Reputation: 67019
Access Control in MongoDB
Lets say an application is written purely using JavaScript with node.js that connects directly to the MongoDB backend.
In this scenario is it possible to have a secure application where users login and have privilege separation like administrative/user/guest. If so how does this work? What would it require?
Upvotes: 1
Views: 996
Answers (2)
Reputation: 41882
Node.js has some modules for various authentication methods, connect-auth looks like a good place to start. You could then map your authenticated node.js credentials to a MongoDB database user when connecting to the database.
Security in MongoDB is currently fairly basic, user permissions restrict access per database and can be either read/write or read-only, so you might use a database per user.
Upvotes: 2
Reputation: 169401
CouchDB has a concept of users and authentication.
Take a look at the _users database documentation
I have some code that talks to _users
Upvotes: 1
Related Questions
- Mongo access DB user rights
- Mongo DB security configuration
- How can i restrict the user in MongoDB?
- Mongodb security in node.js
- Modelling Access Control in MongoDB
- Implementation of user permissions
- How would you approach Node.js access authorization and restriction of the access in the database?
- MongoDB + Node JS + Role Based Access Control (RBAC)
- MongoDb application security
- Issue providing security to MongoDB