MongoDB Authentication example

This guide shows you how to enable authentication in MongoDB. The authentication is disabled by default. To configure it, you must first add a user to the “admin” database.


> show dbs
admin  #add single user to this database
testdb
Note
Users with normal access in “admin” database, HAVE read and write access to all the other databases. Users with read only access to the “admin” database HAVE only read to all databases.

P.S This example is using MongoDB version 2.2.3

Authentication example

See a full example to add a “admin” user to the admin database, and a normal user to the “testdb” database, and how to perform the authentication.

Terminal 1 – Start MongoDB in secure mode, authentication is required.

$mongo --auth
Terminal 2 – MongoDB client, see comment “#” for self-explanatory

$ mongo
MongoDB shell version: 2.2.3
connecting to: test
> use admin             		#1. connect to the "admin" database.
switched to db admin			
> db.addUser("admin","password")	#2. add a user "admin" to the admin database. 
{
	"user" : "admin",
	"readOnly" : false,
	"pwd" : "90f500568434c37b61c8c1ce05fdf3ae",
	"_id" : ObjectId("513af8cac115e7a6b4bcceb9")
}
addUser succeeded, but cannot wait for replication since we no longer have auth

> use testdb				#3. connect to the "testdb" database.
switched to db testdb
> show collections			#4. now, read and write need authentication
Sat Mar  9 16:54:57 uncaught exception: error: {
	"$err" : "unauthorized db:testdb ns:testdb.system.namespaces lock type:0 client:127.0.0.1",
	"code" : 10057
}
> use admin				#5. connect back to the "admin" database.
switched to db admin
> db.auth("admin","password")		#6. performs authentication, 1 means succeed, 0 means failed
1
> use testdb				#7. connect to the "testdb" database.
switched to db testdb
> show collections			#8. no problem, it shows all collections
system.indexes
user
> db.addUser("testdb","password")       #9. add another user "testdb" to the "testdb" database.
{
	"user" : "testdb",
	"readOnly" : false,
	"pwd" : "b9ff75cbf18bd98d8554efec12c72090",
	"_id" : ObjectId("513af934c115e7a6b4bcceba")
}
> show collections
system.indexes
system.users				#10. All users' data are stored in this system.users collection.
user
> db.system.users.find()
{ "_id" : ObjectId("513af934c115e7a6b4bcceba"), "user" : "testdb", "readOnly" : false, "pwd" : "b9ff75cbf18bd98d8554efec12c72090" }
>

Done.

References

  1. MongoDB : Security Practices and Management
  2. Java MongoDB authentication example

About the Author

author image
mkyong
Founder of Mkyong.com, love Java and open source stuff. Follow him on Twitter, or befriend him on Facebook or Google Plus. If you like my tutorials, consider make a donation to these charities.

Comments

Leave a Reply

avatar
newest oldest most voted
srinivasu
Guest
srinivasu

not mongo -auth

it is mongod -auth

Carol
Guest
Carol

Thanks for this article

Prateek Ashtikar
Guest
Prateek Ashtikar

boolean auth = db.authenticate(“reportsUser”, “123”.toCharArray()); is deprecated in mongo-2.12.3

reader
Guest
reader

Thanks , but still when I connect MongoDb from java it does not check for users or password . How to make a mongo db password protected which cannot be accessed without password/username by external jars and programs . Could you please give some examples

Da-woon Yi
Guest
Da-woon Yi

** $mongo –auth is not available anymore on version 2.4.3.
Check this option, –authenticationDatabase.

ivoHaSp
Guest
ivoHaSp

Hi, it is helpful. Thanks a lot. Ivo.

trackback
Java MongoDB : Authentication example

[…] you must first add a user to the special “admin” database, please refer to this MongoDB authentication example for detail […]