Table of Contents |
---|
JSP script
Warning |
---|
JSP is deprecated in 6.0. Use the Groovy Rescue App instead. |
If you lost superuser password and are unable log in, use this procedure to reset the account back to its default settings. In case the user has been locked see Re-enabling a locked-out account instead.
- Stop Magnolia CMS.
Copy the following JSP script and save it to your
docroot
folder, for example<apache-tomcat>/webapps/magnoliaAuthor/docroot/recovery-script.jsp
.Code Block language java xml xml title recovery-script.jsp <%@ page contentType="text/plain" %> <%@ page import="info.magnolia.importexport.BootstrapUtil"%> <%@ page import="info.magnolia.context.*"%> <%@ page import="info.magnolia.cms.util.ContentUtil"%> <%@ page import="info.magnolia.cms.core.HierarchyManager"%> <%@ page import="javax.jcr.Node"%> <%@ page import="javax.jcr.ImportUUIDBehavior"%> <% info.magnolia.context.MgnlContext.setInstance(new info.magnolia.context.SingleJCRSessionSystemContext()); try{ BootstrapUtil.bootstrap(new String[]{"/mgnl-bootstrap/core/users.system.superuser.xml"}, ImportUUIDBehavior.IMPORT_UUID_COLLISION_REMOVE_EXISTING); HierarchyManager hm = MgnlContext.getHierarchyManager("users"); hm.save(); } catch (Exception e) { System.out.println(e); } System.out.println("finished"); %>
Open
.Add the following servlet mapping after the<apache-tomcat>/webapps/magnoliaAuthor/WEB-INF/web.xml
in a text editor<distributable/>
node.Code Block xml xml <servlet-mapping> <servlet-name>jsp</servlet-name> <url-pattern>/docroot/recovery-script.
jsp</url-pattern> </servlet-mapping>Comment out the
<filter>
and<filter-mapping>
sections.Code Block xml language xml <!-- filter> <display-name>Magnolia global filters</display-name> <filter-name>magnoliaFilterChain</filter-name> <filter-class>info.magnolia.cms.filters.MgnlMainFilter</filter-class> </filter> <filter-mapping> <filter-name>magnoliaFilterChain</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> <dispatcher>INCLUDE</dispatcher> <dispatcher>ERROR</dispatcher> </filter-mapping -->
Warning This will also disable the URI security filter, making your system vulnerable. Use a firewall or Apache Web Server in front of your application server to prevent unauthorized access while you do this.
- Save the
web.xml
file. - Start Magnolia CMS.
Request the JSP script at http://localhost:8080/magnoliaAuthor/docroot/recovery-script.jsp
.
The script will bootstrap the superuser account to default settings. You should see the following line in the log:Code Block WARN info.magnolia.importexport.BootstrapUtil: Deleted already existing node for bootstrapping: /system/superuser
- Stop Magnolia CMS.
- Remove the servlet mapping you added to
web.xml
and uncomment Uncomment the<filter>
and<filter-mapping>
sections in theweb.xml
. (Undo step 4). - Start Magnolia CMS.
Log in as superuser with password
superuser
.Tip If you still cannot login then try recreating search indexes for the users workspace.
- As needed, add back any groups that might be needed by the superuser (see comment at bottom).
Alternative procedure using the Groovy Rescue App
An alternative to the above procedure is using the Groovy Rescue App.
Once set up as explained in the documentation link above, you can run the following script in the rescue app
Code Block | ||||
---|---|---|---|---|
| ||||
session = MgnlContext.getJCRSession('users')
superuser = session.getNode('/system/superuser')
superuser.pswd = info.magnolia.cms.security.SecurityUtil.getBCrypt('superuser')
session.save() |
As with the JSP script, after you run the script you need to stop the web app and uncomment the filters sections in web.xml before rebooting Magnolia (refer again to Groovy Rescue App).