- 全部评论
加载更多
https://blog.csdn.net/weixin_45753881/article/details/126647801
Read:允许用户读取指定数据库
readWrite:允许用户读写指定数据库
dbAdmin:允许用户在指定数据库中执行管理函数,如索引创建、删除,查看统计或访问system.profile
userAdmin:允许用户向system.users集合写入,可以找指定数据库里创建、删除和管理用户
clusterAdmin:只在admin数据库中可用,赋予用户所有分片和复制集相关函数的管理权限。
readAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的读权限
readWriteAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的读写权限
userAdminAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的userAdmin权限
dbAdminAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的dbAdmin权限。
root:只在admin数据库中可用。超级账号,超级权限
2.docker部署mongoDB
2.1准备映射目录
# 数据文件
mkdir -p /usr/local/mongodb/data
# 日志文件
mkdir -p /usr/local/mongodb/log
1
2
3
4
2.2docker部署mongoDB
docker run --name mongo-server -p 27017:27017 -v /usr/local/mongodb/data:/data/db -v /usr/local/mongodb/log:/data/log -d mongo:3.6.18 --auth
1
3.设置数据库的用户名和密码
# 创建mongo容器后,进入容器
docker exec -it mongo-server /bin/bash
# 进入mongo shell
mongo
# 进入admin数据库
use admin
# 创建超级权限root角色的用户,或者userAdminAnyDatabase 等角色权限比较大的用户,我创建的是拥有超级权限root角色的用户root
# 用户名:root,密码:root,角色:root,数据库:admin
db.createUser({user:'root',pwd:'root',roles:[{role:'root',db:'admin'}]})
1
2
3
4
5
6
7
8
9
10
11
12
# 认证登录db.auth('用户名','密码'),打印1则代表认证通过
db.auth('root','root')
1
2
# 接下来给数据库test_a_collection创建用户zhangsan
use test_a_collection # 切换至数据库test_a_collection
# 创建用户zhangsan,角色为dbOwner,即代表zhangsan拥有对test_a_collection数据库的所有权限
db.createUser({user:"zhangsan", pwd:"123456", roles:[{role: "dbOwner", db:"test_a_collection" }]})
# zhangsan用户登录
db.auth('zhangsan','123456')
# 查看当前数据库的集合,因为是新的数据库,所以集合为空,不打印任何东西则代表成功
show collections
1
2
3
4
5
6
7
8
9
10
11
实际情况是报错了too many users are authenticated,没关系,不是什么大问题,报错原因是多次使用db.auth认证了多个用户
exit退出当前shell再重新进入mongo shell即可
操作步骤如下
# 退出当前shell
exit
# 重新进入mongo shell
mongo
use test_a_collection
db.auth('zhangsan','123456')
show collections
1
2
3
4
5
6
7
8
也可以继续给test_b_collection、test_c_collection等数据库设置用户密码,流程上是一样的,上面提到的整个给数据库设置用户名和密码的过程如下:
[root@td3 ~]# docker run --name mongo-server -p 27017:27017 -v /usr/local/mongodb/data:/data/db -v /usr/local/mongodb/log:/data/log -d mongo:3.6.18 --auth
4909326775ab65418ff2e8b5d0aa19c5f633d02a2bb920592685bb5b282cb2ef
[root@td3 ~]# docker exec -it mongo-server /bin/bash
root@4909326775ab:/# mongo
MongoDB shell version v3.6.18
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("7cb796e5-dada-4ec3-abb2-7049df197743") }
MongoDB server version: 3.6.18
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
http://docs.mongodb.org/
Questions? Try the support group
http://groups.google.com/group/mongodb-user
> use admin
switched to db admin
> db.createUser({user:'root',pwd:'root',roles:[{role:'root',db:'admin'}]})
Successfully added user: {
"user" : "root",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
]
}
> db.auth('root','root')
1
> use test_a_collection
switched to db test_a_collection
> db.createUser({user:"zhangsan", pwd:"123456", roles:[{role: "dbOwner", db:"test_a_collection" }]})
Successfully added user: {
"user" : "zhangsan",
"roles" : [
{
"role" : "dbOwner",
"db" : "test_a_collection"
}
]
}
> db.auth('zhangsan','123456')
1
> show collections
2022-09-02T07:56:32.962+0000 E QUERY [thread1] Error: listCollections failed: {
"ok" : 0,
"errmsg" : "too many users are authenticated",
"code" : 13,
"codeName" : "Unauthorized"
} :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype._getCollectionInfosCommand@src/mongo/shell/db.js:941:1
DB.prototype.getCollectionInfos@src/mongo/shell/db.js:953:19
DB.prototype.getCollectionNames@src/mongo/shell/db.js:964:16
shellHelper.show@src/mongo/shell/utils.js:853:9
shellHelper@src/mongo/shell/utils.js:750:15
@(shellhelp2):1:1
> exit
bye
root@4909326775ab:/# mongo
MongoDB shell version v3.6.18
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("85042d42-2d92-4ece-b3d8-a8f1c83ed52e") }
MongoDB server version: 3.6.18
> use test_a_collection
switched to db test_a_collection
> db.auth('zhangsan','123456')
1
> show collections
> use test_b_collection
switched to db test_b_collection
> db.createUser({user:"lisi", pwd:"123456", roles:[{role: "dbOwner", db:"test_b_collection" }]})
2022-09-02T07:58:32.391+0000 E QUERY [thread1] Error: couldn't add user: not authorized on test_b_collection to execute command { createUser: "lisi", pwd: "xxx", roles: [ { role: "dbOwner", db: "test_b_collection" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 600000.0 }, lsid: { id: UUID("85042d42-2d92-4ece-b3d8-a8f1c83ed52e") }, $db: "test_b_collection" } :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype.createUser@src/mongo/shell/db.js:1437:15
@(shell):1:1
> exit
bye
root@4909326775ab:/# mongo
MongoDB shell version v3.6.18
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("7a0e1ab2-0637-4e3c-9c6b-f2d8b228aa92") }
MongoDB server version: 3.6.18
> use admin
switched to db admin
> db.auth('root','root')
1
> use test_b_collection
switched to db test_b_collection
> db.createUser({user:"lisi", pwd:"123456", roles:[{role: "dbOwner", db:"test_b_collection" }]})
Successfully added user: {
"user" : "lisi",
"roles" : [
{
"role" : "dbOwner",
"db" : "test_b_collection"
}
]
}
> db.auth('lisi','123456')
1
> show collections
2022-09-02T07:59:41.918+0000 E QUERY [thread1] Error: listCollections failed: {
"ok" : 0,
"errmsg" : "too many users are authenticated",
"code" : 13,
"codeName" : "Unauthorized"
} :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype._getCollectionInfosCommand@src/mongo/shell/db.js:941:1
DB.prototype.getCollectionInfos@src/mongo/shell/db.js:953:19
DB.prototype.getCollectionNames@src/mongo/shell/db.js:964:16
shellHelper.show@src/mongo/shell/utils.js:853:9
shellHelper@src/mongo/shell/utils.js:750:15
@(shellhelp2):1:1
> exit
bye
root@4909326775ab:/# mongo
MongoDB shell version v3.6.18
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("76b1f8a7-10d8-4a3f-924c-75e252e246ab") }
MongoDB server version: 3.6.18
> use test_b_collection
switched to db test_b_collection
> db.auth('lisi','123456')
1
> show collections
> db.createUser({user:"zhangsan", pwd:"123456", roles:[{role: "dbOwner", db:"test_b_collection" }]})
Successfully added user: {
"user" : "zhangsan",
"roles" : [
{
"role" : "dbOwner",
"db" : "test_b_collection"
}
]
}
> db.auth('zhangsan','123456')
1
> exit
bye
root@4909326775ab:/# mongo
MongoDB shell version v3.6.18
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("9bfea8c3-c827-47ea-b2a1-8e703992fe5d") }
MongoDB server version: 3.6.18
> use test_b_collection
switched to db test_b_collection
> db.auth('zhangsan','123456')
1
> show collections
> exit
bye
root@4909326775ab:/# mongo
MongoDB shell version v3.6.18
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("eef4c7d4-560f-44a7-a064-57106ee1cee0") }
MongoDB server version: 3.6.18
> use test_c_collection
switched to db test_c_collection
> db.createUser({user:"zhangsan", pwd:"123456", roles:[{role: "dbOwner", db:"test_c_collection" }]})
2022-09-02T08:03:54.556+0000 E QUERY [thread1] Error: couldn't add user: there are no users authenticated :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype.createUser@src/mongo/shell/db.js:1437:15
@(shell):1:1
