MongoDB我应该将用户放在admin数据库还是本地数据库中 [英] MongoDB should I put users in admin db or local db
问题描述
在MongoDB中,关于将数据库用户放置在什么位置,是否有最佳实践?
Is there any best practice in MongoDB as to where I should put my database users?
我刚刚设置了本地MongoDB服务器,并在admin数据库中添加了用户,并授予他们对他们"(我的意思是用户唯一有权访问的数据库)数据库的访问权限.
I've just set up a local MongoDB server and I've added users in the admin database and granted them access to "their" (by their I mean the only database the users have access to) database.
您认为将用户放在他们的"数据库中而不是在管理数据库中会更好吗?
Do you think it would be better to just put the users in "their" database and not in the admin database?
推荐答案
Regardless of the user's authentication database, Mongo always stores user information in admin.
MongoDB将所有用户信息(包括名称,密码和用户的身份验证数据库)存储在管理数据库的
system.users集合中.
请参见集中用户数据和 system-users-collection .
创建用户并授予该用户访问单个数据库(即身份验证数据库)的权限后,该信息只能仅存储在admin数据库中.
When you create a user and grant that user access to a single database (aka their authentication database) then that information can only be stored in the admin database.
因此,这实际上不是最佳实践"的问题;根据用户的的实现,将用户详细信息存储在admin中是MongoDB的选择.用户管理命令.
So, it's not really a question of "best practice"; storing user details in admin is MongoDB's choice, as implemented by their user management commands.
更新以回应此评论:
好吧,因此用户始终位于admin数据库中,但是我还可以向其他数据库添加重复项"吗?也许问题应该在于将用户添加到其他非管理员"数据库中是否有优势?
Ok, so the users are always located in the admin db, but I may also add "duplicates" to the other dbs? Maybe the question should be whether there any advantage in adding users to the other "non admin" dbs?
如果您打算让一个用户可以访问多个数据库,请在每个数据库中创建一个具有角色的单个用户,而不是多次(即在每个数据库中创建一次)创建该用户.例如:
If you intend to have a single user with access to multiple databases then create a single user with roles in each of those databases rather than creating that user multiple times i.e. once in each of those databases. For example:
use admin;
db.createUser({user:'userName', pwd:'passwordValue', roles:[
{role:'readWrite', db:'DatabaseA'},
{role:'readWrite', db:'DatabaseB'}
]});
这篇关于MongoDB我应该将用户放在admin数据库还是本地数据库中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
