> db.getUsers()or> db.system.users.find()STEP - 1========Add Users Befor

1.  
2. > db.getUsers()
3. or
4. > db.system.users.find()
5.  
6. STEP - 1
7. ========
8.  
9. Add Users Before Enabling Access Control
10.  
11. Create Admin User :: -
12.  
13. The first thing is to create an admin user, go to the mongo shell
14. connect to the `admin' database
15.  
16. create a user and assign him the role userAdminAnyDatabase
17.  
18. use admin
19.  
20. var user = {
21. "user" : "root",
22. "pwd" : "toor",
23. roles : [
24. {
25. "role" : "userAdminAnyDatabase",
26. "db" : "admin"
27. }
28. ]
29. }
30.  
31. db.createUser(user);
32.  
33. How to check user created or not ?
34. -----------------------------------
35.  
36. db.getUsers()
37. [
38. {
39. "_id" : "admin.root",
40. "user" : "root",
41. "db" : "admin",
42. "roles" : [
43. {
44. "role" : "userAdminAnyDatabase",
45. "db" : "admin"
46. }
47. ]
48. }
49. ]
50.  
51.  
52. STEP - 2
53. ========
54. Enabling Access Control ::
55.  
56. in /etc/mongod.conf
57.  
58. security:
59. authorization: enabled
60.  
61. after updating config file we need to restart the mongo instance.
62.  
63. STEP - 3
64. ========
65. Here after we can use user name and pass for access database.
66.  
67. If you enter with out user and pass, you will see these kind erros,
68.  
69. > show databases;
70. 2016-06-05T08:05:22.960+0530 E QUERY [thread1] Error: listDatabases failed:{
71. "ok" : 0,
72. "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
73. "code" : 13
74. } :
75. _getErrorWithCode@src/mongo/shell/utils.js:25:13
76. Mongo.prototype.getDBs@src/mongo/shell/mongo.js:62:1
77. shellHelper.show@src/mongo/shell/utils.js:760:19
78. shellHelper@src/mongo/shell/utils.js:650:15
79. @(shellhelp2):1:1
80. >
81.  
82. $mongo admin -u root -p
83. MongoDB shell version: 3.2.5
84. Enter password:
85. connecting to: admin
86. >
87.  
88. STEP - 4
89. ========
90.  
91. let's create application User for read/Write
92.  
93. Before we need to create application user, we need to go the perticular database
94.  
95. > use hermes;
96.  
97. var user = {
98. "user" : "appuser",
99. "pwd" : "app123",
100. roles : [
101. {
102. "role" : "readWrite",
103. "db" : "hermes"
104. }
105. ]
106. }
107.  
108. db.createUser(user);
109.  
110. let's verify
111.  
112. > db.getUsers()
113. [
114. {
115. "_id" : "hermes.appuser",
116. "user" : "appuser",
117. "db" : "hermes",
118. "roles" : [
119. {
120. "role" : "readWrite",
121. "db" : "hermes"
122. }
123. ]
124. }
125. ]
126. >
127.  
128. STEP - 5
129. ========
130.  
131. let's create readonly user to read any database
132.  
133. $mongo admin -u admin -p
134.  
135. var user = {
136. "user" : "reporting",
137. "pwd" : "abc123",
138. roles : [
139. {
140. "role" : "readAnyDatabase"
141.  
142. }
143. ]
144. }
145.  
146. db.createUser(user);
147. exit
148.  
149. > db.products.insert({ "title" : "MongoDB in Action" });
150. WriteResult({
151. "writeError" : {
152. "code" : 13,
153. "errmsg" : "not authorized on hermes to execute command { insert: \"products\", documents: [ { _id: ObjectId('5753d9af680d6e283c83138f'), title: \"MongoDB in Action\" } ], ordered: true }"
154. }
155. })
156. >
157.  
158. If you try to insert/update/delete document you will receive an exception.