服务器有启动警告“访问控制未对数据库启用”

我今天第一次安装 MongoDB 3.4.1。但是当我启动它并使用 MongoDB shell 时,它给了我以下警告:

C:\Users\hs>"C:\Program Files\MongoDB\Server\3.4\bin\mongo.exe
MongoDB shell version v3.4.1
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.1
Server has startup warnings:
2017-01-12T21:19:46.941+0800 I CONTROL  [initandlisten]
2017-01-12T21:19:46.942+0800 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2017-01-12T21:19:46.942+0800 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2017-01-12T21:19:46.942+0800 I CONTROL  [initandlisten]

我的电脑是微软的 Windows [ version 10.0.14393]。

164682 次浏览
小开

Mongodb v3.4

You need to do the following to create a secure database:

Make sure the user starting the process has permissions and that the directories exist (/data/db in this case).

1) Start MongoDB without access control.

mongod --port 27017 --dbpath /data/db

2) Connect to the instance.

mongo --port 27017

3) Create the user administrator (in the admin authentication database).

use admin
db.createUser(
{
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)

4) Re-start the MongoDB instance with access control.

mongod --auth --port 27017 --dbpath /data/db

5) Connect and authenticate as the user administrator.

mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"

6) Create additional users as needed for your deployment (e.g. in the test authentication database).

use test
db.createUser(
{
user: "myTester",
pwd: "xyz123",
roles: [ { role: "readWrite", db: "test" },
{ role: "read", db: "reporting" } ]
}
)

7) Connect and authenticate as myTester.

mongo --port 27017 -u "myTester" -p "xyz123" --authenticationDatabase "test"

I basically just explained the short version of the official docs here: https://docs.mongodb.com/master/tutorial/enable-authentication/

小开

You need to delete your old db folder and recreate new one. It will resolve your issue.

小开

you can create an admin user or another role. run it on mongo shell.

db.createUser({user: "username", pwd: "password", roles: ["dbAdmin"]})

if you get SCRAM-SHA-256error you can set the SHA-1 mechanism.

db.createUser({user: "username", pwd: "password", roles: ["dbAdmin"], mechanisms: ["SCRAM-SHA-1"]})
小开

OMG, what a gas plant, that top answer!

All you need to do is to:

  1. Edit your config, e.g. C:\Program Files\MongoDB\Server\4.4\bin\mongodb.cfg
  2. Turn the security: authorization: to enabled, as illustrated; note that this sub-entry may be missing completely. Just add it then.
  3. Restart your MongoDB Server service from the Windows Services control panel.

enter image description here

Obviously, if, following this, set up a read/readWrite role-based policy, that will make much more sense.

Ref: https://docs.mongodb.com/manual/tutorial/configure-scram-client-authentication/

I've just tested this using phpunit, works as expected.


提交答案