0

We were thinking to use Mongo in a multi-application multi-database system. But we are not able to figure it out. Let me lay it out here.

AWS server
|
|_ Mongo
  |
  |_App1
  |_
    |_DB1
    |_DB2
    |_DB3 ...
    |
  |_App2
  |_
    |_DB1
    |_DB2
    |_DB3 ...
  ...

So here, App1 should have access to all the databases under it, and it should be only able to see those databases and not the others.

When we tried to provide authentication, this is at a specific database level, but we needed at the application level.

Is this structure possible in mongo?

In simple terms, if we consider APPs as different users, Can different users can access sets of databases with a single authentication. What I mean is,

Say user1 has access to db1, db2 but db3, db4 ... So can we create some kind of a role to the user so that he has access to set of databases but not all. In this example, user should have access only to db1 and db2.

Community
  • 1
  • 1
Abhijith Nagaraja
  • 3,370
  • 6
  • 27
  • 55
  • Why would you? Adding a field like `application:"foo"` and proper _authorization_ (like object ownership relations checking) should do the trick. – Markus W Mahlberg Oct 27 '16 at 21:48
  • Apps are completely unrelated to each other and hence we cannot use a single database. Think it as facebook and Instagram. We can't have a single database for both the application. In those cases we need multiple databases even for a single applciation – Abhijith Nagaraja Oct 27 '16 at 21:51
  • Multiple databases for a single application? I bet 3 days of free data modelling for you that you can't come up with a use case that can't be done more easily and efficiently with a single database. Do you call, and what is your wager? – Markus W Mahlberg Oct 27 '16 at 21:54
  • @MarkusWMahlberg think about Mars mission or app controlling intra galaxy spaceship :) – Saleem Oct 28 '16 at 01:47
  • Thats not exactly the same project. – Markus W Mahlberg Oct 28 '16 at 08:30
  • @MarkusWMahlberg, let me put it this way. Muti-tenancy approach, where each tenant gets their own database, and as an application owner only I should have access to all the databases under my application. It's not about data modeling (That's rude and sarcastic in a way, but I really don't mind), I know it can be done efficiently with a single database, but we have a requirement and that need this setup. – Abhijith Nagaraja Oct 28 '16 at 19:25
  • Was neither meant as rude or sarcastic - just honest. A multi-tenancy is easier to achieve with a single database. A simple `{tenant:"foo"}` discriminator does the job, without juggling with multiple connection pools. Add an authorisation filter to make sure each tenant gets only access to their data and you are game. – Markus W Mahlberg Nov 01 '16 at 15:10
  • @MarkusWMahlberg, I know it can be done in the way you are describing, but that is not the point. We have a requirement which needs to be done in this way. Otherwise, I wouldn't have tried this approach – Abhijith Nagaraja Nov 02 '16 at 08:01
  • In that case, you need to have an admin app dealing with multiple data sources. Funny requirement for a multi-tenant application. That way, I'd rather call it one application with multiple deployments. – Markus W Mahlberg Nov 02 '16 at 13:53

0 Answers0