MongoDB中怎么實(shí)現(xiàn)用戶管理

本篇文章給大家分享的是有關(guān)MongoDB中怎么實(shí)現(xiàn)用戶管理，小編覺得挺實(shí)用的，因此分享給大家學(xué)習(xí)，希望大家閱讀完這篇文章后可以有所收獲，話不多說，跟著小編一起來看看吧。

  ● 條件一：服務(wù)器啟動(dòng)的時(shí)候打開授權(quán)認(rèn)證。
  ● 條件二：需要配置用戶名和密碼。
但是需要明確的是，如果要想配置用戶名和密碼，一定是針對(duì)一個(gè)數(shù)據(jù)庫(kù)的，例如現(xiàn)有要?jiǎng)?chuàng)建的是stone數(shù)據(jù)庫(kù)用戶，那么就必須切換到stone數(shù)據(jù)庫(kù)上。

范例：執(zhí)行用戶的創(chuàng)建
任何用戶都必須具備一個(gè)自己的操作角色：read、readWrite
> use admin
switched to db admin
> db.createUser({
... "user":"root",
... "pwd":"root",
... "roles":[{"role":"root","db":"admin"}]
... })
Successfully added user: {
        "user" : "root",
        "roles" : [
                {
                        "role" : "root",
                        "db" : "admin"
                }
        ]
}

> use hr
switched to db hr
> use hr
switched to db hr
> db.createUser({
... "user":"stone",
... "pwd":"stone",
... "roles":[{"role":"readWrite","db":"hr"}]
... })
Successfully added user: {
        "user" : "stone",
        "roles" : [
                {
                        "role" : "readWrite",
                        "db" : "hr"
                }
        ]
}

那么現(xiàn)在就表示成功的創(chuàng)建了stone用戶。那么如果要想讓次用戶名起作用，則必須以授權(quán)的方式打開MongoDB服務(wù)。修改MongoDB的參數(shù)文件。

范例：修改參數(shù)文件，增加授權(quán)啟動(dòng)
[root@D2-LZY245 ~]# vim /usr/local/mongodb/mongodb.conf
dbpath=/usr/local/mongodb/db
logpath=/usr/local/mongodb/log/mongodb.log
logappend=true
auth=true
port=27017
fork=true

重啟數(shù)據(jù)庫(kù)：
> use admin
switched to db admin
> db.shutdownServer();

[root@D2-LZY245 ~]# mongod -f /usr/local/mongodb/mongodb.conf
about to fork child process, waiting until server is ready for connections.
forked process: 25987
child process started successfully, parent exiting

[root@D2-LZY245 ~]# mongo
MongoDB shell version v3.4.7
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.7
> use stone
switched to db stone
> db.emp.find();
Error: error: {
        "ok" : 0,
        "errmsg" : "not authorized on stone to execute command { find: \"emp\", filter: {} }",
        "code" : 13,
        "codeName" : "Unauthorized"
}

此時(shí)增加了一個(gè)驗(yàn)證的啟動(dòng)模式，發(fā)現(xiàn)依然可以在不輸入用戶名和密碼的前提下進(jìn)行登錄，并且也可以直接進(jìn)行數(shù)據(jù)庫(kù)的切換操作。但是在使用數(shù)據(jù)庫(kù)集合的時(shí)候出現(xiàn)了錯(cuò)誤提示。

范例：登錄數(shù)據(jù)庫(kù)的時(shí)候使用用戶名和密碼
[root@D2-LZY245 ~]# mongo -u "stone" -p "stone" --authenticationDatabase "hr"
MongoDB shell version v3.4.7
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.7

或者：

[root@D2-LZY245 ~]# mongo
MongoDB shell version v3.4.7
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.7
> use hr
switched to db hr
> db.auth("stone","stone")
1

此時(shí)就表示成功的實(shí)現(xiàn)了用戶的登錄操作。

范例：修改密碼
[root@D2-LZY245 ~]# mongo -u root -p 'root' --authenticationDatabase 'admin'
> db.changeUserPassword("stone","stone")

范例：查看用戶及角色
> use admin
switched to db admin
> db.system.users.find();
{ "_id" : "test.stone", "user" : "stone", "db" : "test", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "boSLJ2acqh503AW0MZO7yA==", "storedKey" : "Y7zaryoqOiedeKsVs61SrAMAK8c=", "serverKey" : "+wa0fO2hwNrLRIuVmtJMvR1AJv0=" } }, "roles" : [ { "role" : "readWrite", "db" : "hr" } ] }
{ "_id" : "admin.root", "user" : "root", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "NmiMDfzuCnkO1CRKrVUV9A==", "storedKey" : "rD6NaqsfON8h0YMNv6idPKUpac0=", "serverKey" : "9MXDynhFSNmHEkMIMfxnSKdQPio=" } }, "roles" : [ { "role" : "root", "db" : "admin" } ] }
{ "_id" : "hr.stone", "user" : "stone", "db" : "hr", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "69NLL2oWTg0OehrBwytbsw==", "storedKey" : "LRmPZjHZorxhfWA+RS6SgzLbev4=", "serverKey" : "59xkCl7qKK+HrKrlK5QMdGx94U8=" } }, "roles" : [ { "role" : "readWrite", "db" : "hr" } ] }

以上就是MongoDB中怎么實(shí)現(xiàn)用戶管理，小編相信有部分知識(shí)點(diǎn)可能是我們?nèi)粘９ぷ鲿?huì)見到或用到的。希望你能通過這篇文章學(xué)到更多知識(shí)。更多詳情敬請(qǐng)關(guān)注億速云行業(yè)資訊頻道。