Configuring MongoDB authentication

You can configure the wire listener to use MongoDB authentication.

Before you begin

If you are upgrading your MongoDB version and you have existing MongoDB users, you must upgrade your user schema.

Procedure

To configure MongoDB authentication:

  1. Set the following parameters in the wire listener configuration file:
    • Enable authentication: Set authentication.enable=true.
    • Specify MongoDB authentication: Set db.authentication=mongodb-cr.
    • Specify the MongoDB connection pool: Set database.connection.strategy=mongodb-cr.
    • Set the MongoDB version: Set mongo.api.version to the version that you want.
    • Optional. Specify the authentication timeout period: Set the listener.authentication.timeout parameter to the number of milliseconds for authentication timeout.
  2. Restart the wire listener.
  3. If necessary, upgrade your user schema by running the authSchemaUpgrade command in the admin database. For example:
    use admin
db.runCommand({authSchemUpgrade : 1})
    The authSchemaUpgrade command upgrades the user schema to the MongoDB version that is specified by the mongo.api.version parameter.
Parent topic: User authentication with the wire listener
Related tasks:
Starting the wire listener
Stopping the wire listener
Related reference:
The wire listener configuration file

Adding users

Procedure

To add authorized users:

  1. Start the wire listener with authentication turned off: Set authentication.enable=false in the wire listener configuration file.
  2. Add users:
    • For MongoDB version 2.4, run the addUser command for each user in each database.
    • For MongoDB version 2.6 and 3.0, run the createUser command for each user.
  3. Turn on authentication: Set authentication.enable=true in the wire listener configuration file.
  4. Restart the wire listener.
Copyright© 2018 HCL Technologies Limited