The db.createUser(user, writeConcern) method used to create users.We need to provide the username, password and roles
The definition of createUser as follows
{user:"<name>",pwd:"password>",customData:{<User Tag>},roles:[{role:"<role>",db:"<database>"}, { role: "<role>", db: "<database>"}, ...]}
Role
Role is an approach to restricting system/DB access to authorized users.The security hierarchy is similar to various DB technologies. There are various roles are
Database User Roles
- read
- readWrite
Database Administration Roles
- dbAdmin
- dbOwner
- userAdmin
Cluster Administration Roles
- clusterAdmin
- clusterManager
- clusterMonitor
- hostManager
Backup and Restoration Roles
- backup
- restore
All-Database Roles
- readAnyDatabase
- readWriteAnyDatabase
- userAdminAnyDatabase
- dbAdminAnyDatabase
Superuser Roles
- root
Internal Role
- –system
The Roles are a self explanatory. For further reading, read the following MongoDB reference manual Roles
Create User
db.createUser(
{
user: "reportUser",
pwd: "12345678",
roles: [
{role: "read", db :"northwind"},
{role: "readWrite", db: "records"},
{role: "backup", db: "admin"},
{role:"clusterAdmin", db: "admin"},
{role:"readAnyDatabase", db: "admin"}
]
}
)
Identify the user roles by using db.getUser()
db.getUser("reportUser")Image may be NSFW.
Clik here to view.
Change Password
>db.changeUserPassword("reportUser","!@#$1234Mongo")
Drop a user from mongodb using the db.dropUser()
>db.dropUser("reportUser")Revoke a role from the user using revokeRolesFromUser()
>db.revokRolesFromUser(
"reportUser",
[
{role: "readWrite", db:" northwind"},
{role: "backup", db: "admin"}
]
)
Image may be NSFW.
Clik here to view.![CreateUser2.jpg]()
Image may be NSFW.
Clik here to view.
Image may be NSFW.Clik here to view.
Image may be NSFW.Clik here to view.