侧边栏壁纸
博主头像
★街角晚灯★博主等级

博观而约取 厚积而薄发

  • 累计撰写 437 篇文章
  • 累计创建 181 个标签
  • 累计收到 0 条评论

目 录CONTENT

文章目录

Docker容器MongoDB的授权

WinJay
2021-08-24 / 0 评论 / 0 点赞 / 225 阅读 / 8956 字 / 正在检测是否收录...
温馨提示:
文章发布较早,内容可能过时,阅读注意甄别。。。。

参考网址:https://www.cnblogs.com/haiquan/p/13072525.html

https://www.runoob.com/mongodb/mongodb-mongodump-mongorestore.html

一、MongoDB授权

1.Docker 安装MongoDB

#!/bin/bash
# author:WinJayX
# date:2020-05-07
# Maintainer WinJayX <WinJayX@Gmail.com>
# func:MongoDB Docker Container 
# !!! -p 参数说明 -p :前的为宿主机的端口,后的为容器业务所需的端口!!!
docker rm -f MongoTest
docker run -d --name MongoTest \
    -u root \
    -h MongoDB \
    -p 27017:27017 \
    --restart always \
    --volume `pwd`/MongoData:/data/db \
    --volume /etc/localtime:/etc/localtime:ro \
    -e MONGO_INITDB_ROOT_USERNAME=admin \
    -e MONGO_INITDB_ROOT_PASSWORD=nerc.nerc/1 \
    mongo --auth

2.进入容器

docker exec -it MongoTest /bin/bash

3.进入Mongo Shell

  • 输入mongo进入mongo shell
 docker exec -it MongoTest bash
 
root@MongoDB:/# mongo
MongoDB shell version v5.0.2
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("15a12b60-022e-4ddf-ade0-9e82a761ceac") }
MongoDB server version: 5.0.2
================
Warning: the "mongo" shell has been superseded by "mongosh",
which delivers improved usability and compatibility.The "mongo" shell has been deprecated and will be removed in
an upcoming release.
We recommend you begin using "mongosh".
For installation instructions, see
https://docs.mongodb.com/mongodb-shell/install/
================
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
	https://docs.mongodb.com/
Questions? Try the MongoDB Developer Community Forums
	https://community.mongodb.com
>

4. 创建管理员账号

  • use admin 选择admin库,然后执行SQL创建管理员帐号
> use admin
> db.createUser({ user: 'admin', pwd: 'nerc.nerc/1', roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] });


// 如果容器启动时已指定用户名及密码则需要先登录,输入:
db.auth('admin','nerc.nerc/1')

5.测试用户

  • db.auth("admin","admin")返回1,则认证成功

image.png

6,.查看全局所有账户

  • 命令为:db.system.users.find().pretty()
> db.auth('admin','nerc.nerc/1')
1
> db.system.users.find().pretty()		#查看全局所有账户 
{
	"_id" : "admin.admin",
	"userId" : UUID("160ca492-85d7-4ac6-9f58-97761c086ae7"),
	"user" : "admin",
	"db" : "admin",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "OBHgBIZV8Vj9naESL0ogoA==",
			"storedKey" : "l1ess/gxgtSOITHf5lVFwQhlHi8=",
			"serverKey" : "xwKL4T+hWeuLFEpTIBNYA5fX/KU="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "bI3BRSb77OWmEwB006Hzb2sj7BOli55BoEgiDg==",
			"storedKey" : "TlRcUileHPG1bPeAu+9kWS56Def7Vsepp+gZhIjuFs8=",
			"serverKey" : "E1bZt1/rv07Kq1l1sUH8mQ5bEh147JkwR1SBPRvL58Q="
		}
	},
	"roles" : [
		{
			"role" : "root",
			"db" : "admin"
		}
	]
}
{
	"_id" : "wechatdev.wechat",
	"userId" : UUID("357eab8b-245b-442e-84b0-53ef9936012f"),
	"user" : "wechat",
	"db" : "wechatdev",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "9nMRplh+zAJDusJyvqekQA==",
			"storedKey" : "yR1OqqRJK8n9xYp+GxZ5Oc/dXP0=",
			"serverKey" : "O/CL/aSHBl3I7SnAWWZnibHZ0NQ="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "p9LWUfmDNOK+Nny7EzTb8prptx81FUcAXC6Wpg==",
			"storedKey" : "eN3f0n7FVk1cGx7LRbHfyfK/7ldig4xjAg48kOA4i28=",
			"serverKey" : "ZSQiIIezDUM/rlUeMDX/cpe2ENnZ/wmeJSH0suZmQFU="
		}
	},
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "wechatdev"
		}
	]
}
{
	"_id" : "wechat-0518.admin",
	"userId" : UUID("35f57feb-e040-4fc7-9d86-842d87f9237b"),
	"user" : "admin",
	"db" : "wechat-0518",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "GlUmK/TOSLdLAk/1/pUyRw==",
			"storedKey" : "bzHzjYYtYbYSEIhUDqEtONTOxnU=",
			"serverKey" : "/1Le+s+ryiJrg2RQ2ik0DTbDE+Q="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "HmPO3nB8lBg75OjeS8N/pbY1tZtKCkfDIpbiZA==",
			"storedKey" : "t2R8NKvZ2s5x2d2FRw6cNeBGSATE0k3AWLMpvQ8Io+A=",
			"serverKey" : "nWmzfyhQXSYfYly1O3BaxsleEu2z6Pf3zzu8LF8JbRo="
		}
	},
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "wechat-0518"
		}
	]
}
{
	"_id" : "wechat-0520.admin",
	"userId" : UUID("ba7de9a8-aa1b-4747-9a07-39b3181a66a6"),
	"user" : "admin",
	"db" : "wechat-0520",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "rLxHEU98WeCYDjQJOHvCog==",
			"storedKey" : "Vp4d85H40M1//N6yIgvKF3XWVHg=",
			"serverKey" : "VgDivDUJ4EIT0wrxhMfpTg4dfj4="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "GReA69+KzI4i3nEoIORiLI9whJ7Sne50u0XoBw==",
			"storedKey" : "TbrGJHwO50t8lgaqm2Y8zWpnwWK2lhgIl33hTw7vszo=",
			"serverKey" : "Hwf+r/XyjMmcihXDpaM3MZOgVaNrfROZSdyjgi9WuFU="
		}
	},
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "wechat-0518"
		}
	]
}
{
	"_id" : "test.admin",
	"userId" : UUID("0e88e062-4409-4ae4-a348-45b86b60e5a3"),
	"user" : "admin",
	"db" : "test",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "xUCAx1Gt75b/vpA4jxKO1w==",
			"storedKey" : "sJULlwapTHKsCjqcRdz27jX3nJs=",
			"serverKey" : "9GDmmxfbEvb6bwcwYRVf4LQ7nBM="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "h6X6jACYid01VEncs+Xi4xupNVuLSXKv+k4p+A==",
			"storedKey" : "p/ek07fB5aPWpx1cCTdzRrx0Sltv0gXQ98YrXKyuC+0=",
			"serverKey" : "SMZpVw9ayetzfEc816z07kXxendzsUzQ5tg64KN709w="
		}
	},
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "wechat-0520"
		}
	]
}
{
	"_id" : "wechat-test.admin",
	"userId" : UUID("ea9c0a00-ca44-4c04-9667-fc8907340aff"),
	"user" : "admin",
	"db" : "wechat-test",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "4zLj0yEXz8/zc8jObxLNww==",
			"storedKey" : "zYFx/UvdQwrOr70xtE3N9/m/7xw=",
			"serverKey" : "YTEshFatzoB5BlPBe2gTikOKmTc="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "5cgJDieWexoA0SYFE6GaGgkXZhvGTKJU31mh7w==",
			"storedKey" : "NHQpuAIZYHMh6MXGlPOJVYn5aam3sZjWS9r6KJTuVqM=",
			"serverKey" : "Ch5IaGR46rGT3gULNlphyHcZUsqwV1OMOKHRcGOdSF0="
		}
	},
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "wechat-test"
		}
	]
}

7.选择数据库

  • 切换到想要加密的数据库,如use app执行以下创建用户SQL。
db.createUser({user: "user", pwd: "user", roles: [{ role: "readWrite", db: "app"}]});  
// 其中readWrite可以替换为dbOwner(拥有最高权限)

8.登录测试

db.auth("user","user") 返回1,则认证成功


0

评论区