Comments (2)
krystian-panek-wttech
commented on June 5, 2024
introduce aem user update-password --id admin --password <pwd>
if id == admin then AEMC will store internally password encrypted by salt
base:
security:
algorithm: AES256
salt: <RANDOMLY_GENERATED_UPON_CONFIG_INIT>
or that salt could be set on nodes as environment variable .Env.AEM_BASE_SALT
security constraints assumed:
- when called from aemc-ansible, the file aem.yml with that salt will be only temporarily persisted on VM; Ansible ensures to clean that file immediately after module execution
- that file will be created with read-only permissions for root user (Ansible user who is executing the module); no-one else will be able to read that value
AEMC should be able to rotate admin password when used to check its stability as:
- AEM on first run before reaching 30% of bundles stable is using default
adminpwd instead of the target one - e.g set by-Dadmin.passwordfile=so that during single AEMC command the 2 different passwords need to be used and such case need to be supported
from aemc.
krystian-panek-wttech
commented on June 5, 2024
implemented previous-password-less approach using oakrun;
only to be polished / that jansi error especially - https://issues.apache.org/jira/browse/OAK-5961
@tomasz-sobczyk-wttech WDYT?
I decided to embed oak-run to aemc binary to avoid unexpected file downloads occurrence when oak-run will be needed on password change; 50mb; what is interesting only 1.42 version works, newer ones are broken (corrupted jar file / not launchable, too small size)
from aemc.
Related Issues (20)
- Auto-provided JDK does not work with Mac OS ARM HOT 1
- Timezone 'Australia/Sydney' missing for Docker image HOT 5
- Restart replication bundle after agent provisioning
- Detect failed activation of configured bundles/components HOT 1
- Consider printing all unstable bundles/components in the end of checking
- Question: Downsync from AEMaaCS Instance HOT 2
- Support connecting to AEMaaCS author instance
- Upgrade Resty HOT 1
- Read and pass project package to the aem.yml on init
- Extend component stable check HOT 2
- Implement advanced package install/deploy options
- More detailed components checking
- Content copy improvements HOT 1
- Unable to run initial AEMC setup HOT 12
- sh taskw start fails (due to regression in latest Docker version?) HOT 1
- Different colors for author and publish instances
- Skip instance name in nested error messages
- Content cleaner could remove blank lines
- Unknown time zone Etc/UTC
- Maven Not Bundled with Setup HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aemc.