On this page本页内容
Salted Challenge Response Authentication Mechanism (SCRAM) is the default authentication mechanism for MongoDB.Salted Challenge-Response身份验证机制(SCRAM)是MongoDB的默认身份验证机制。
When a user authenticates themselves, MongoDB uses SCRAM to verify the supplied user credentials against the user's 当用户对自己进行身份验证时,MongoDB使用SCRAM根据用户name, password and authentication database.name、password和身份验证数据库验证提供的用户凭据。
SCRAM is based on the IETF RFC 5802 standard that defines best practices for the implementation of challenge-response mechanisms for authenticating users with passwords.SCRAM基于IETF RFC 5802标准,该标准定义了使用密码验证用户的质询响应机制的最佳实践。
MongoDB's implementation of SCRAM provides:MongoDB实施紧急停堆提供:
MongoDB supports the following SCRAM mechanisms:MongoDB支持以下紧急停堆机制:
| SCRAM | |
|---|---|
SCRAM-SHA-1 |
|
SCRAM-SHA-256 |
|
When you create or update a SCRAM user, you can indicate:创建或更新紧急停堆用户时,可以指示:
When you use 当您使用SCRAM-SHA-256, MongoDB requires server-side password hashing, which means that the server digests the password. SCRAM-SHA-256时,MongoDB需要服务器端密码散列,这意味着服务器会消化密码。For more information, see 有关详细信息,请参阅db.createUser() and db.updateUser().db.createUser()和db.updateUser()。
The minimum driver versions that support 支持SCRAM are:SCRAM的最低驱动程序版本为:
Version | Version | ||
|---|---|---|---|
| C | 1.1.0 | PHP | 1.0 |
| C++ | 1.0.0 | Python | 2.8 |
| C# | 1.10 | Perl | 1.0.0 |
| Go | 1.0.0 | Ruby | 1.12 |
| Java | 2.13 | Rust | 1.0.0 |
| Motor | 0.4 | Scala | 2.8.0 |
| Node.js | 1.4.29 | Swift | 1.0.0 |
If you use SCRAM-SHA-1:如果使用SCRAM-SHA-1:
if you use FIPS mode, then instead of SCRAM-SHA-1 use:如果使用FIPS模式,则不使用SCRAM-SHA-1,而是使用: