mongodb user/password


http://docs.mongodb.org/manual/tutorial/enable-authentication/


[authentication]
to start a mongod with authentication enabled and
a key file stored in /path-to-keyfile ,
set the following option in the mongod‘s config file:

security:
keyFile: /path-to-keyfile

Then start the mongod with config file specified :

mongod --config /etc/mongodb/mongodb.conf



[authorization]
??? security.authorization
Type: string
Default: disabled
Enables Role-Based Access Control (RBAC) to govern each user’s access to database resources and operations.





//=== Err msg: """ Property 'createUser' of object admin is not a function """

--> for MongoDB 2.4, use db.addUser()

db.createUser() is for 2.6+
since 2.6, MongoDB introduced a new model for user credentials and privileges;




//===
http://docs.mongodb.org/manual/core/authentication/#localhost-exception


To disable the localhost exception,
??? use setParameter to set the enableLocalhostAuthBypass parameter to 0 during startup.



//=== http://docs.mongodb.org/manual/tutorial/add-user-administrator/
""" ...
to restart mongod with the --noauth option to create a new user with system admin privilege
..."""



//=== Create the system administrator and database admin
* use admin database, then create user

> use admin
> db.createUser(
{
user: "sysAdmin",
pwd: "syspasswd",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)



* Create a user admin for a single database.
> use db1
> db.createUser(
{
user: "db1Admin",
pwd: "db1passwd",
roles: [ { role: "userAdmin", db: "db1" } ]
}
)

>use db2
>db.createUser(
{
user: "db2Admin",
pwd: "db2passwd",
roles: [ { role: "userAdmin", db: "db2" } , {role:"read", db:"db1"}]
}
)


//=== http://docs.mongodb.org/manual/tutorial/add-user-to-database/

"""...
use reporting
db.createUser(
{
user: "reportsUser",
pwd: "12345678",
roles: [
{ role: "read", db: "reporting" },
{ role: "read", db: "products" },
{ role: "read", db: "sales" },
{ role: "readWrite", db: "accounts" }
]
}
)

..."""