That is not the first thing that comes to mind when you consider using NoSQL. It is not a big surprise as the early adapters of NoSQL were Internet companies.
An evident for that you can find in MongoDB, where authentication is dimmed by default.
How to Enable MongoDB Authentication?
- Create an Admin user (otherwise you will have issues to connect your server) from the local console:
- use admin;
- db.addUser({ user: "
", pwd: " ", roles: [ "userAdminAnyDatabase" ]}) - Enable authentication in the /etc/mongo.conf: auth=true
- Restart the mongod instance to enable authentication.
How to Add Additional users?
Select the database that you want to add user to:
use
db.addUser( { user: "", pwd: "", roles: [ "", ""]})
And select the a user role from the following permissions list:
How to Provide Permissions to Other Databases?
This one is done with a "copy" like method, where userSource defines the database that the user definition should be copied from:
use
db.addUser( { user: "", userSource: "", roles: [ "" ] } )
In case you want to provide read permissions to all databases you may use the readAnyDatabases
Bottom Line
Not very complex, but more secure.
Keep Performing,