Hey Stefan, Thanks! Exactly what I was looking for then ;)
Greets, Roy > On 4 Oct 2016, at 17:22, Stefan Seifert <[email protected]> wrote: > > when the repository is up and running the repository authentication is used > for web console as well. > but during startup phase, or when the repository is down/unavailable the > authentication built into the web console itself takes place. > > you need to change the admin password in the osgi config "Apache Felix OSGi > Management Console" as well. esp. on production systems or you have a > security leak if the repository is not available for whatever reason. > > stefan > >> -----Original Message----- >> From: Roy Teeuwen [mailto:[email protected]] >> Sent: Tuesday, October 4, 2016 4:45 PM >> To: [email protected] >> Subject: Authentication handler >> >> Hey all, >> >> When starting up our sling instance, if you go to /system/console in the >> VERY beginning (like 1-3 seconds after doing a startup), it is possible to >> log in with admin/admin, even when the admin password has been changed to >> something else. >> What bundle has to come active for this hardcoded default login not to work >> anymore? >> >> Greetings, >> Roy >
