Community Edition
User and password management for Community Edition is a subset of the functionality available in Enterprise Edition. The following is true for user management in Community Edition:
-
It is possible to create multiple users.
-
All users assume the privileges of an
admin
for the available functionality.
Users are managed by using built-in procedures through Cypher. This section gives a list of all the security procedures for user management along with some simple examples. Use Neo4j Browser or Neo4j Cypher Shell to run the examples provided. Unless stated otherwise, all arguments to the procedures described in this section must be supplied.
Name | Description |
---|---|
Change the current user’s password |
|
Add a user |
|
Delete a user |
|
List all users |
Change the current user’s password
The procedure dbms.security.changePassword(newPassword, requirePasswordChange) has been entirely removed since the corresponding Cypher administration command also requires the old password, and thus is more secure.
Please use ALTER CURRENT USER SET PASSWORD FROM 'oldPassword' TO 'newPassword' , documented in the Cypher Manual, instead.
|
Add a user
The current user is able to add a user to the system.
Syntax:
CALL dbms.security.createUser(username, password, requirePasswordChange)
Arguments:
Name | Type | Description |
---|---|---|
|
String |
This is the user’s username. |
|
String |
This is the user’s password. |
|
Boolean |
This is optional, with a default of |
Exceptions:
The username either contains characters other than the ASCII characters between |
The username is already in use within the system. |
The password is the empty string. |
The following example creates a user with the username 'johnsmith' and password 'h6u4%kr'. When the user 'johnsmith' logs in for the first time, he will be required to change his password.
CALL dbms.security.createUser('johnsmith', 'h6u4%kr', true)
Delete a user
The current user is able to delete permanently a user from the system.
Syntax:
CALL dbms.security.deleteUser(username)
Arguments:
Name | Type | Description |
---|---|---|
|
String |
This is the username of the user to be deleted. |
Exceptions:
The username does not exist in the system. |
The username matches that of the current user (i.e. deleting the current user is not permitted). |
Considerations:
Deleting a user will terminate with immediate effect all of the user’s sessions and roll back any running transactions. |
As it is not possible for the current user to delete themselves, there will always be at least one user in the system. |
The following example deletes a user with the username 'janebrown'.
CALL dbms.security.deleteUser('janebrown')
List all native users
The current user is able to view the details of every user in the system.
Syntax:
CALL dbms.security.listUsers()
Returns:
Name | Type | Description |
---|---|---|
|
String |
This is the user’s username. |
|
List<String> |
This is a flag indicating whether the user needs to change their password. |
The following example shows the username for each user in the system, and whether the user needs to change their password.
CALL dbms.security.listUsers()
+-----------------------------------------+ | username | flags | +-----------------------------------------+ | "neo4j" | [] | | "anne" | ["password_change_required"] | | "bill" | [] | +-----------------------------------------+ 3 rows