MongoDB can be run in a secure mode where access to databases is controlled through name and password authentication. When run in this mode, any client application must provide a name and password before doing any operations. In the Java driver, you simply do the following with a MongoClient instance:
MongoClient mongoClient = new MongoClient(); DB db = mongoClient.getDB("test"); boolean auth = db.authenticate(myUserName, myPassword);
If the name and password are valid for the database, auth will be true. Otherwise, it will be false. You should look at the MongoDB log for further information if available.
Most users run MongoDB without authentication in a trusted environment.In this tutorial, we show you how to start MongoDB in secure mode (authentication access is require), and uses Java driver to connect MongoDB with provided username and password.
Create an user “dineshonjava” in MongoDB database “dineshonjavaDB”.
> use dineshonjavaDB > db.addUser("dineshonjava","password")
To start mongoDB in secure mode, just provide the “–auth” argument
> mongod --auth
if you try to access the auth db then we will get following.
> db.auth("dineshonjava","password") 1 > db.auth("dineshonjava","password1") Error: { errmsg: "auth fails", ok: 0.0 } 0 >
In Java, you can use “db.authenticate” to handle the MongoDB authentication.
DB db = mongo.getDB("dineshonjavaDB"); boolean auth = db.authenticate("dineshonjava", "password".toCharArray());
If username and password is valid, “auth” will be true, else it will be false and return the following error pattern
com.mongodb.MongoException: unauthorized db:dineshonjavaDB lock type:-1 client:192.168.1.3 at com.mongodb.MongoException.parse(MongoException.java:82) at com.mongodb.DBApiLayer$MyCollection.__find(DBApiLayer.java:302) at com.mongodb.DBCursor._check(DBCursor.java:354) at com.mongodb.DBCursor._hasNext(DBCursor.java:484) at com.mongodb.DBCursor.hasNext(DBCursor.java:509) at com.dineshonjava.mongo.test.MongoAuthDemo.main(MongoAuthDemo.java:24)
See the full example as follows.
package com.dineshonjava.mongo.test; import java.net.UnknownHostException; import com.mongodb.DB; import com.mongodb.DBCollection; import com.mongodb.Mongo; import com.mongodb.MongoException; /** * @author Dinesh Rajput * */ public class MongoAuthDemo { public static void main(String[] args) { try { Mongo mongo = new Mongo("localhost", 27017); DB db = mongo.getDB("dineshonjavaDB"); boolean auth = db.authenticate("dineshonjava", "password".toCharArray()); DBCollection collection = db.getCollection("empCollection"); if(auth){ System.out.println("TRUE"); }else{ System.out.println("FALSE"); } System.out.println("Done"); } catch (UnknownHostException e) { e.printStackTrace(); } catch (MongoException e) { e.printStackTrace(); } } }
If everything is fine then we will get the following output-
References
MongoDB Java Authentication
MongoDB Security and Authentication
Strategy Design Patterns We can easily create a strategy design pattern using lambda. To implement…
Decorator Pattern A decorator pattern allows a user to add new functionality to an existing…
Delegating pattern In software engineering, the delegation pattern is an object-oriented design pattern that allows…
Technology has emerged a lot in the last decade, and now we have artificial intelligence;…
Managing a database is becoming increasingly complex now due to the vast amount of data…
Overview In this article, we will explore Spring Scheduler how we could use it by…