你忘--auth使
创建用户
// ensure that we have new db, no roles, no users
use products
db.dropDatabase()
// create admin user
use products
db.createUser({
"user": "prod-admin",
"pwd": "prod-admin",
"roles": [
{"role": "clusterAdmin", "db": "admin" },
{"role": "readAnyDatabase", "db": "admin" },
"readWrite"
]},
{ "w": "majority" , "wtimeout": 5000 }
)
// login via admin acont in order to create readonly user
// mongo --username=prod-admin --password=prod-admin products
db.createUser({
"user": "prod-r",
"pwd": "prod-r",
"roles": ["read"]
})
启用身份验证:
sudo vim /etc/mongod.conf # edit file
# Turn on/off security. Off is currently the default
#noauth = true
auth = true
sudo service mongod restart # reload configuiration
检查写入限制:
# check if write operation for readonly user
$ mongo --username=prod-r --password=prod-r products
MongoDB shell version: 2.6.4
connecting to: products
> db.laptop.insert({"name": "HP"})
WriteResult({
"writeError" : {
"code" : 13,
"errmsg" : "not authorized on products to execute command { insert: \"laptop\", documents: [ { _id: ObjectId('53ecb7115f0bfc61d8b1113e'), name: \"HP\" } ], ordered: true }"
}
})
# check write operation for admin user
$ mongo --username=prod-admin --password=prod-admin products
MongoDB shell version: 2.6.4
connecting to: products
> db.laptop.insert({"name": "HP"})
WriteResult({ "nInserted" : 1 })
# check read operation for readonly user
$ mongo --username=prod-r --password=prod-r products
MongoDB shell version: 2.6.4
connecting to: products
> db.laptop.findOne()
{ "_id" : ObjectId("53ecb54798da304f99625d05"), "name" : "HP" }
你能否也请发送你如何连接? –
您是否在'admin'数据库中创建了[管理用户](http://docs.mongodb.org/manual/tutorial/add-user-administrator/)?如果'admin'数据库中没有用户,您仍然可以通过[localhost exception]进行连接(http://docs.mongodb.org/manual/tutorial/add-user-administrator/#authenticate-with-全行政存取通本地主机)。当'mongod'启用auth启用时,localhost异常可用于设置您的第一个管理用户。 – Stennie
感谢Stennie的回复。我做了以下事情//创建管理员用户 使用管理员 db.addUser('root','strong_password'); //只读用户 使用dbforuser1 db.addUser('user1','user1_pass',true); 当以user1登录时,它仍然允许我写入。请提供帮助。 – user3111436