MongoDB user management (CRUD users), roles, security authentication

1. CRUD users:

View all users of the database

   use admin

   db.system.users.find()

Add specified user to current database

     The old version of the addUser method:

use ichpms specifies the ichpms database

db.addUser("root","123456"); #Create read and write user root

db.addUser("zhangsan","123456",true);#Create a read-only user zhangsan

The new version of the createUser method:

eg1:

use admin ;

db.createUser({

user:'administrator',

pwd:'aaaaaa',

roles:["root"]

});

Add user "administrator" in admin database and grant "root" role

 

eg2:

use test

db.createUser({

user:'u1',

pwd:'aaaaaa',

roles:['readWrite']

});

Add user "u1" to the test database and authorize the "readWrite" role

 

eg3:

use test

db.createUser({

user:'u2',

pwd:'aaaaaa',

roles:[ { role: "read", db: "ichpms" },'readWrite']

});

Add user "u2" to the test database, authorize the "readWrite" role, and authorize the "read" role for "ichpms"

 

 

Delete the specified user for the current database

      db.dropUser("zhangsan")

      Note: Users of A database cannot be deleted in a non-A database. Understanding: There may be a user of u1 in each of the two databases of AB. If you do not enter the database to delete, you will not know which database is deleted.

Modify the password of the specified user in the current database

db.changeUserPassword("root3", "bbbbbb")    

 Modify the current database specified user

 ？

 Take back the role of the specified user

 ？

 

 Authorize the role of the specified user

 ？

View roles corresponding to users based on user names

db.getUser("root3"); #"root3" user name

 

2. Role

All built-in roles in MongoDB databases.

https://docs.mongodb.com/manual/reference/built-in-roles/index.html

 

View the permissions corresponding to the specified role based on the role name   

db.getRole("readWrite",{showPrivileges:true}); #"readWrite" role name

 

 Creating a Role

?

 

 

3. Safety certification

step1: Create a user: refer to the above

step2: Security check: auth=true #Enable security check false or if not configured, it means to turn off security check.

      Turn on security checks when the server starts

step3: Client connection: mongo

step4: Connect to the specified database use db //Switch to the db database

step5: User login: db.auth("root","aaaaaa");

step6: User logout: db.logout();