Authentication Connection Tab“身份验证连接”选项卡

~~On this page~~本页内容

~~Procedure~~程序

~~The Authentication tab allows you to connect to deployments that require authentication.~~ “身份验证”选项卡允许您连接到需要身份验证的部署。~~To learn about authentication mechanisms within MongoDB, see Authentication Mechanisms.~~要了解MongoDB中的身份验证机制，请参阅身份验证机制。

Procedure过程

Click Advanced Connection Options.单击“高级连接选项”。

Click the Authentication tab.单击“身份验证”选项卡。

~~Select your authentication method from the following options:~~从以下选项中选择您的身份验证方法：

~~Username / Password~~用户名/密码
X.509
Kerberos
LDAP
AWS IAM

Username / Password用户名/密码

~~Provide the following information:~~提供以下信息：

Username
Password
(Optional) ~~Authentication Database~~身份验证数据库
~~Authentication Mechancism:~~认证机制：
- ~~Default~~违约
  
  ~~The Default setting selects the first authentication mechanism supported by the server according to an order of preference.~~Default设置根据偏好顺序选择服务器支持的第一个身份验证机制。
  
  ~~With the Default setting, MongoDB tries to authenticate using the following mechanisms in the order they are listed:~~在Default设置下，MongoDB尝试按照列出的顺序使用以下机制进行身份验证：
  1. SCRAM-SHA-256
  2. SCRAM-SHA-1
  3. MONGODB-CR
- SCRAM-SHA-1
- SCRAM-SHA-256

X.509

~~Select X.509 if the deployment uses X.509 as its authentication mechanism.~~如果部署使用X.509作为其身份验证机制，请选择“X.509”。

Note

~~X.509 Authentication requires a client certificate. To enable TLS and add a client certificate, see the TLS / SSL tab in Compass.~~X.509身份验证需要客户端证书。要启用TLS并添加客户端证书，请参阅Compass中的TLS/SSL选项卡。

Kerberos

~~Select Kerberos if the deployment uses Kerberos as its authentication mechanism.~~如果部署使用Kerberos作为其身份验证机制，请选择“Kerberos”。

~~Provide the following information:~~提供以下信息：

~~Field~~字段 ~~Description~~描述

~~Principal~~主体 ~~Every participant in the authenticated communication is known as a "principal", and every principal must have a unique name.~~经过身份验证的通信中的每个参与者都被称为“主体”，每个主体都必须有一个唯一的名称。

~~(Optional) Service Name~~（可选）服务名称 ~~Every MongoDB mongod and mongos instance (or exe or exe on Windows) must have an associated service name. The default is mongodb.~~每个MongoDB mongod和mongos实例（或Windows上的exe或exe）都必须有一个关联的服务名称。默认值是mongodb。

~~(Optional) Canonicalize Host Name~~（可选）规范主机名 ~~Kerberos uses the canonicalized form of the host name (cname) when constructing the principal for MongoDB Compass.~~Kerberos在构造MongoDB Compass的主体时使用主机名（cname）的规范化形式。

~~(Optional) Service Realm~~（可选）服务领域

~~The service realm is the domain over which a Kerberos authentication server has the authority to authenticate a user.~~服务领域是Kerberos身份验证服务器有权对用户进行身份验证的域。
~~If you choose to Canonicalize Host Name, you can specify one of the following options:~~如果选择“规范化主机名”，可以指定以下选项之一：

~~Option~~选项	~~Description~~描述
~~Forward~~前进	~~The driver does a `cname` lookup on the kerberos hostname.~~驱动程序在kerberos主机名上进行`cname`查找。
~~Forward and Reverse~~前进和后退	~~Performs a forward DNS lookup and then a reverse lookup on that value to canonicalize the hostname.~~对该值执行正向DNS查找，然后执行反向查找以规范化主机名。

~~For more information on principal name canonicalization in Kerberos, see this RFC document.~~有关Kerberos中主体名称规范化的更多信息，请参阅此RFC文档。

~~(Optional) Provide password directly~~（可选）直接提供密码 ~~Used to verify your identity.~~ 用于验证您的身份。~~To show the Kerberos password field, you must enable the showKerberosPasswordField option.~~要显示Kerberos密码字段，必须启用showKerberosPasswordField项。

Authenticate as a Different Kerberos User on Windows在Windows上作为不同的Kerberos用户进行身份验证

~~When you authenticate with Kerberos on Windows, the Principal you specify must match the principal of the security context that Compass is running.~~ 在Windows上使用Kerberos进行身份验证时，指定的主体必须与Compass正在运行的安全上下文的“主体”匹配。~~Normally, this is the logged-in user who is running Compass.~~通常，这是正在运行Compass的登录用户。

~~To authenticate as a different Kerberos user, run MongoDB Compass as the chosen user and specify the Principal for that user.~~ 要以不同的Kerberos用户身份进行身份验证，请以所选用户身份运行MongoDB Compass，并为该用户指定“Principal”。~~To run MongoDB Compass as a different user, either:~~要以不同用户身份运行MongoDB Compass，请执行以下任一操作：

~~Hold Shift and right-click the MongoDB Compass program icon to select Run as a different user.~~按住Shift键并右键单击MongoDB Compass程序图标，选择“以其他用户身份运行”。
~~Use the runas command-line tool. For example, the following command runs MongoDB Compass as a user named admin:~~使用runas命令行工具。例如，以下命令以名为admin的用户身份运行MongoDB Compass：
```
runas /profile /user:mymachine\admin <path to MongoDB Compass>
```

~~After you start MongoDB Compass as the chosen user, to authenticate against your Kerberos-enabled MongoDB deployment, specify the Principal for the corresponding user.~~在您作为所选用户启动MongoDB Compass之后，要根据启用Kerberos的MongoDB部署进行身份验证，请为相应的用户指定“Principal”。

LDAP

~~Select LDAP if the deployment uses LDAP as its authentication mechanism.~~如果部署使用LDAP作为其身份验证机制，请选择“LDAP”。

~~Provide the following information:~~提供以下信息：

Username
Password

AWS IAM

~~Select AWS IAM if the deployment uses AWS IAM as its authentication mechanism.~~如果部署使用“AWS IAM”作为其身份验证机制，请选择AWS IAM。

~~The following fields are optional as they can be defined on your platform using their respective AWS IAM environment variables.~~ 以下字段是可选的，因为它们可以在您的平台上使用各自的AWS IAM环境变量进行定义。~~MongoDB Compass will use these environment variable values to authenticate; you do not need to specify them in the connection string.~~MongoDB Compass将使用这些环境变量值进行身份验证；您不需要在连接字符串中指定它们。

(Optional) AWS Access Key Id
(Optional) AWS Secret Access Key
(Optional) AWS Session Token

(Optional) For advanced connection configuration options, click the Advanced tab.（可选）有关高级连接配置选项，请单击“高级”选项卡。

Click Connect.单击“连接”。

Tip