portals-jetspeed-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pesendorfer, Tom" <tom.pesendor...@eds.com>
Subject [JS2] LDAP authentication
Date Mon, 07 Feb 2005 18:24:05 GMT
I noticed Jetspeed 2 comes with LDAPCredentialHandler and
LDAPUserSecurityHandler, but changing the Spring configuration to use these
does not seem to have any effect.  Does anyone know how they are supposed to
work/be used and whether they are missing parts of their implementation?
Also, in another post (can't find it anymore, must have been on the dev
list), someone suggested that an easier way to get LDAP to work (provided
you don't need user management functionality through your portal) would be
to implement a SecurityValve.  Has anyone done this & can post/email the
code required? Any other pointers regarding LDAP authentication would also
be appreciated,

Thanks & regards,
Tom

-----Original Message-----
From: Ate Douma [mailto:ate@douma.nu] 
Sent: Monday, 7 February 2005 10:37 AM
To: Jetspeed Users List
Subject: Re: Admin password for jetspeed 2


Jack,

The default/demo user accounts are inserted in the database table
SECURITY_CREDENTIAL
by the database dependent populate-userinfo-for-default-psml.sql scripts
which
you can find under the src/sql folder.
For all these accounts the (initial) password is the same as the user name:

   admin/admin
   jetspeed/jetspeed
   user/user

   et cetera

Now, as you probably have tried more than 3 times different passwords for
the
admin user, you are in bad luck: the account will be locked out by now by
the
default configured security rules!
You can re enable a user account by setting the IS_ENABLED column value for
the
admin user back to 1 (it will be 0 if the account is locked out).

To determine which record actually is the one for the admin user, find
the record with:
       SECURITY_CREDENTIAL.PRINCIPAL_ID = SECURITY_PRINCIPAL.PRINCIPAL_ID
   AND SECURITY_PRINCIPAL.FULL_PATH = '/user/admin'
or just set them all back to value 1.

The reason you couldn't find the correct password (anymore) for the admin
user
in the database is because it is encrypted by now. Initially, these aren't
encrypted
as you can find out from the populate scripts, but they will be at first
access
(with the default configured security rules that is).

Once you have re enabled the admin user and can login with admin/admin, you
can use
the administrative UserManagement portlets to enable other user accounts
which might
have been locked out again.

Note: at first login, you'll be required to change the password again ;-)

And yes, you are right, we should document this more prominently I guess :-)

Regards,

ATe

Jack Lund wrote:
> Hi. I apologize if this is a newbie question, but I'm having a lot of
> trouble logging in as admin with my jetspeed 2 installation. The
> jetspeed 2 docs don't seem to have any indication (that I have seen) of
> what the default admin password is, and I've tried the one listed in the
> jetspeed 1 docs, plus any others I could think of. I've also tried
> looking for docs on where the passwords are kept, with no luck. I've
> also tried just looking through the DB tables, again with no luck.
> 
> Please, any assistance would be greatly appreciated.
> 
> Thanks.
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org


Mime
View raw message