在mongodb中创建安全的数据库 [英] create secure database in mongodb

问题描述

我想在mongodb中创建安全的数据库.

I want to create the database in mongodb that's secure.

安全意味着应用程序必须通过用户名/密码才能连接到我在mongodb中的数据库.

Secure means the application has to pass username/password to connect to my database in mongodb.

推荐答案

来自Mongo Java教程

From Mongo Java Tutorial

MongoDB可以在安全模式下运行，其中通过名称和密码身份验证来控制对数据库的访问.在此模式下运行时，任何客户端应用程序都必须提供名称和密码，然后才能执行任何操作.在Java驱动程序中，您只需对连接的mongo对象执行以下操作:

MongoDB can be run in a secure mode where access to databases is controlled through name and password authentication. When run in this mode, any client application must provide a name and password before doing any operations. In the Java driver, you simply do the following with the connected mongo object :

boolean auth = db.authenticate(myUserName, myPassword);

如果名称和密码对于数据库有效，则auth为true.否则，它将是错误的.您应该查看MongoDB日志以获取更多信息(如果有).

If the name and password are valid for the database, auth will be true. Otherwise, it will be false. You should look at the MongoDB log for further information if available.

大多数用户在可信任的环境中运行未经身份验证的MongoDB.

Most users run MongoDB without authentication in a trusted environment.

配置身份验证和安全性

身份验证存储在每个数据库的system.users集合中.例如，在数据库projectx上，projectx.system.users将包含用户信息.

Authentication is stored in each database's system.users collection. For example, on a database projectx, projectx.system.users will contain user information.

我们应该首先为整个数据库服务器进程配置一个管理员用户.该用户存储在特殊的管理员数据库下.

We should first configure an administrator user for the entire db server process. This user is stored under the special admin database.

如果在admin.system.users中未配置任何用户，则可以从本地主机接口访问数据库而无需进行身份验证.因此，从运行数据库的服务器(因此在本地主机上)，运行数据库外壳并配置管理用户:

If no users are configured in admin.system.users, one may access the database from the localhost interface without authenticating. Thus, from the server running the database (and thus on localhost), run the database shell and configure an administrative user:

$ ./mongo
> use admin
> db.addUser("theadmin", "anadminpassword")

我们现在为数据库管理员创建了一个用户.请注意，如果我们之前未进行身份验证，则现在必须进行进一步的操作，因为admin.system.users中有一个用户.

We now have a user created for database admin. Note that if we have not previously authenticated, we now must if we wish to perform further operations, as there is a user in admin.system.users.

> db.auth("theadmin", "anadminpassword")

我们可以使用以下命令查看数据库的现有用户:

We can view existing users for the database with the command:

> db.system.users.find()

现在，让我们为另一个数据库配置一个常规"用户.

Now, let's configure a "regular" user for another database.

> use projectx
> db.addUser("joe", "passwordForJoe")

最后，让我们添加一个只读用户. (仅在1.3.2+中受支持)

Finally, let's add a readonly user. (only supported in 1.3.2+)

> use projectx
> db.addUser("guest", "passwordForGuest", true)

这篇关于在mongodb中创建安全的数据库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！