Skip to main content

mongodb authentication setting


The administrator of the database is the right person for the task of granting, or denying, permissions to users for doing operations with database resources. By using roles, we can specify what action can be done with a resource. Therefore, a role is a privilege granted to a user to do specific tasks with specific resources. Before you enable access control, you should create a user that can then create users and assign roles to them once access control is enabled.This user-admin will then be used to create and maintain other users and roles, so needs to be assigned a suitable role to enable it to do so.


I assume you already have admin user set up within you system if not refer hare before proceeding.

The role userAdminAnyDatabase in MongoDB gives ability to create users and assign roles to them, but by itself it doesn’t allow the user to do anything else. The superuser role in MongoDB is the root.

In the this post i will show how to create, show and delete a user in MongoDB. I will also show how to create a user with root (superuser) privileges on the all databases in MongoDB.


 Shell into mongodb with the admin user


mongo -u admin -p --authenticationDatabase admin --host 192.168.0.250

MongoDB shell version v4.0.10

Enter password:


> use admin
switched to db admin
> show users -- Show users in the current database:
{
        "_id" : "admin.admin",
        "userId" : UUID("6e316f61-9cf3-42f5-9998-dcd5da0559f4"),
        "user" : "admin",
        "db" : "admin",
        "roles" : [
                {
                        "role" : "userAdminAnyDatabase",
                        "db" : "admin"
                }
        ],
        "mechanisms" : [
                "SCRAM-SHA-1",
                "SCRAM-SHA-256"
        ]
}

Create user called farmtest, with read access to database farm, read and write access to farm-dev


> use farm-dev -- Switch to the database in which you would like to create a common user      
switched to db farm-dev
> db.createUser(
... {
... user: "farmtest",
... pwd: "pass123",
... roles: [
... { role: "read", db: "farm" },  --- different permissions on different databases.
... { role: "readWrite", db: "farm-dev" }
... ]
... }
... );
Successfully added user: {
        "user" : "farmtest",
        "roles" : [
                {
                        "role" : "read",
                        "db" : "farm"
                },
                {
                        "role" : "readWrite",
                        "db" : "farm-dev"
                }
        ]
}

connect to remote MongoDB server from the command line using mongo shell with the farmtest user.

 mongo -u farmtest -p --authenticationDatabase farm-dev --host 192.168.0.250
MongoDB shell version v4.0.10
Enter password:
connecting to: mongodb://192.168.0.250:27017/?authSource=farm-dev&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("564c14a4-52ac-407c-98a3-670a9fc95697") }
MongoDB server version: 4.0.10
>
Note: if you want to use MongoDB client, we must use a connection string like this:

module.exports = {mongoURI: 'mongodb://farmtest:pass123@192.168.0.250/farm-dev'}

Create mongo-root user: 

 use admin
switched to db admin
> db.createUser(
... {
... user: "mgroot",
... pwd: "Passw0rd",
... roles: [ { role: "root", db: "admin" } ]
... }
... )
Successfully added user: {
        "user" : "mgroot",
        "roles" : [
                {
                        "role" : "root",
                        "db" : "admin"
                }
        ]
}


 Delete a user from the current database:


> db.dropUser("user1")
Labels:

Popular posts from this blog

django react app setting up the backend

On the previous article I demonstrated how we can use the generic views along with ModelSerializer classes to rapidly develop our REST APIs. Knowledge that you will need  in your career as full stack / backend developer, however think of this article as an extension to the previous one, equipped with what we already know about REST API we will step our game up and discuss about ViewSet, ModelViewset we will dig deep into the concepts of Routers which allow us to manage our api routes in a simple and sophisticated manner as well as helping to speed up building APIs even further. There for on part II of this article i'll work you through on how React application can consume this RESTful API. There for at the end of the day we will have a full stack web app, in short we strat our development at the backend then later on we move at the frontend... so are you excited and ready to take the challange? lets do this then..... you can get source code for the bakend on github Preparat...
Read more

How to Install PostgreSQL on debian stretch in oder to use it with your Django application and allow remote connection

In this guide, we'll demonstrate how to install and configure PostgreSQL to use with your Django applications. We will install the necessary software, create database credentials for our application, and then start and configure a Django project to use this backend. We will start by  install the database software and the associated libraries required to interact with them. This guide assumes that you allready have a working Django project. Step 1 – Prerequsities apt-get install python3-pip python3-dev libpq-dev postgresql postgresql-contrib Step 2 – Connect to PostgreSQL After installing the PostgreSQL database server by default, it creates a user ‘postgres’ with role ‘postgres’. It also creates a system account with the same name ‘postgres’. So to connect to postgres server, login to your system as user postgres and connect database. su - postgres You should now be in a shell session for the postgres user. Log into a Postgres session by typing:...
Read more

How to create REST API using Django REST Framework

This post begins with already working project and app's, I found that there some few requirement's that my project needed to handle and the best option for those requirement's was to use the Django's  Rest Framework. The way that I will tackle this task is more specific to the needs of the project rather than a one to one how to..., that being said you can still follow along, the approach that I'm going to use is easy to follow since I'll be providing a lot of information a log the way for better understanding of the why and how.....this code is available on Github , enough with the alerts and on with the show. Note:  If you would want to mimic the exactly settings then you will need to enable user authentication on your project you can follow this link for details .  Start with the DRF (Django Rest Framework) installation pip3 install djangorestframework For our app to use DRF, we'll have to add rest_framework into our settings.py.   nan...
Read more