7

I want to create the database in mongodb that's secure.

Secure means the application has to pass username/password to connect to my database in mongodb.

Improve this question
0

2 Answers 2

Reset to default
18

From Mongo Java Tutorial

MongoDB can be run in a secure mode where access to databases is controlled through name and password authentication. When run in this mode, any client application must provide a name and password before doing any operations. In the Java driver, you simply do the following with the connected mongo object :

boolean auth = db.authenticate(myUserName, myPassword);

If the name and password are valid for the database, auth will be true. Otherwise, it will be false. You should look at the MongoDB log for further information if available.

Most users run MongoDB without authentication in a trusted environment.

Configuring Authentication and Security

Authentication is stored in each database's system.users collection. For example, on a database projectx, projectx.system.users will contain user information.

We should first configure an administrator user for the entire db server process. This user is stored under the special admin database.

If no users are configured in admin.system.users, one may access the database from the localhost interface without authenticating. Thus, from the server running the database (and thus on localhost), run the database shell and configure an administrative user:

$ ./mongo
> use admin
> db.addUser("theadmin", "anadminpassword")

We now have a user created for database admin. Note that if we have not previously authenticated, we now must if we wish to perform further operations, as there is a user in admin.system.users.

> db.auth("theadmin", "anadminpassword")

We can view existing users for the database with the command:

> db.system.users.find()

Now, let's configure a "regular" user for another database.

> use projectx
> db.addUser("joe", "passwordForJoe")

Finally, let's add a readonly user. (only supported in 1.3.2+)

> use projectx
> db.addUser("guest", "passwordForGuest", true)
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

So you created your admin theadmin in the admin database, then restarted mongod with --auth option. How come, now, that if you do ./mongo admin you will be logged automagically w/o provide user and pass?
In that case you have started the mongo shell but not yet authenticated. Try and do any operation, for example show collections, you will get a unauthorized error.
3
  • Create a Admin user for the mongo instance,

> use admin

> db.addUser("admin", "xyzxyz")

  • Switch to db for which authentication is required

> use newdb

> db.addUser("newuser", "strongpwd")

  • Stop the mongo instance/service. If mongodb was installed via ppa, then it is configured as a service.

sudo service mongodb stop

If it was installed from source, stop the process using:

/etc/init.d/mongodb stop

  • Change the config file to use authentication by default

vim /etc/mongodb.conf

auth = true

  • Start mongodb. If it is a service

sudo service mongodb restart

else

mongod --config /etc/mongodb.conf

  • Check if auth is enabled:

> show collections on newdb should give the error

"$err" : "not authorized for query on newdb.system.namespaces",
"code" : 16550

and should work after

> db.auth("newuser", "strongpwd")

Now the db newdb is secured.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.