目錄
- 一��、MongoDB的用戶和角色權(quán)限簡介
- 1.1�、查看所有內(nèi)置角色
- 1.2、常見的內(nèi)置角色
- 二���、單實(shí)例環(huán)境
- 2.1����、創(chuàng)建用戶
- 2.2�、服務(wù)端開啟認(rèn)證
- 2.3、客戶端登錄認(rèn)證
- 三��、副本集環(huán)境
- 3.1�����、添加管理賬戶
- 3.2�����、創(chuàng)建副本集認(rèn)證的key文件
- 3.3、修改配置文件指定keyfile
- 3.4�����、重啟副本集
- 3.5�、連接測(cè)試
- 3.6、添加普通用戶
一���、MongoDB的用戶和角色權(quán)限簡介
為了強(qiáng)制開啟用戶訪問控制(用戶驗(yàn)證),則需要在MongoDB實(shí)例啟動(dòng)時(shí)使用選項(xiàng)--auth或在指定啟動(dòng)配置文件中添加auth=true�。
- 啟用訪問控制:
MongoDB使用的是基于角色的訪問控制(Role-Based Access Control,RBAC)來管理用戶對(duì)實(shí)例的訪問�。通過對(duì)用戶授予一個(gè)或多個(gè)角色來控制用戶訪問數(shù)據(jù)庫資源的權(quán)限和數(shù)據(jù)庫操作的權(quán)限,在對(duì)用戶分配角色之前����,用戶無法訪問實(shí)例。
- 角色:在
MongoDB中通過角色對(duì)用戶授予相應(yīng)數(shù)據(jù)庫資源的操作權(quán)限��,每個(gè)角色當(dāng)中的權(quán)限可以顯示指定�,也可以通過集成其他角色的權(quán)限,或者兩者都存在的權(quán)限����。
- 權(quán)限:權(quán)限由指定的數(shù)據(jù)庫(resource)以及允許在運(yùn)行資源上進(jìn)行的操作(action)組成���。資源(resource)包括:數(shù)據(jù)庫、集合��、部分集合和集群����;操作(action)包括:對(duì)資源的增、刪���、改��、查(CRUD)操作�����。
在角色定義時(shí)可以包含一個(gè)或多個(gè)已存在的角色��,新創(chuàng)建的角色會(huì)繼承包含的角色所有的權(quán)限�。在同一個(gè)數(shù)據(jù)庫中����,新創(chuàng)建角色可以繼承其他角色的權(quán)限,在admin數(shù)據(jù)庫中創(chuàng)建的角色可以繼承在其它任意數(shù)據(jù)庫中的角色的權(quán)限���。
角色權(quán)限的查看��,可以通過如下的命令進(jìn)行查看:
# 查詢所有角色權(quán)限(僅用戶自定義角色)
> db.runCommand({ rolesInfo: 1 })
# 查詢所有角色權(quán)限(包含內(nèi)置角色)
> db.runCommand({ rolesInfo: 1, showBuiltinRoles: true })
# 查詢當(dāng)前數(shù)據(jù)庫中的某角色的權(quán)限
> db.runCommand({ rolesInfo: "rolename>" })
# 查詢其它數(shù)據(jù)庫中指定的角色權(quán)限
> db.runCommand({ rolesInfo: { role: "rolename>", db: "database>" } }
# 查詢多個(gè)角色權(quán)限
> db.runCommand({
rolesInfo: [
"rolename>", { role: "rolename>", db: "database>" },
...
]
})
示例:
1.1�����、查看所有內(nèi)置角色
> db.runCommand({rolesInfo:1, showBuiltinRoles:true})
{
"roles" : [
{
"role" : "__queryableBackup",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "__system",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "backup",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "clusterAdmin",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "clusterManager",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "clusterMonitor",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "dbAdmin",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "dbAdminAnyDatabase",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "dbOwner",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "enableSharding",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "hostManager",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "read",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "readAnyDatabase",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "readWrite",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "readWriteAnyDatabase",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "restore",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "root",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "userAdmin",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
},
{
"role" : "userAdminAnyDatabase",
"db" : "admin",
"isBuiltin" : true,
"roles" : [ ],
"inheritedRoles" : [ ]
}
],
"ok" : 1
}
1.2�、常見的內(nèi)置角色
- 數(shù)據(jù)庫用戶角色:
read、readWrite
- 數(shù)據(jù)庫管理角色:
dbAdmin����、dbOwner�、userAdmin
- 集群管理角色:
clusterAdmin、clusterManager���、clusterMonitor
- 所有數(shù)據(jù)庫用戶角色:
readAnyDatabase���、readWriteAnyDatabase、userAdminAnyDatabase��、dbAdminAnyDatabase
- 備份恢復(fù)角色:
backup��、restore
- 超級(jí)用戶角色:
root
- 內(nèi)部角色:
system
角色說明:
| 角色 |
權(quán)限描述 |
| read |
可以讀取指定數(shù)據(jù)庫中任何數(shù)據(jù)�。 |
| readWrite |
可以讀寫指定數(shù)據(jù)庫中任何數(shù)據(jù)�,包括創(chuàng)建���、重命名�、刪除集合 |
| readAnyDatabase |
可以讀取所有數(shù)據(jù)庫中任何數(shù)據(jù)(除了數(shù)據(jù)庫config和local之外) |
| readWriteAnyDatabase |
可以讀寫所有數(shù)據(jù)庫中任何數(shù)據(jù)(除了數(shù)據(jù)庫config和local之外) |
| userAdminAnyDatabase |
可以在指定數(shù)據(jù)庫創(chuàng)建和修改用戶(除了數(shù)據(jù)庫config和local之外) |
| dbAdminAnyDatabase |
可以讀取任何數(shù)據(jù)庫以及對(duì)數(shù)據(jù)庫進(jìn)行清理��、修改��、壓縮���、獲取統(tǒng)計(jì)信息�����、執(zhí)行檢查等操作(除了數(shù)據(jù)庫config和local之外) |
| dbAdmin |
可以讀取指定數(shù)據(jù)庫以及對(duì)數(shù)據(jù)庫進(jìn)行清理���、修改、壓縮��、獲取統(tǒng)計(jì)信息�、執(zhí)行檢查等操作 |
| userAdmin |
可以在指定數(shù)據(jù)庫創(chuàng)建和修改用戶 |
| clusterAdmin |
可以對(duì)整個(gè)集群或數(shù)據(jù)庫系統(tǒng)進(jìn)行管理操作 |
| backup |
備份MongoDB數(shù)據(jù)最小的權(quán)限 |
| restore |
從備份文件中還原恢復(fù)MongoDB數(shù)據(jù)(除了system.profile集合)的權(quán)限 |
| root |
超級(jí)賬戶,超級(jí)權(quán)限 |
二��、單實(shí)例環(huán)境
2.1、創(chuàng)建用戶
創(chuàng)建用戶格式如下:
db.createUser({
user:"name>",
pwd:"password>",
customData:{any Object Data},
roles:[
{role:"role>",db:"database"},
...
]
})
備注:
1)user:新建用戶名
2)pwd:新建用戶密碼
3)customData:存放一些用戶相關(guān)的自定義數(shù)據(jù)����,可忽略
4)roles:數(shù)據(jù)類型,配置用戶的權(quán)限
示例:創(chuàng)建一個(gè)管理員賬戶
# mongo --host=10.10.10.11 --port=27017
> show dbs;
admin 0.000GB
collectest 0.000GB
config 0.000GB
local 0.000GB
>
> use admin
switched to db admin
>
> db.createUser({"user":"root","pwd":"123456","roles":[{"role":"root","db":"admin"}]});
Successfully added user: {
"user" : "root",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
]
}
查看用戶:
# 方法一
> use admin;
switched to db admin
>
> show users;
{
"_id" : "admin.root",
"userId" : UUID("d7280144-2886-45eb-95f3-1965be4eb7fe"),
"user" : "root",
"db" : "admin",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
# 方法二
> use admin;
switched to db admin
>
> show tables;
system.users
system.version
>
> db.system.users.find()
{ "_id" : "admin.root", "userId" : UUID("d7280144-2886-45eb-95f3-1965be4eb7fe"), "user" : "root", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "u2nQBHuC2P367Qo5mLhcRw==", "storedKey" : "0ccLsqhpWUyCdAoQKZQNNHwvj9g=", "serverKey" : "9Qxfsw+GCQMwUuyz9AlKRAX6zx0=" }, "SCRAM-SHA-256" : { "iterationCount" : 15000, "salt" : "rxajlRAv8zteEMm6r2Wx8GFY1ShBeLjHUqJ7iA==", "storedKey" : "T9z/0GJ21cxJ4CvnNL+PBGkTYwdPu9YxmRo1CQ2tGp0=", "serverKey" : "UBVuzHOxfKADUdpxIhRBab2HwPdLhNL2yUZzyTXFRt0=" } }, "roles" : [ { "role" : "root", "db" : "admin" } ]
2.2�、服務(wù)端開啟認(rèn)證
修改配置文件:
# vim /usr/local/mongodb/conf/mongodb.conf
dbpath=/usr/local/mongodb/data
logpath=/usr/local/mongodb/log/mongodb.log
bind_ip=0.0.0.0
port=27017
logappend=1
fork=1
auth=true #開啟認(rèn)證
重啟服務(wù):
# ps -ef |grep mongod
root 6991 1 0 19:46 ? 00:00:10 mongod -f /usr/local/mongodb/conf/mongodb.conf
root 7438 6395 0 20:14 pts/1 00:00:00 grep --color=auto mongod
# kill -2 6991
#
# mongod -f /usr/local/mongodb/conf/mongodb.conf
登陸測(cè)試:
# mongo --host=10.10.10.11 --port=27017
MongoDB shell version v4.4.1
connecting to: mongodb://10.10.10.11:27017/?compressors=disabledgssapiServiceName=mongodb
Implicit session: session { "id" : UUID("cb337048-a9c8-45ae-99aa-b0cb8cc7a163") }
MongoDB server version: 4.4.1
> show dbs #查看
>
> use admin #切換到admin庫
switched to db admin
> db.auth("root","123456") #進(jìn)行認(rèn)證
1
> show dbs;
admin 0.000GB
collectest 0.000GB
config 0.000GB
local 0.000GB
添加一個(gè)普通用戶:
創(chuàng)建普通用戶可以在沒有開啟認(rèn)證的時(shí)候添加,也可以在開啟認(rèn)證之后添加�,但開啟認(rèn)證之后,必須使用有操作admin庫的用戶登錄認(rèn)證后才能操作����。底層是將用戶信息保存在了admin數(shù)據(jù)庫的集合system.users中。
# 創(chuàng)建(切換)將來要操作的數(shù)據(jù)庫articledb
> use articledb
switched to db articledb
>
> db.createUser({user:"user1",pwd:"1234",roles:[{role:"readWrite",db:"articledb"}]})
Successfully added user: {
"user" : "user1",
"roles" : [
{
"role" : "readWrite",
"db" : "articledb"
}
]
}
# 測(cè)試是否可用
> db.auth("user1","1234")
1
2.3����、客戶端登錄認(rèn)證
方法1
先連接,在認(rèn)證:
# mongo --host 10.10.10.11 --port 27017
MongoDB shell version v4.4.1
connecting to: mongodb://10.10.10.11:27017/?compressors=disabledgssapiServiceName=mongodb
Implicit session: session { "id" : UUID("4efbbc03-31b7-45ff-8b3a-5ce6f76ff1ca") }
MongoDB server version: 4.4.1
> use admin
switched to db admin
> db.auth("root","123456")
1
> show dbs
admin 0.000GB
collectest 0.000GB
config 0.000GB
local 0.000GB
方法2
連接時(shí)進(jìn)行認(rèn)證:
# mongo --host 10.10.10.11 --port 27017 --authenticationDatabase admin -u root -p 123456
MongoDB shell version v4.4.1
connecting to: mongodb://10.10.10.11:27017/?authSource=admincompressors=disabledgssapiServiceName=mongodb
Implicit session: session { "id" : UUID("0848b5d0-fb56-40eb-9b37-542682fd6ada") }
MongoDB server version: 4.4.1
......
>
> show dbs
admin 0.000GB
collectest 0.000GB
config 0.000GB
local 0.000GB
參數(shù)說明:
--host:連接的主機(jī)地址--port:連接的端口--authenticationDatabase:指定連接到哪個(gè)庫����。當(dāng)?shù)卿浭侵付ㄓ脩裘艽a時(shí)�����,必須指定對(duì)應(yīng)的數(shù)據(jù)庫�!-u:用戶名-p:密碼
三、副本集環(huán)境
對(duì)于搭建好的mongodb副本集,為了安全����,啟動(dòng)安全認(rèn)證,使用賬戶密碼登錄���。
對(duì)副本集執(zhí)行訪問控制需要配置兩個(gè)方面:
1)副本集和共享集群的各個(gè)節(jié)點(diǎn)成員之間使用內(nèi)部身份驗(yàn)證�����,可以使用秘鑰文件或x.509證書���。秘鑰文件比較簡單。
2)使用客戶端連接到mongodb集群時(shí)���,可開啟訪問授權(quán)��。對(duì)于集群外部的訪問��。如通過可視化客戶端���、或者通過代碼連接的時(shí)候,需要開啟授權(quán)���。
3.1�、添加管理賬戶
在主節(jié)點(diǎn)添加管理賬戶,副本集會(huì)自動(dòng)同步����。
myrs:PRIMARY> use admin
switched to db admin
myrs:PRIMARY> db.createUser({user:"root",pwd:"123456",roles:[{role:"root",db:"admin"}]})
Successfully added user: {
"user" : "root",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
]
}
備注:
該步驟也可以在開啟認(rèn)證之后,但需要通過localhost登錄才允許添加用戶�����,用戶數(shù)據(jù)也會(huì)自動(dòng)同步到副本集�。后續(xù)再創(chuàng)建其他用戶,都已使用該超管用戶創(chuàng)建����。
3.2、創(chuàng)建副本集認(rèn)證的key文件
生成一個(gè)key文件到當(dāng)前文件夾中����。
可以使用任何方法生成秘鑰文件,例如���,一下使用openssl生成密碼文件,然后使用chmod來更改文件權(quán)限����,僅為文件所有這提供讀取權(quán)限����。
# openssl rand -base64 90 -out ./mongo.keyfile
# chmod 400 ./mongo.keyfile
# ll mongo.keyfile
-r--------. 1 root root 122 Nov 17 16:27 mongo.keyfile
備注:
所有副本集節(jié)點(diǎn)都必須使用同一份keyfile,一般在一臺(tái)機(jī)器上生成��,然后拷貝到其他機(jī)器上���,且必須有讀的權(quán)限���,否則將來會(huì)報(bào)錯(cuò):permissions on /mongodb/replica_sets/myrs_27017/mongo.keyfile are too open
一般情況下和配置文件放置在一起��,方便查找���。這里都copy到各個(gè)節(jié)點(diǎn)的配置文件目錄
# cp mongo.keyfile /data/replica_sets/myrs_27017/
# cp mongo.keyfile /data/replica_sets/myrs_27018/
# cp mongo.keyfile /data/replica_sets/myrs_27019/
3.3�����、修改配置文件指定keyfile
分別編輯幾個(gè)服務(wù)的mongod.conf文件����,添加相關(guān)內(nèi)容:
# vim /data/replica_sets/myrs_27017/mongod.conf
security:
#keyfile鑒權(quán)文件
keyFile: /data/replica_sets/myrs_27017/mongo.keyfile
#開啟認(rèn)證方式運(yùn)行
authorization: enabled
# vim /data/replica_sets/myrs_27018/mongod.conf
security:
#keyfile鑒權(quán)文件
keyFile: /data/replica_sets/myrs_27018/mongo.keyfile
#開啟認(rèn)證方式運(yùn)行
authorization: enabled
# vim /data/replica_sets/myrs_27019/mongod.conf
security:
#keyfile鑒權(quán)文件
keyFile: /data/replica_sets/myrs_27019/mongo.keyfile
#開啟認(rèn)證方式運(yùn)行
authorization: enabled
3.4、重啟副本集
如果副本集是開啟狀態(tài)�����,則先分別關(guān)閉副本集中的每個(gè)mongod��,從次節(jié)點(diǎn)開始���。直到副本集的所有成員都離線��,包括任何仲裁者�。主節(jié)點(diǎn)必須是最后一個(gè)成員關(guān)閉�,以避免潛在的回滾�����。
# ps -ef |grep mongod
root 2649 1 1 11:20 ? 00:04:44 mongod -f /data/replica_sets/myrs_27017/mongod.conf
