MongoDB Authentication

[root@my-host-name bin]$ cat /etc/mongod.conf
 
# MongoDB Configuration File
#
# General Settings
journal = true
fork = true
quiet = true
directoryperdb = true
smallfiles = true
 
# Logging
verbose = true
logappend = true
oplogSize = 50
#logpath = /tmp/mongodb/logs/
 
 
# Security
#auth = true
keyFile = /srv/mongodb/keyfile
 
 
#setParameter = supportCompatibilityFormPrivilegeDocuments=0
#setParameter = logUserIds=1
#sslOnNormalPorts = true
#sslPEMKeyFile = /etc/ssl/mongodb.pem
#sslPEMKeyPassword = pass
#nohttpinterface = true
#bind_ip = xx.xx.xx.xxx
#noscripting = true
#dbpath = /tmp/mongodb/data
[root@my-host-name bin]$
[root@my-host-name bin]$
[root@my-host-name bin]$ pwd
/tmp/mongodb/bin
[root@my-host-name bin]$
[root@my-host-name bin]$ cat shard_set_up.sh
 
 
 
##### Killing the existing Mongo processes ################
for i in `ps -ef | egrep 'shardsvr|configsvr|replSet|configdb' | grep -v egrep | awk -F" " '{print $2}'`; do kill -9 $i; done
 
 
##### Creating Mongo data & log files ################
rm -rf /tmp/mongodb/data/*
rm -rf /tmp/mongodb/logs/*
cd /tmp/mongodb/data/
mkdir shard1 shard2 shard3 config1 config2 config3 arbiter
cd /tmp/mongodb/bin
 
 
##### Starting the Mongo Config,Shard,Arbiter & Router services ################
 
 
numactl --interleave=all ./mongod --configsvr --dbpath /tmp/mongodb/data/config1 --logpath /tmp/mongodb/logs/config1.log --port 29010 &
numactl --interleave=all ./mongod --configsvr --dbpath /tmp/mongodb/data/config2 --logpath /tmp/mongodb/logs/config2.log --port 29011 &
numactl --interleave=all ./mongod --configsvr --dbpath /tmp/mongodb/data/config3 --logpath /tmp/mongodb/logs/config3.log --port 29012 &
numactl --interleave=all ./mongod --shardsvr --replSet rs --dbpath /tmp/mongodb/data/shard1 --logpath /tmp/mongodb/logs/shard1.log --port 27010 --config /etc/mongod.conf &
numactl --interleave=all ./mongod --shardsvr --replSet rs --dbpath /tmp/mongodb/data/shard2 --logpath /tmp/mongodb/logs/shard2.log --port 27011 --config /etc/mongod.conf &
numactl --interleave=all ./mongod --shardsvr --replSet rs --dbpath /tmp/mongodb/data/shard3 --logpath /tmp/mongodb/logs/shard3.log --port 27012 --config /etc/mongod.conf &
numactl --interleave=all ./mongod --replSet rs --dbpath /tmp/mongodb/data/arbiter --logpath /tmp/mongodb/logs/arbiter.log --port 30000 --config /etc/mongod.conf &
sleep 5
numactl --interleave=all ./mongos --configdb xx.xx.xx.xxx:29010,xx.xx.xx.xxx:29011,xx.xx.xx.xxx:29012 --logpath /tmp/mongodb/logs/router.log --port 10000 &
 
 
echo -e "\n\n\n\n Config, Shard, Router & Arbiter services are initiating ... \n\n\n\n"
sleep 7
 
 
./mongo --port 27010 --eval "rs.initiate()"
 
 
echo -e "\n\n\n\n Replica set Initiation is in progress ... \n\n\n\n"
sleep 15
./mongo --port 27010 --eval "rs.status()"
 
 
./mongo --port 27010 --eval "rs.add(\"my-host-name:27011\")"
./mongo --port 27010 --eval "rs.add(\"my-host-name:27012\")"
./mongo --port 27010 --eval "rs.addArb(\"my-host-name:30000\")"
 
 
echo -e "\n\n\n\n Replica set is is added. \n\n\n\n"
sleep 7
 
 
./mongo --port 10000 --eval "sh.addShard(\"rs\my-host-name:27010\")"
 
 
echo -e "\n\n\n\n Shard is added, now you're set for using the Shard (1Primary, 1Secondary, 1Arbiter with 3Config & 1Router)"
[root@my-host-name bin]$
 
 
 
 
 
 
 
 
 
[root@my-host-name bin]$ ./mongo localhost:27010
MongoDB shell version: 2.4.5
connecting to: localhost:27010/test
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY> use admin
switched to db admin
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY> show collections
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY> db.addUser({user:"adm",pwd:"pwd",roles:["userAdminAnyDatabase","readAnyDatabase","clusterAdmin"]})
{
"user" : "adm",
"pwd" : "8f1cf56da9da9e575e0c85ed1c5a4fba",
"roles" : [
 "userAdminAnyDatabase",
 "readAnyDatabase",
 "clusterAdmin"
],
"_id" : ObjectId("52fe100a4888db76f65a6a65")
}
>
> show collections
Fri Feb 14 07:46:05.792 JavaScript execution failed: error: {
"$err" : "not authorized for query on admin.system.namespaces",
"code" : 16550
} at src/mongo/shell/query.js:L128
>
>
> db.auth("adm","pwd")
1
rs:PRIMARY> show collections
system.indexes
system.users
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY> db.system.users.find()
{ "_id" : ObjectId("52fe100a4888db76f65a6a65"), "user" : "adm", "pwd" : "8f1cf56da9da9e575e0c85ed1c5a4fba", "roles" : [ "userAdminAnyDatabase", "readAnyDatabase", "clusterAdmin" ] }
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY> hex_md5("new_adm:mongo:new_pwd")
10b37c92c4cd7980b47d0226f58ae6e1
rs:PRIMARY>
rs:PRIMARY> db.system.users.insert({"user" : "new_adm", "pwd" : "10b37c92c4cd7980b47d0226f58ae6e1", "roles" : [ "userAdminAnyDatabase", "readAnyDatabase", "clusterAdmin" ] })
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY> db.system.users.find()
{ "_id" : ObjectId("52fe100a4888db76f65a6a65"), "user" : "adm", "pwd" : "8f1cf56da9da9e575e0c85ed1c5a4fba", "roles" : [ "userAdminAnyDatabase", "readAnyDatabase", "clusterAdmin" ] }
{ "_id" : ObjectId("52fe10ac4888db76f65a6a66"), "user" : "new_adm", "pwd" : "10b37c92c4cd7980b47d0226f58ae6e1", "roles" : [ "userAdminAnyDatabase", "readAnyDatabase", "clusterAdmin" ] }
rs:PRIMARY>
rs:PRIMARY>
rs:PRIMARY> db.auth("new_adm","new_pwd")
1
rs:PRIMARY>
rs:PRIMARY>
bye
[root@my-host-name bin]$
[root@my-host-name bin]$ ./mongo localhost:27010
MongoDB shell version: 2.4.5
connecting to: localhost:27010/test
>
>
> show collections
Fri Feb 14 07:49:58.110 JavaScript execution failed: error: {
"$err" : "not authorized for query on test.system.namespaces",
"code" : 16550
} at src/mongo/shell/query.js:L128
>
> use amdin
switched to db amdin
>
>
> show collections
Fri Feb 14 07:50:13.723 JavaScript execution failed: error: {
"$err" : "not authorized for query on amdin.system.namespaces",
"code" : 16550
} at src/mongo/shell/query.js:L128
>
>
>
bye
[root@my-host-name bin]$
  • Ask Question