authentication in shard cluster

I have shard cluster with below setup:-

1. 3 shards

2. 3 config servers

I have started all of the above 6 mongod processes with --auth option.

I have one sharded deatabase and 1 sharded collection.

Now, I want to create one user to be the overalll cluster admin, one to read/write on database and other to only read that database.

How can this authentication be configured?

I tried following command on mongos:-

db.createUser(

            {
                        user: "test3",
                        pwd: "password",
                        roles:
                        [

                        {
        role: "userAdminAnyDatabase",
        db: "admin"
                        }
                        ]
            }
            )

Then logout from mongos. But i was not able to connect to mongos using these credentials. But on config server I can login using this credentails.

How to enable authentication on mongos?

How can I configure authentication for my query router? 

I found nothing in mongodb docs.

I found this: http://docs.mongodb.org/manual/tutorial/enable-authentication-in-sharded-cluster/

Have you checked your steps against that page?

Thanks a lot.. It worked

Is there any other way to do this except using keyfile?