前言
大家在Mongodb安裝好后,一般不需要用戶名密碼就可以直接使用,開(kāi)發(fā)者認(rèn)為只要使用環(huán)境足夠安全,可以不使用認(rèn)證,但是在實(shí)際使用中為了數(shù)據(jù)的安全,大多人還是選擇了開(kāi)啟權(quán)限認(rèn)證。
一、在老版的Mongodb(大概3.0以前)可以這樣開(kāi)啟認(rèn)證:
1、Linux環(huán)境下mongo shell方式認(rèn)證:
>show dbs ##看到有如下數(shù)據(jù) admin (empty) comment 0.203125GB dbtest (empty) foo 0.203125GB local (empty) test 0.203125GB >use admin switched to db admin > db.addUser('admin','12345678') ##添加用戶 Mon Nov 5 23:40:00 [FileAllocator] allocating new datafile /data/db/admin.ns, filling with zeroes... { "user" : "admin", "readOnly" : false, "pwd" : "89e41c6c28d88d42c21fe501d82969ea", "_id" : ObjectId("5097ddd00342c63efff3fbfb") } ##之后運(yùn)行 >showdbs Mon Nov 5 23:45:13 uncaught exception: listDatabases failed:{ "errmsg" : "need to login", "ok" : 0 } ##提示需要登錄 添加--auth 啟動(dòng) ./mongod -auth ./mongo >use admin switched to db admin > db.auth('admin','12345678') ##用添加的賬戶密碼查看 Mon Nov 5 23:49:32 [conn56] authenticate db: admin { authenticate: 1, nonce: "304f5242601fafa4", user: "admin", key: "58260df384b1146466efca5c90a5ff05" } 1 #1 說(shuō)明登錄成功 > show dbs admin 0.203125GB comment 0.203125GB dbtest (empty) foo 0.203125GB local (empty) test 0.203125GB > use admin switched to db admin > show collections; system.indexes system.users > db.system.users.find() ##查找數(shù)據(jù) { "_id" : ObjectId("5097ddd00342c63efff3fbfb"), "user" : "admin", "readOnly" : false, "pwd" : "89e41c6c28d88d42c21fe501d82969ea" } 2、php代碼連接認(rèn)證:
<?php ##1 使用超級(jí)用戶連接mongodb /*mongodb連接*/ $m = new Mongo("mongodb://admin:12345678@192.168.138.35:27017"); /*選擇melon數(shù)據(jù)庫(kù)*/ $db = $m->melon; /*集合*/ $collection = melonco; /*選擇數(shù)據(jù)庫(kù)里面的集合,相當(dāng)于表*/ $collection = $db->$collection; $array = array('name'=>'melon','age'=>'24','sex'=>'Male','birth'=>array('year'=>'1988','month'=>'07','day'=>'13')); $collection->insert($array); $cursor = $collection->find(); foreach ($cursor as $id => $value) { echo "$id: "; var_dump($value); echo "<br>"; } ###2 使用數(shù)據(jù)庫(kù)用戶 /*mongodb連接*/ $m = new Mongo("192.168.138.35:27017"); /*選擇comment*/ $db = $m->melon; /*連接數(shù)據(jù)庫(kù)*/ $db->authenticate("melon", "melon"); /*選擇t數(shù)據(jù)庫(kù)里面集合,相當(dāng)于表*/ $collection = $db->melonco; $array = array('name'=>'melon_son','age'=>'0','sex'=>'Male','birth'=>array('year'=>'201X','month'=>'07','day'=>'13')); $collection->insert($array); $cursor = $collection->find(); foreach ($cursor as $id => $value) { echo "$id: "; var_dump($value); echo "<br>"; } 二、在3.0版之后的Mongodb,shell中依舊可以使用上述方法驗(yàn)證,但是php認(rèn)證一直失敗,日志中會(huì)報(bào)錯(cuò)( Failed to authenticate myuser@userdb with mechanism MONGODB-CR: AuthenticationFailed MONGODB-CR credentials missing in the user document),原來(lái)新版的mongodb加入了SCRAM-SHA-1校驗(yàn)方式,需要第三方工具配合進(jìn)行驗(yàn)證。
下面給出具體解決辦法:
首先關(guān)閉認(rèn)證,修改system.version文檔里面的authSchema版本為3,初始安裝時(shí)候應(yīng)該是5,命令行如下:
> use admin switched to db admin > var schema = db.system.version.findOne({"_id" : "authSchema"}) > schema.currentVersion = 3 3 > db.system.version.save(schema) WriteResult({ "nMatched" : 1, "nUpserted" : 0, "nModified" : 1 }) 不過(guò)如果你現(xiàn)在開(kāi)啟認(rèn)證,仍然會(huì)提示AuthenticationFailed MONGODB-CR credentials missing in the user document
原因是原來(lái)創(chuàng)建的用戶已經(jīng)使用了SCRAM-SHA-1認(rèn)證方式
> use admin > db.auth('root','123456')> db.system.users.find(){ "_id" : "admin.root", "user" : "root", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "XoI5LXvuqvxhlmuY6qkJIw==", "storedKey" : "VAT7ZVMw2kFDepQQ6/E0ZGA5UgM=", "serverKey" : "TebHOXdmY6IHzEE1rW1Onwowuy8=" } }, "roles" : [ { "role" : "userAdminAnyDatabase", "db" : "admin" } ] }{ "_id" : "mydb.test", "user" : "test", "db" : "mydb", "credentials" : { "MONGODB-CR" : "c8ef9e7ab00406e84cfa807ec082f59e" }, "roles" : [ { "role" : "readWrite", "db" : "mydb" } ] }解決方式就是刪除剛剛創(chuàng)建的用戶,重新重建即可:
> db.system.users.remove({user:"test"});> use mydb >db.createUser({user:'test',pwd:'123456',roles:[{role:'readWrite',db:'mydb'}]}) 然后開(kāi)啟認(rèn)證,重啟服務(wù)器,用php連接,一切OK
<?php #1 使用數(shù)據(jù)庫(kù)用戶認(rèn)證連接mongodb /*mongodb連接*/ $m = new Mongo("mongodb://test:12345678@localhost:27017/mydb"); /*選擇melon數(shù)據(jù)庫(kù)*/ $db = $m->mydb; /*選擇數(shù)據(jù)庫(kù)里面的集合stu,相當(dāng)于表*/ $collection = $db->stu; $array = array('name'=>'melon','age'=>'24','sex'=>'Male','birth'=>array('year'=>'1988','month'=>'07','day'=>'13')); $collection->insert($array); $cursor = $collection->find(); foreach ($cursor as $id => $value) { echo "$id: "; var_dump($value); echo "<br>"; } 總結(jié)
以上就是這篇文章的全部?jī)?nèi)容了,希望本文的內(nèi)容對(duì)大家的學(xué)習(xí)或者工作能帶來(lái)一定的幫助,如果有疑問(wèn)大家可以留言交流,謝謝大家對(duì)武林網(wǎng)的支持。
新聞熱點(diǎn)
疑難解答
圖片精選
