![]() |
|
|
|
|
Change By:
|
Jens Denke
(06/Feb/13 1:56 PM)
|
|
Description:
|
We have a question about generating a user with the MgnlUserManager.
We are using Magnolia 4.5.7 for a project where we have to import users from an old CMS. To import the users to Magnolia, we use MgnlUserManager-Object to create a new user in Magnolia. Also the default role for the default system rights are added to the users.
{code:java} /**
* Creates the magnolia user for the imported employee and set the correct user group.
*
* @param empNode
* the emplyoee node
* @param travelAgencyUUID
* the travel agency uuid/identifier
* @throws ItemNotFoundException
* @throws RepositoryException
*/
private void createMgnlUser(Node empNode, String travelAgencyUUID, String masterPwd) throws ItemNotFoundException, RepositoryException {
String userName = null;
Node travelAgencyNode = this.dataSession.getNodeByIdentifier(travelAgencyUUID);
String costCenterID = travelAgencyNode.getProperty(DERCommon.getPropertyValue(this.resourceBundle, "KST")).getString();
// Check if the subfolder for the travel agency already exists in the user repository. Otherwise create it.
Node usersRootNode = this.userSession.getRootNode();
Node travelAgencyUsersNode = DERCommon.getOrCreateNode(usersRootNode, "admin/" + travelAgencyNode.getName(), MgnlNodeType.NT_FOLDER);
this.userSession.save();
this.mgnlUserManager.setRealmName(travelAgencyUsersNode.getPath().replaceFirst("/", ""));
userName = empNode.getProperty(DERCommon.getPropertyValue(this.resourceBundle, "PNR")).getString();
if (Security.getUserManager().getUser(userName) == null) {
User user = null;
if(this.isRL(empNode)) {
user = this.mgnlUserManager.createUser(userName, masterPwd);
mgnlUserManager.addGroup(user, costCenterID + "_rl");
} else if(this.isLVL(empNode)) {
user = this.mgnlUserManager.createUser(userName, masterPwd);
mgnlUserManager.addGroup(user, costCenterID + "_lvl");
} else {
user = this.mgnlUserManager.createUser(userName, DERCommon.USER_STD_PWD);
mgnlUserManager.addGroup(user, costCenterID + "_emp");
}
this.mgnlUserManager.setProperty(user, "enabled", "true");
this.mgnlUserManager.setProperty(user, "title", empNode.getProperty(DERCommon.getPropertyValue(this.resourceBundle, "VORNAME")).getString()
+ " " + empNode.getProperty(DERCommon.getPropertyValue(this.resourceBundle, "NACHNAME")).getString());
}
}{code}
Now we have the following Problem. The default MgnlUserManager which comes with the magnolia-core uses Base64 to encode the specified password. The generated password in the jcr e.g. 123456 looks like: YmE2ZDRmYmI=
If i create a user directly in the Magnolia-Author the same password looks like: $2a$12$dkE5vtlwmj.jbu2weP5YTOdnSliOApPVjBhS1jWgaAWVwaZbslNJS
After a short research we found this: http://forum.magnolia-cms.com/forum/thread.html?threadId=fa98a037-8034-4b10-bffc-aea1957b1987
Which refers to http://svn.magnolia-cms.com/view/community/magnolia/trunk/magnolia-core/src/main/java/info/magnolia/setup/HashUsersPasswords.java?revision=52870&pathrev=52870 where BCrypt is used instead of Base64. So we defined our own MgnlUserManager where we changed the encodePassword from Base64 to BCrypt:
{code:java}protected String encodePassword(String clearPassword) {
// Old and wrong encode
// return new String(Base64.encodeBase64(clearPassword.getBytes()));
String pwd = SecurityUtil.getBCrypt(clearPassword);
return pwd;
}{code}
Now we have the following password in the JCR: $2a$12$304vFWyzml2cia.awsctPOR.qxq3YpDzjMTDAzvp3R6inH/ODodtq
But the login won't work. Is there any way to generate the users and they are able to login to the system? When we edit the auto generated user (with the superuser) and set the password with the edit formular which comes by default, we can login to the system. Just the generated password via MgnlUserManager won't work!
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <dev-list-unsubscr...@magnolia-cms.com>
----------------------------------------------------------------
