Configure read-only user correctly in MongoDB 3.0?
I created a user for my database dbase
with a role read
using the following command:
db.createUser({user: "user" , pwd: "password" , roles: [{role: "read", db: "dbase"}] })
The problem is that he can still insert
, and remove
the document from the collection. How do I properly set up a read-only user in MongoDB?
Ok I found it.
You need to enable client access control by following these steps:
- Edit the file
/etc/mongod.conf
- Add the following lines
security:
authorization: enabled
- Reload MongoDB:
sudo service mongodb restart