Authentication is the process of verifying the identity of a client. When access control, i.e. authorization, is enabled, MongoDB requires all clients to authenticate themselves in order to determine their access.
Authentication Methods
To authenticate as a user, you must provide a username, password, and the authentication database associated with that user.
To authenticate using mongosh, either:
Use the mongosh command-line authentication options (--username, --password, and --authenticationDatabase) when connecting to the mongod or mongos instance, or
Connect first to the mongod or mongos instance, and then run the authenticate command or the db.auth() method against the authentication database.
Authentication Mechanisms
MongoDB supports a number of authentication mechanisms that clients can use to verify their identity. These mechanisms allow MongoDB to integrate into your existing authentication system.
MongoDB supports multiple authentication mechanisms:
SCRAM (Default)
x.509 Certificate Authentication.
In addition to supporting the aforementioned mechanisms, MongoDB Enterprise also supports the following mechanisms:
LDAP proxy authentication, and
Kerberos authentication.
Internal Authentication
In addition to verifying the identity of a client, MongoDB can require members of replica sets and sharded clusters to authenticate their membership to their respective replica set or sharded cluster. See Internal/Membership Authentication for more information.
Authentication on Sharded Clusters
References
https://docs.mongodb.com/manual/core/authentication/
No comments:
Post a Comment