Shulou(Shulou.com)06/01 Report--

This article mainly introduces MongoDB account creation, rights management (simple), and login in Python,Java and default clients.

By default, MongoDB does not have account permission management, that is, you can log in without a password to have read and write permissions (of course, restarting the service still needs to be executed locally).

This is enough for your own laboratory, but it is not safe for opening data to others. It is not afraid of stealing data. It is mainly for fear that some pig teammates will give db to drop at once. If there is no disaster recovery backup, it will be too late to cry.

As for the permission configuration of MongoDB, I can be regarded as a person who has stepped on the pit by looking at the official documents and other people's notes. Write down the pit that has been stepped on to show you, so as to reduce the number of times that others step on the pit. The main trample is still focused on landing in different languages, and there is less information on this aspect.

First switch to the admin database

Use admin

Then create a superuser where the values of user and pwd can be defined by yourself.

1 db.createUser (2 {3 user: "super_user", 4 pwd: "super_user_paasswd", 5 roles: [{role: "_ _ system", db: "admin"}] 6} 7)

Then we create two new users, one with read and write permissions and the other with read permissions.

The account with read and write access is used by all services and programs that need to write data, and the read account is used when colleagues view and aggregate data.

1 / / New account 2 db.createUser ({3 "user": "rouser", / / account name 4 "pwd": "rouserpwd", / / password 5 "customData": {6 / / Note 7 user_abs: "read-only user for data analysis" 8}, 9 "roles": [10 {11 role: "readAnyDatabase" / / read all databases 12 db: "admin" 13} 14] 15}, {16w: "majority", 17 wtimeout: 5000 18} 19) 20 / / New read-write account 21 db.createUser ({22 "user": "rwuser", / / account name 23 "pwd": "rwuser_pwd" / password 24 "customData": {/ / Note 25 user_abs: "read-write user for data extractor" 26}, 27 "roles": [28 {29 role: "readWriteAnyDatabase", / / read and write all databases 30 db: "admin" 31} 32] 33}, {34 w: "majority" 35 wtimeout: 5000 36} 37)

After the creation is completed, first check whether the new one is ready. To put it simply, check to see if the user account you want is recorded in admin:

1 db.getCollection ("system.users") .find ({}) 2 3 / / output: 4 / / actual input: db.getCollection ("system.users"). Find ({}, {"credentials": 0}) 5 {"_ id": "admin.super_user", "user": "super_user", "db": "admin", "roles": [{"role": "_ system" "db": "admin"}]} 6 {"_ id": "admin.rouser", "user": "rouser", "db": "admin", "customData": {"user_abs": "read-only user for data analysis"}, "roles": [{"role": "readAnyDatabase" "db": "admin"}} 7 {"_ id": "admin.rwuser", "user": "rwuser", "db": "admin", "customData": {"user_abs": "read-write user for data extractor"}, "roles": [{"role": "readWriteAnyDatabase", "db": "admin"}]}

When you see that all the account information has been output, you will OK. The next step is to restart the service. Before restarting the service, you need to set `auth = true` in the config file, so that you need to log in, otherwise nothing has changed.

The following is my Config file, and the last line is the Command for reinstalling the service. If it is not installed, use the-- install parameter:

1 # Storage data directory 2 dbpath=F:\ FeaturesData\ data 3 # log file 4 logpath=F:\ FeaturesData\ mongo.log 5 # CacheSize 6 wiredTigerCacheSizeGB=1 7 8 auth = true 9 logappend = true10 directoryperdb = true11 12 # execute 13 # mongod-config "F:\ FeaturesData\ mongo.config"-serviceName "MongoDB"-reinstall

In this way, Mongo will have permission after activation, and you need to use the account password to log in at this time:

Mongo "- u super_user-p super_user_paasswd-- authenticationDatabase admin 127.0.0.1/test

Where 127.0.0.1/test is the IP/ database name to connect to the default database.

At this time, you can try to delete the library or delete the collection using a read-only account. Drop failed: MongoError: not authorized on test to execute command will appear.

It means that you do not have permission to delete, do not say delete at this time, insert operation can not be done.

In addition to using the default client connection, we can also use Driver in other languages to connect.

Consider using Python and Java here

First consider the connection in Python, where we log in using URI:

1 try:# Python 3.x 2 from urllib.parse import quote_plus 3 except ImportError:# Python 2.x 4 from urllib import quote_plus 5 from pymongo import MongoClient 6 7 # Example 8 user = 'USER' 9 password =' PASSWORD'10 host = '127.0.0.1 Code12 uri 27017 user 11 # Code12 uri = "mongodb://%s:%s@%s"% (13 quote_plus (user), quote_plus (password), host) 14 client = MongoClient (uri)

Then consider logging in using Java (a little bit more troublesome):

1 / / this is my own encapsulated class 2 import com.zjtj.yuanyifan.Util.PropertiesUtil; 3 4 import com.mongodb.BasicDBObject; 5 import com.mongodb.MongoClient; 6 import com.mongodb.MongoCredential; 7 import com.mongodb.ServerAddress; 8 import com.mongodb.client.FindIterable; 9 import com.mongodb.client.MongoCollection for reading Properties files 10 11 private MongoCollection getMongoDBConnection () {12 / / initialize the Mongodb database connection. I don't think 13 PropertiesUtil pu = new PropertiesUtil (); 14 String vfdbname = pu.getPropString ("vehicle_features_db_name", "vf"); 15 String vfdbip = pu.getPropString ("vehicle_features_db_ip", "127.0.0.1") 16 String vfdbport = pu.getPropString ("vehicle_features_db_port", "27017"); 17 String vfdbuser = pu.getPropString ("vehicle_features_db_user", "USER_HERE"); 18 String vfdbpwd = pu.getPropString ("vehicle_features_db_pwd", "PASSWD_HERE"); 19 try {20 21 ServerAddress sainfo = new ServerAddress (vfdbip, Integer.valueOf (vfdbport)) 22 List mgauth = new ArrayList (); 23 mgauth.add (MongoCredential.createCredential (vfdbuser, "admin", vfdbpwd.toCharArray (); 24 MongoCollection mgdbc = new MongoClient (sainfo,mgauth) .getDatabase (vfdbname) .getCollection ("daily_features"); 25 String dbgInfo = String.format ("Connected to mongodb://%s:%s/%s/\ n", vfdbip, vfdbport, vfdbname) 26 System.out.printf (dbgInfo); 27 fcc_log.info (dbgInfo); 28 return mgdbc;29} catch (Exception ex) {30 String errInfo = "Error while initializing MongoDB connection:" + ex.getMessage (); 31 System.err.println (errInfo); 32 fcc_log.fatal (errInfo); 33} 34}

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.