Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
the documentation for repo init contains the following example on line 171:
create user demoUser with password {SHA-256} dc460da4ad72c482231e28e688e01f2778a88ce31a08826899d54ef7183998b5
this implies that repo init allows to create a user with a pw-hash. however, this is not the case, when looking at the corresponding code in o.a.s.jcr.repoinit, which ultimately calls UserManager.createUser(id, pw, principal, intermediatePath, which takes a plain text password (any string or null). if and how the pw is being hashed is an implementation detail.
in order to make this clear and no generate the impression that a pw-hash can be specified, i would suggest to change the example to
create user demoUser with password plaintextpw