[SERVER-4528] Will enabling auth=true in the config change behaviour prior to creating users? Created: 19/Dec/11 Updated: 11/Jul/16 Resolved: 22/Dec/11 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Replication, Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Question | Priority: | Major - P3 |
| Reporter: | Neil Levine | Assignee: | Marc Bastien |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Participants: |
| Description |
|
Hopefully the subject is descriptive. I want to enable auth in the config file but our Puppet system will deploy the file to some machines which won't have any user/pass details on them. Will this break anything? |
| Comments |
| Comment by Marc Bastien [ 22/Dec/11 ] |
|
My pleasure. Glad I was able to help! |
| Comment by Neil Levine [ 22/Dec/11 ] |
|
Ok, thanks. You can close the ticket. |
| Comment by Marc Bastien [ 22/Dec/11 ] |
|
You are correct on both counts. If mongod is started with auth=true, but no credentials set up, no client will be able to connect. However, if there are no admin users configured, one may access the admin database from the localhost interface without authenticating, so that an administrative user may be configured. As for your second question, Admin users' credentials are stored in the admin database, and those users can access any other database. Other user's credentials are stored in each database, and those users can only access the database(s) that contain their credentials. More information on authentication can be found in the Mongo Documentation titled "Security and Authentication" http://www.mongodb.org/display/DOCS/Security+and+Authentication |
| Comment by Neil Levine [ 21/Dec/11 ] |
|
I have one server which I want to use auth with and another which I don't. THey My second question is that it looks like the auth creds for a specific database |
| Comment by Neil Levine [ 21/Dec/11 ] |
|
On Tue, Dec 20, 2011 at 04:18:48AM +0000, Eliot Horowitz (JIRA) said: I have one server which I want to use auth with and another which I don't. THey My second question is that it looks like the auth creds for a specific database Thanks, Neil |
| Comment by Eliot Horowitz (Inactive) [ 20/Dec/11 ] |
|
What is the overall config? |