Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-8726

RepoInit: documentation implies that users can be created with pw-hash

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Documentation
    • None

    Description

      the documentation for repo init contains the following example on line 171:

          create user demoUser with password {SHA-256} dc460da4ad72c482231e28e688e01f2778a88ce31a08826899d54ef7183998b5

      this implies that repo init allows to create a user with a pw-hash. however, this is not the case, when looking at the corresponding code in o.a.s.jcr.repoinit, which ultimately calls UserManager.createUser(id, pw, principal, intermediatePath, which takes a plain text password (any string or null). if and how the pw is being hashed is an implementation detail.

      in order to make this clear and no generate the impression that a pw-hash can be specified, i would suggest to change the example to

          create user demoUser with password plaintextpw

      Attachments

        Activity

          People

            Unassigned Unassigned
            angela Angela Schreiber
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: