run-install is for demostatration purposes only, see description of ant targets: run-install This loads all configured data; meant for generic OFBiz development, testing, demonstration, etc purposes
run-install-extseed This loads seed, seed-initial and ext data; meant for manual/generic testing, development, or going into production with a derived system based on stock OFBiz where the ext data basically replaces the demo data run-install-exttest This loads seed, seed-initial, ext and ext-test data; meant for automated testing with a derived system based on stock OFBiz run-install-file This loads data using the command line argument 'file' to load data from a given file run-install-readers This loads data using the command line argument 'readers' that takes a comma separated list of readers (seed, seed-initial, demo, ext, ext-test, ext-demo) run-install-seed This loads ONLY the seed data (not seed-initial, demo, ext* or anything else); meant for use after an update of the code to reload the seed data as it is generally maintained along with the code and needs to be in sync for operation It's not possible handle stupid/busy(?) admin, which installs production system with "run-install" and with default user passwords :-) Best target for not-demo system, for me, is "run-install-extseed", this load custom data, but not _any_ default login data, including default admin data. It means, after this is not possible login to ofbiz any way, if any super-user is not included in custom data, or if "create-admin-user-login" is not ran. ya Dňa Po, 2009-08-10 o 05:42 -0700, chris snow (JIRA) napísal: > Attacker can access system with admin/ofbiz username/password. > > Perhaps run-install should prompt for a username and password for admin > rather than just installing known passwords? That way if some > forgets/doesn't know about ./ant create-admin-user-login, they won't have a > vulnerable system.