root 2728 1 1 11:20 ? 00:05:21 mongod -f /data/replica_sets/myrs_27018/mongod.conf
root 4534 1 0 14:13 ? 00:01:07 mongod -f /data/replica_sets/myrs_27019/mongod.conf
# kill -2 2649 4534 2728
分別啟動(dòng)副本集:
# mongod -f /data/replica_sets/myrs_27017/mongod.conf
about to fork child process, waiting until server is ready for connections.
forked process: 6287
child process started successfully, parent exiting
#
# mongod -f /data/replica_sets/myrs_27018/mongod.conf
about to fork child process, waiting until server is ready for connections.
forked process: 6365
child process started successfully, parent exiting
#
# mongod -f /data/replica_sets/myrs_27019/mongod.conf
about to fork child process, waiting until server is ready for connections.
forked process: 6456
child process started successfully, parent exiting
查看進(jìn)程情況:
# ps -ef |grep mongo
root 6287 1 3 16:40 ? 00:00:02 mongod -f /data/replica_sets/myrs_27017/mongod.conf
root 6365 1 3 16:41 ? 00:00:02 mongod -f /data/replica_sets/myrs_27018/mongod.conf
root 6456 1 2 16:41 ? 00:00:01 mongod -f /data/replica_sets/myrs_27019/mongod.conf
3.5�����、連接測(cè)試
連接主節(jié)點(diǎn)測(cè)試:
先連接���,再認(rèn)證
# mongo --host 10.10.10.11 --port 27017
MongoDB shell version v4.4.1
connecting to: mongodb://10.10.10.11:27017/?compressors=disabledgssapiServiceName=mongodb
Implicit session: session { "id" : UUID("e1218d07-5094-468d-bdfe-f1d3e3815281") }
MongoDB server version: 4.4.1
myrs:PRIMARY> show dbs
myrs:PRIMARY> db.auth("root","123456")
1
myrs:PRIMARY> show dbs
admin 0.000GB
collectest 0.000GB
config 0.000GB
local 0.001GB
test 0.000GB
連接時(shí)進(jìn)行認(rèn)證:
# mongo --host 10.10.10.11 --port 27017 --authenticationDatabase admin -u root -p 123456
---
myrs:PRIMARY> show dbs
admin 0.000GB
collectest 0.000GB
config 0.000GB
local 0.001GB
test 0.000GB
連接副本節(jié)點(diǎn)測(cè)試:
# mongo --host 10.10.10.11 --port 27018 --authenticationDatabase admin -u root -p 123456
myrs:SECONDARY> show dbs #查看數(shù)據(jù)庫,這里不能查看是因?yàn)槟J(rèn)副本節(jié)點(diǎn)不能查詢數(shù)據(jù)��,需要開啟查詢權(quán)限
uncaught exception: Error: listDatabases failed:{
"topologyVersion" : {
"processId" : ObjectId("5fb38ca9ae9c791f8008eb9a"),
"counter" : NumberLong(4)
},
"operationTime" : Timestamp(1605603187, 1),
"ok" : 0,
"errmsg" : "not master and slaveOk=false",
"code" : 13435,
"codeName" : "NotMasterNoSlaveOk",
"$clusterTime" : {
"clusterTime" : Timestamp(1605603187, 1),
"signature" : {
"hash" : BinData(0,"hCt+wCrLo2uwZucZsLN0id+Rnh0="),
