如何更改jackrabbit的管理员密码

发布于 2024-11-06 22:56:51 字数 171 浏览 4 评论 0原文

您好,我正在使用嵌入式 jackrabbit 和 tomcat。我想将管理员用户的默认密码更改为其他密码,以便安全可靠。

我在repository.xml 中看到将adminId 更新为不同的id,但默认情况下它采用与用户id 相同的密码。所以任何人都可以帮助为不同的用户设置密码。

谢谢 马尼沙

Hi I am using embedded jackrabbit with tomcat. I wanted to change the default password for admin user to something else so it's secure and safe.

I saw in repository.xml place to update adminId to different id but it by defaults takes the same password as user id. so can anybody help in setting a password to different userid.

Thanks
Manisha

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

萌辣 2024-11-13 22:56:51

据我所知,在 Jackarbbit 中没有简单的方法来更改管理员密码。使用 DefaultLoginModule 时,密码存储在“安全”工作区的受保护属性中,因此您无法更改它们。但是您可以使用 Jackrabbit ACL API 方法< /a> 来自 Java。
我可以使用一个简单的java类更改密码,如下所示:

import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.core.TransientRepository;

import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.SimpleCredentials;
import java.io.File;

public class Main {

    public static void main(String[] args) {
        Repository repository = new TransientRepository(new File("path_to_jackrabbit_home_dir"));
        try {
            Session session = repository.login(new SimpleCredentials("admin", "admin".toCharArray()));

            UserManager userManager = ((JackrabbitSession) session).getUserManager();
            Authorizable authorizable = userManager.getAuthorizable("admin");

            ((User) authorizable).changePassword("newpassword");

            session.save();
            session.logout();
        } catch (RepositoryException e) {
            System.out.println("Auth error.");
            e.printStackTrace();
        }
    }
}

另请参阅:http://jackrabbit.510166.n4.nabble.com/Doubt-with-username-and-password-td3173401.html

As far as I know, there is no simple method to change admin password in Jackarbbit. When using the DefaultLoginModule, passwords are stored in the "security" workspace in a protected property, so you cannot change them. But you can use Jackrabbit ACL API methods from Java.
I was able to change the password with a simple java class, like this:

import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.core.TransientRepository;

import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.SimpleCredentials;
import java.io.File;

public class Main {

    public static void main(String[] args) {
        Repository repository = new TransientRepository(new File("path_to_jackrabbit_home_dir"));
        try {
            Session session = repository.login(new SimpleCredentials("admin", "admin".toCharArray()));

            UserManager userManager = ((JackrabbitSession) session).getUserManager();
            Authorizable authorizable = userManager.getAuthorizable("admin");

            ((User) authorizable).changePassword("newpassword");

            session.save();
            session.logout();
        } catch (RepositoryException e) {
            System.out.println("Auth error.");
            e.printStackTrace();
        }
    }
}

See also: http://jackrabbit.510166.n4.nabble.com/Doubt-with-username-and-password-td3173401.html

攒眉千度 2024-11-13 22:56:51

https://cwiki.apache.org/confluence/display/SLING/FAQ

从链接:

使用 userManager:

卷曲\
-F“旧密码=管理员”\
-F“newPwd=弗里茨”\
-F“newPwdConfirm=弗里茨”\
http://admin:admin@localhost:8080/system/userManager /user/admin.changePassword.html

您还必须在 Felix Web 管理控制台 (/system/console/configMgr) 的“Apache Sling Embedded JCR Repository”下设置该密码。 Sling 使用它为需要完全访问存储库的组件创建管理 JCR 会话(使用 SlingRepository.loginAdministrative())。

注意:只有重新启动框架后,旧密码才会失效(截至2010年9月11日)。

注意:根据 Jackrabbit 中使用的登录模块,可能根本不会检查密码(SimpleLoginModule,Jackrabbit <= 1.4 中的标准)。从 Jackrabbit 1.5 开始,DefaultLoginModule 提供了完整的用户支持。

https://cwiki.apache.org/confluence/display/SLING/FAQ

from the link:

Using the userManager:

curl \
-F"oldPwd=admin" \
-F"newPwd=Fritz" \
-F"newPwdConfirm=Fritz" \
http://admin:admin@localhost:8080/system/userManager/user/admin.changePassword.html

You will also have to set that password in the Felix Web Management Console (/system/console/configMgr) under "Apache Sling Embedded JCR Repository." This is used by Sling to create an admin JCR session (using SlingRepository.loginAdministrative()) for components that need to have full access to the repository.

Note: Only after restarting the framework the old password will become invalid (as of 09-11-10).

Note: depending on the login module used in Jackrabbit, the password might not be checked at all (SimpleLoginModule, standard in Jackrabbit <= 1.4). Since Jackrabbit 1.5, the DefaultLoginModule provides full user support.

