分类: LINUX
2011-04-12 13:44:48
Replica set authentication works a little differently from single-server authentication, so that each member can automatically authenticate itself to the other members of the set.
Replica set用户认证与单mongod进程用户认证操作方法有所区别
To set it up:操作步骤
You do not need to use the --auth option, too, --keyFile implies --auth.不需要再加--auth
ExampleIf we had a two-member replica set with members a and b, we could start them up with authentication enabled by running:
Then run rs.initiate() and so on.
To convert an existing set, shut down all members and restart them with the --keyFile option.
You can turn off authentication by restarting the set without the --keyFile option.
Using the Database with Replica Set Authentication OnFrom the client's perspective, authentication works the same way with replica sets as it does with single servers.
For example, suppose you create a new replica set and start the members with --keyFile. Connect to the master locally to add users:
Clients should authenticate as usual when they make connections.
A key file must contain at least 6 Base64 characters and be no larger than 1KB (whitespace included). Whitespace characters are stripped, so the following keys are identical to the database:
If you run mongod with -v, the key will be printed in the log.
PermissionsGroup and everyone must have 0 permissions. At the moment, permissions are not checked by mongod on Windows.
参考: