MongoDB is a powerful NoSQL database that provides high performance, scalability, and flexibility. However, out of the box, MongoDB does not enable authentication, leaving your database vulnerable to unauthorized access. In this blog, we will show you how to enable authentication in MongoDB to ensure that only authorized users can access your data.
Prerequisites:
Before proceeding, we need to have a MongoDB installation on a server. If you do not have MongoDB installed, please check my previous blog on How to install MongoDB on Ubuntu:
Step 1: Create an administrative user
Before enabling authentication, you need to create an administrative user who can manage the MongoDB instance. Connect to the MongoDB instance using the MongoDB shell and run the following command:
$] mongo
> use admin
> db.createUser({user: "admin", pwd: "adminpassword", roles: ["root"]})
This will create a user named “admin” with the password “adminpassword” and the “root” role, which gives the user full administrative access. Do not forget to replace `adminpassword` with your own strong password.
Step 2: Configure MongoDB to enable authentication
To enable authentication, you need to edit the MongoDB configuration file (/etc/mongod.conf) and add the security settings. Open the file using a text editor and add the following lines at the bottom:
security:
authorization: enabled
Save the file and exit the text editor.
Step 3: Restart the MongoDB instance
To apply the changes to the MongoDB instance, you need to restart it. Run the following command to restart the MongoDB instance:
sudo systemctl restart mongod
Step 4: Connect to MongoDB with authentication
Now that authentication is enabled, you need to connect to MongoDB using the administrative user you created earlier. Open the MongoDB shell and run the following command:
mongo --authenticationDatabase admin -u admin -p
This will connect you to the MongoDB instance using the “admin” user and prompt you to enter the password.
Step 5: Create new users for specific database with a non-administrative roles
To access a specific database, you need to create a user for that database. To create a user, switch to the database and run the following command:
use <database>
db.createUser(
{
user: "<username>",
pwd: "<password>",
roles: [ { role: "readWrite", db: "<database>" } ]
}
)
Replace <username>, <password>, and <database> with the appropriate values.
Step 6: Connect to the database with authentication
To connect to a specific database with authentication, run the following command:
mongo -u <username> -p <password> --authenticationDatabase <database>
Replace <username>, <password>, and <database> with the appropriate values.
Conclusion
Enabling authentication is an essential step in securing your MongoDB instance. By following the steps outlined in this blog, you can create an administrative user, modify the MongoDB configuration file, and create users for each database. With authentication enabled, you can ensure that only authorized users can access your data.
Hope this blog helped. Enjoy!!!. If you want to support the writing, please feel free to buy me a coffee.
References: Official MongoDB Documentation