埋葬我深情 2024-11-13 22:56:51

我尝试过 Emanuele 的方法,并遵循了这篇文章中的一些说明:
http://jackrabbit.510166.n4.nabble .com/Doubt-with-username-and-password-td3173401.html

对我来说没有任何作用。 jcr 工具都不是:SPT JCR Managerjackrabbitexplorer, ToromiroJCR Explorerphpcr-browser

我的 Jackrabbit Web 应用程序 (3.0-SNAPSHOT) 部署在 tomcat7 中,使用 aws 作为数据存储,使用 derby 作为持久性管理器。

经过几个小时的努力,唯一对我有用的解决方案是调用这个简单的 jsp 文件,该文件之前放置在 Web 应用程序根目录中:

<%@ page import="org.apache.jackrabbit.api.JackrabbitSession,
                     org.apache.jackrabbit.api.security.user.Authorizable,
                     org.apache.jackrabbit.api.security.user.User,
                     org.apache.jackrabbit.api.security.user.UserManager,
                     org.apache.jackrabbit.core.TransientRepository,
                     javax.jcr.Repository,
                     javax.jcr.Session,
                     javax.jcr.SimpleCredentials,
                     java.io.File,
                     org.apache.jackrabbit.commons.JcrUtils,
                     org.apache.jackrabbit.j2ee.RepositoryAccessServlet"
 %>
<%

Repository repository;
try {
    repository = RepositoryAccessServlet.getRepository(pageContext.getServletContext());
    Session jackrabbitSession = repository.login(new SimpleCredentials("admin", "oldpass".toCharArray()));

            UserManager userManager = ((JackrabbitSession) jackrabbitSession).getUserManager();
            Authorizable authorizable = userManager.getAuthorizable("admin");

            ((User) authorizable).changePassword("newpass");

            jackrabbitSession.save();
            jackrabbitSession.logout();    

} catch (Throwable e) {
    %><jsp:forward page="bootstrap/error.jsp"/><%
}

request.setAttribute("title", "Apache Jackrabbit JCR Server");
%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <h1>Hello World!</h1>
    </body>
</html>

虽然与 Emanuele 的答案类似,但我实际上可以更改当前管理员密码的唯一方法是检索存储库使用 org.apache.jackrabbit.j2ee.RepositoryAccessServlet 。

I've tried Emanuele's method, and also followed some of the instructions found in this post:
http://jackrabbit.510166.n4.nabble.com/Doubt-with-username-and-password-td3173401.html

Nothing worked for me. Neither the jcr tools: SPT JCR Manager, jackrabbitexplorer, Toromiro, JCR Explorer or phpcr-browser.

My Jackrabbit webapp (3.0-SNAPSHOT) is deployed in a tomcat7, with aws as datastore and derby as persistence manager.

After struggling for several hours, the only solution that worked for me was invoking this simple jsp file, previously placed in the web application root:

<%@ page import="org.apache.jackrabbit.api.JackrabbitSession,
                     org.apache.jackrabbit.api.security.user.Authorizable,
                     org.apache.jackrabbit.api.security.user.User,
                     org.apache.jackrabbit.api.security.user.UserManager,
                     org.apache.jackrabbit.core.TransientRepository,
                     javax.jcr.Repository,
                     javax.jcr.Session,
                     javax.jcr.SimpleCredentials,
                     java.io.File,
                     org.apache.jackrabbit.commons.JcrUtils,
                     org.apache.jackrabbit.j2ee.RepositoryAccessServlet"
 %>
<%

Repository repository;
try {
    repository = RepositoryAccessServlet.getRepository(pageContext.getServletContext());
    Session jackrabbitSession = repository.login(new SimpleCredentials("admin", "oldpass".toCharArray()));

            UserManager userManager = ((JackrabbitSession) jackrabbitSession).getUserManager();
            Authorizable authorizable = userManager.getAuthorizable("admin");

            ((User) authorizable).changePassword("newpass");

            jackrabbitSession.save();
            jackrabbitSession.logout();    

} catch (Throwable e) {
    %><jsp:forward page="bootstrap/error.jsp"/><%
}

request.setAttribute("title", "Apache Jackrabbit JCR Server");
%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <h1>Hello World!</h1>
    </body>
</html>

Although is similar to Emanuele's answer, the only way I could actually change the current admin password was retrieving the repository using org.apache.jackrabbit.j2ee.RepositoryAccessServlet.

漆黑的白昼 2024-11-13 22:56:51

根据文档(http://jackrabbit.apache.org/jcr/jackrabbit-configuration .html),您可以使用以下方式设置密码:

<param name="password" value="test"/>

示例:

<LoginModule class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule">
           <!-- 
              anonymous user name ('anonymous' is the default value)
            -->
           <param name="anonymousId" value="anonymous"/>
           <!--
              administrator user id (default value if param is missing is 'admin')
            -->
           <param name="adminId" value="newUser"/>
           <param name="password" value="newPassword"/>
</LoginModule>

According to the documentation (http://jackrabbit.apache.org/jcr/jackrabbit-configuration.html), you can set the password with:

<param name="password" value="test"/>

Example:

<LoginModule class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule">
           <!-- 
              anonymous user name ('anonymous' is the default value)
            -->
           <param name="anonymousId" value="anonymous"/>
           <!--
              administrator user id (default value if param is missing is 'admin')
            -->
           <param name="adminId" value="newUser"/>
           <param name="password" value="newPassword"/>
</LoginModule>
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文