Java MongoDB : Authentication example

By default, MongoDB is run in trust environment (authentication with a username and password is NOT required). In this tutorial, we will show you how to start MongoDB in secure mode / enable authentication, and connect with the Java MongoDB driver.

译:默认情况下,MongoDB 运行在一个信任的环境里(是不需要用户名和密码认证的)。在本教程中,我们将向你展示如何在安全模式下启动MongoDB / 启用身份验证,并通过Java程序连接MongoDB。


1. Start MongoDB in Secure Mode

Start MongoDB with --auth option, now, MongoDB need username and password to perform any database / collection operations.

译:启动MongoDB -- auth 选项,现在,MongoDB需要用户名和密码才能执行任何database/collection 操作。

mongod --auth


Later, we need to connect to the database “testdb”, so add a user for testing later.


> use admin
> db.addUser("admin","password")
> use testdb
> db.addUser("mkyong","password")


To enable MongoDB authentication, you must first add a user to the special “admin” database, please refer to this MongoDB authentication example for detail guide. 




2. Java + MongoDB Authentication example

If MongoDB is started in secure mode, below “insert” operation is no longer valid, and prompts “need to login” error message.


	Mongo mongo = new Mongo("localhost", 27017);
	DB db = mongo.getDB("testdb");
	DBCollection table = db.getCollection("user");
	BasicDBObject document = new BasicDBObject();
	document.put("name", "mkyong");


com.mongodb.CommandResult$CommandFailure: command failed [getlasterror]: 
	{ "serverUsed" : "localhost/" , "errmsg" : "need to login" , "ok" : 0.0}
	at com.mongodb.CommandResult.getException(CommandResult.java:88)
	at com.mongodb.CommandResult.throwOnError(CommandResult.java:134)
	at com.mongodb.DBTCPConnector._checkWriteError(DBTCPConnector.java:142)
	at com.mongodb.DBTCPConnector.say(DBTCPConnector.java:183)
	at com.mongodb.DBTCPConnector.say(DBTCPConnector.java:155)
	at com.mongodb.DBApiLayer$MyCollection.insert(DBApiLayer.java:270)
	at com.mongodb.DBApiLayer$MyCollection.insert(DBApiLayer.java:226)
	at com.mongodb.DBCollection.insert(DBCollection.java:75)
	at com.mongodb.DBCollection.insert(DBCollection.java:59)
	at com.mongodb.DBCollection.insert(DBCollection.java:104)
	at com.mkyong.core.App.main(App.java:40)


Now, using db.authenticate() to perform the authentication, a return value of true = success, false = fail.

译:现在,使用db.authenticate()进认证,会得到一个返回值 true = 成功, false = 失败。


package com.mkyong.core;
import java.net.UnknownHostException;
import java.util.Date;
import com.mongodb.BasicDBObject;
import com.mongodb.DB;
import com.mongodb.DBCollection;
import com.mongodb.Mongo;
import com.mongodb.MongoException;
 * Java + MongoDB in Secure Mode
public class JavaMongoDBAuthExample {
   public static void main(String[] args) {
    try {
	Mongo mongo = new Mongo("localhost", 27017);
	DB db = mongo.getDB("testdb");
	boolean auth = db.authenticate("testdb", "password".toCharArray());
	if (auth) {
		DBCollection table = db.getCollection("user");
		BasicDBObject document = new BasicDBObject();
		document.put("name", "mkyong");
		System.out.println("Login is successful!");
	} else {
		System.out.println("Login is failed!");
    } catch (UnknownHostException e) {
    } catch (MongoException e) {



