I suggested having the admin user login and password in the framework. A couple
of people responded that doing so would open up a security hole. I asked how a
user would log into a new installation if there was no initial user login and
password. The discussion stopped there.
-Adrian
--- On Sun, 1/25/09, David E Jones <david.jo...@hotwaxmedia.com> wrote:
> From: David E Jones <david.jo...@hotwaxmedia.com>
> Subject: Re: Question about hashed passwords in seed data
> To: "dev@ofbiz.apache.org" <dev@ofbiz.apache.org>
> Cc: "dev@ofbiz.apache.org" <dev@ofbiz.apache.org>
> Date: Sunday, January 25, 2009, 12:42 PM
> Maybe you understood incorrectly, if you are referring to
> what I think you are.
>
>
> -David
>
>
> On Jan 25, 2009, at 13:01, Adrian Crum
> <adrian.c...@yahoo.com> wrote:
>
> > --- On Sun, 1/25/09, Jacopo Cappellato
> <jacopo.cappell...@hotwaxmedia.com> wrote:
> >> Also, I would like to move the UserLogin record
> for the
> >> "admin" and "system" UserLogin
> >> (including the relevant entries in the
> >> PasswordSecurityData.xml file) from the
> securityext to the
> >> security component, i.e. from the applications to
> the
> >> framework.
> >>
> >> In this way we will be able to log in to the
> webtools
> >> application even if we are running a framework
> only version
> >> of OFBiz.
> >
> > I suggested that some time ago and the reply was that
> there were to be no user login IDs or passwords supplied
> with the framework.
> >
> > -Adrian
> >
> >
> >
> >
