[jira] [Commented] (JCRVLT-118) Complex passwords are not handled properly via URL

Wed, 04 Jan 2017 20:56:03 -0800 

    [ 
https://issues.apache.org/jira/browse/JCRVLT-118?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15800322#comment-15800322
 ] 

Tobias Bocanegra commented on JCRVLT-118:
-----------------------------------------

providing the password in the url only works for simple ones.
for more complext passwords, use the {{--credentials}} parameter with no 
password. eg:

{noformat}
$ vlt --credentials admin --update-credentials rcp -n 
http://server1:4502/crx/-/jcr:root/.... http://server2:4502/crx/-/jcr:root/...
Copy http://server1:4502/crx/server/-/jcr:root/... to 
http://server2:4502/crx/server/-/jcr:root/... (non-recursive)
Connecting via JCR remoting to http://server1:4502/crx/server
Connecting via JCR remoting to http://server2:4502/crx/server
Please enter password for user admin connecting to 
http://server1:4502/crx/server/-/jcr:root/...: *****
Please enter password for user admin connecting to 
http://server2:4502/crx/server/-/jcr:root/...: *****
{noformat}

alternatively you can do a quick login to the servers, in order to update the 
{{~/.vault/auth.xml}} :

{noformat}
$ vlt --credentials admin co --force http://server1:4502/crx/-/jcr:root/libs
Connecting via JCR remoting to http://server1:4502/crx/server
Please enter password for user admin connecting to 
http://server1:4502/crx/server/-/jcr:root/: *****
[WARN ] Credentials for http://server1:4502/crx/server/-/jcr:root/ updated in 
/Users/tripod/.vault/auth.xml.
(CTRL+C)

$ vlt --credentials admin co --force http://server2:4502/crx/-/jcr:root/libs
Warning: --force was specified but no prior checkout detected. disabling it.
Connecting via JCR remoting to http://server2:4502/crx/server
Please enter password for user admin connecting to 
http://server2:4502/crx/server/-/jcr:root/: *****
[WARN ] Credentials for http://server2:4502/crx/server/-/jcr:root/ updated in 
/Users/tripod/.vault/auth.xml.
(CTRL+C)

$ cat ~/.vault/auth.xml
<?xml version="1.0" encoding="UTF-8"?>
<auth version="1.0">
  <repository uri="http://server2:4502/crx/server/null";>
    <credentials type="simple">
      <user name="admin" password="{DES}86bcae92d3ab0bf44c766cecb41db4e2"/>
    </credentials>
  </repository>
  <repository uri="http://server1:4502/crx/server/null";>
    <credentials type="simple">
      <user name="admin" password="{DES}e07a236120a4e6d6efac2773a2c4eef9"/>
    </credentials>
  </repository>
</auth>

$ vlt rcp -n http://server1:4502/crx/-/jcr:root/... 
http://server2:4502/crx/-/jcr:root/...
Copy http://server1:4502/crx/server/-/jcr:root/... to 
http://server2:4502/crx/server/-/jcr:root/... (non-recursive)
Connecting via JCR remoting to http://server1:4502/crx/server
Connecting via JCR remoting to http://server2:4502/crx/server
...
{noformat}

> Complex passwords are not handled properly via URL
> --------------------------------------------------
>
>                 Key: JCRVLT-118
>                 URL: https://issues.apache.org/jira/browse/JCRVLT-118
>             Project: Jackrabbit FileVault
>          Issue Type: Bug
>          Components: vlt
>    Affects Versions: 3.1.16
>            Reporter: J. Casalino
>
> When using vlt rcp and the URL login method, a username with a complex 
> password including symbols, even when enclosed in either single or double 
> quotes, will fail to log in properly.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to