"keyId" : NumberLong("6893051287466672133")
}
}
} :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
Mongo.prototype.getDBs/@src/mongo/shell/mongo.js:147:19
Mongo.prototype.getDBs@src/mongo/shell/mongo.js:99:12
shellHelper.show@src/mongo/shell/utils.js:937:13
shellHelper@src/mongo/shell/utils.js:819:15
@(shellhelp2):1:1
myrs:SECONDARY>
myrs:SECONDARY> rs.secondaryOk() #開啟副本集讀取權(quán)限
myrs:SECONDARY>
myrs:SECONDARY> show dbs #再次查看
admin 0.000GB
collectest 0.000GB
config 0.000GB
local 0.001GB
test 0.000GB
3.6、添加普通用戶
添加普通用戶對(duì)指定庫有讀寫權(quán)限:
//連接主節(jié)點(diǎn)
# mongo --host 10.10.10.11 --port 27017 --authenticationDatabase admin -u root -p 123456
myrs:PRIMARY> use collectest #切換到collectest庫
switched to db collectest
myrs:PRIMARY>
myrs:PRIMARY> db.createUser({user:"u_test",pwd:"123",roles:[{role:"readWrite", db:"collectest"}]}) #創(chuàng)建用戶u_test對(duì)collectest庫有讀寫權(quán)限
Successfully added user: {
"user" : "u_test",
"roles" : [
{
"role" : "readWrite",
"db" : "collectest"
}
]
}
myrs:PRIMARY>
使用普通用戶登錄并查詢數(shù)據(jù):
# mongo --host 10.10.10.11 --port 27017 --authenticationDatabase collectest -u u_test -p 123
...
myrs:PRIMARY>
myrs:PRIMARY> show dbs
collectest 0.000GB
myrs:PRIMARY>
myrs:PRIMARY> use collectest
switched to db collectest
myrs:PRIMARY>
myrs:PRIMARY> show collections
collectest
myrs:PRIMARY>
myrs:PRIMARY> db.collectest.find()
{ "_id" : ObjectId("5faa3432f6e79c62c00e4d72"), "name" : "張三", "sex" : "男", "age" : 22, "userid" : 1001, "createdatetime" : ISODate("2020-11-10T06:33:22.459Z") }
{ "_id" : ObjectId("5facec10cca53c48154d261c"), "name" : "小白", "sex" : "女", "age" : 20, "userid" : 1002, "createdatetime" : ISODate("2020-11-12T08:02:24.915Z") }
{ "_id" : ObjectId("5facf32dfb5fe16aaf699d7d"), "name" : "小嘿", "sex" : "女", "age" : 21, "userid" : 1002, "createdatetime" : ISODate("2020-11-12T08:32:45.919Z") }
myrs:PRIMARY>
#查詢一個(gè)普通用戶沒有權(quán)限的庫,則會(huì)提示響應(yīng)警告��,并無法查看成功�。
myrs:PRIMARY> use admin
switched to db admin
myrs:PRIMARY> show collections
Warning: unable to run listCollections, attempting to approximate collection names by parsing connectionStatus
以上就是淺析MongoDB之安全認(rèn)證的詳細(xì)內(nèi)容���,更多關(guān)于MongoDB 安全認(rèn)證的資料請(qǐng)關(guān)注腳本之家其它相關(guān)文章!
您可能感興趣的文章:- springboot實(shí)現(xiàn)將自定義日志格式存儲(chǔ)到mongodb中
- 常用的MongoDB查詢語句的示例代碼
- mongodb中oplog介紹和格式詳析
- SpringBoot整合之SpringBoot整合MongoDB的詳細(xì)步驟
- MongoDB安裝使用并實(shí)現(xiàn)Python操作數(shù)據(jù)庫
- SpringBoot整合MongoDB的實(shí)現(xiàn)步驟
- 詳解MongoDB的條件查詢和排序
- mongodb的安裝和開機(jī)自啟動(dòng)詳細(xì)講解
