sling-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "angela (Jira)" <j...@apache.org>
Subject [jira] [Created] (SLING-8726) RepoInit: documentation implies that users can be created with pw-hash
Date Fri, 20 Sep 2019 09:23:00 GMT
angela created SLING-8726:
-----------------------------

             Summary: RepoInit: documentation implies that users can be created with pw-hash
                 Key: SLING-8726
                 URL: https://issues.apache.org/jira/browse/SLING-8726
             Project: Sling
          Issue Type: Bug
          Components: Documentation
            Reporter: angela


the documentation for repo init contains the following example on line 171:

{code}
    create user demoUser with password {SHA-256} dc460da4ad72c482231e28e688e01f2778a88ce31a08826899d54ef7183998b5
{code}

this implies that repo init allows to create a user with a pw-hash. however, this is not the
case, when looking at the corresponding code in {{o.a.s.jcr.repoinit}}, which ultimately calls
{{UserManager.createUser(id, pw, principal, intermediatePath}}, which takes a plain text password
(any string or null). if and how the pw is being hashed is an implementation detail.

in order to make this clear and no generate the impression that a pw-hash can be specified,
i would suggest to change the example to

{code}
    create user demoUser with password plaintextpw
{code}





--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message