Note that the example configuration file
etc/restheart.yml also enables the RESTHeart security. Opening the HAL browser page, you’ll be asked to authenticate. You can use of one of the credentials defined in
etc/security.yml file (try username = ‘a’ and password = ‘a’).
7.1 Connect RESTHeart to MongoDB over TLS/SSL
MongoDB clients can use TLS/SSL to encrypt connections to mongod and mongos instances.
$ java -server -Djavax.net.ssl.trustStore=rhTrustStore -Djavax.net.ssl.trustStorePassword=changeit -Djavax.security.auth.useSubjectCredsOnly=false -jar restheart.jar restheart.yml
7.2. MongoDB authentication with just enough permissions
In the previous examples we used a mongodb user with root role (or clusterAdmin and dbAdminAnyDatabase roles for version 2.4) for the sake of simplicity. This allows RESTHeart to execute any command on any mongodb resource.