5.555 Securing the Connection with MongoDB

By default, the connection between MWS and MongoDB is not authenticated. To enable authentication, follow the instructions below. For further reading, see the MongoDB tutorial "Control Access to MongoDB Instances with Authentication."

To enable an authenticated connection between MWS and MongoDB

  1. Add an administrative user to the admin database.
  2. Add an MWS user to the mws database.
  3. To support MWS API version 2, add an MWS user with "read-only" rights to the moab database.
  4. Here is an example of how to create all the required users. The users in the moab database are required only for MWS API version 2.

    [root]# service mongod start
    [root]# mongo
    > use admin;
    > db.addUser("admin_user", "secret1");
    > use moab;
    > db.addUser("moab_user", "secret2");
    > db.addUser("mws_user", "secret3", true);
    > use mws;
    > db.addUser("mws_user", "secret3");
    > exit;

    The passwords used here ("secret1," "secret2," and "secret3") are examples. Choose your own passwords for these users.

  5. Add the MWS user credentials (the ones you just created) to the /opt/mws/etc/mws-config.groovy file. For example:
  6. grails.mongo.username = "mws_user"
    grails.mongo.password = "secret3"
  7. Enable authentication in the MongoDB configuration file (called /etc/mongodb.conf on many Linux distributions). In that file, look for #auth = true and uncomment it.
  8. Restart MongoDB.
  9. Restart Tomcat.

If authentication is enabled in MongoDB, but the MWS user was not properly created or configured, MWS will not start. In this case, see the log file(s) for additional information.

Related Topics 

© 2017 Adaptive Computing