ObjectId("50ad71c7d114dcf18a8bb221")
}

> db.system.users.find();db.system.users.find();
{ "_id" : ObjectId("50ad6ef3a579c47efacf811c"), "user" : "skytf", "readOnly" : false, "pwd" : "8c438fc9e2031577cea03806db0ee137" }
{ "_id" : ObjectId("50ad71c7d114dcf18a8bb221"), "user" : "skytf_select", "readOnly" : true, "pwd" : "e344f93a69f20ca9f3dfbc40da4a3082" }

备注：只需在 addUser 命令中增加第三个参数，并指定为“true” ，即可创建只读帐号。

--3.2 测试

[mongo@redhatB data]$ mongo 127.0.0.1/skytf -u skytf_select -p
MongoDB shell version: 2.2.1
Enter password:
connecting to: 127.0.0.1/skytf

> show collections;
system.indexes
system.users
test_1
test_2
test_3
test_4
test_5
things
things_1

> db.test_5.find();
{ "_id" : ObjectId("50ad7177d114dcf18a8bb220"), "id" : 1 }
{ "_id" : ObjectId("50ad724ed114dcf18a8bb222"), "id" : 2 }

> db.test_5.save({id:3});
unauthorized

备注：以只读帐号 skytf_select 登陆库 skytf，有权限执行查询操作，没有权限执行插入操作；

四附命令参考

--4.1 db.addUser

Parameters:

username (string) – Specifies a new username.
password (string) – Specifies the corresponding password.
readOnly (boolean) – Optional. Restrict a user to read-privileges only. Defaults to false.

Use this function to create new database users, by specifying a username and password as arguments
to the command. If you want to restrict the user to have only read-only privileges, supply a true third
argument; however, this defaults to false。

--4.2 db.auth

Parameters:

username (string) – Specifies an existing username with access privileges for this database.
password (string) – Specifies the corresponding password.

Allows a user to authenticate to the database from within the shell. Alternatively use mongo
--username and --password to specify authentication credentials.

五参考
http://docs.mongodb.org/manual/tutorial/control-access-to-mongodb-with-authentication/
http://docs.mongodb.org/manual/administration/security/
http://blog.163.com/dazuiba_008/blog/static/36334981201110311534143/

转自 http://francs3.blog.163.com/blog/static/405767272012102331445410/