Re: Question about hashed passwords in seed data

[David E Jones]

On Jan 31, 2009, at 11:18 AM, Jacopo Cappellato wrote:

On Jan 31, 2009, at 7:55 PM, David E Jones wrote:


On Jan 31, 2009, at 6:57 AM, Jacopo Cappellato wrote:

On Jan 25, 2009, at 9:51 PM, David E Jones wrote:

I should also concede that I may not have communicated very well...

The system account definitely needs to be there, and in seed  
data. The admin account we be a good thing to have in demo data,  
but my objection is to always having admin there, ie in seed data.

Ok,

I did some research and I have noticed the following things:

1) the "system" account is loaded with seed data in the framework:  
this is good
2) the "system" account password (ofbiz) is loaded with seed- 
initial data in the applications: do we really need to set a  
password for it? If the password is not required, it would be a  
good news and we could remove the password entry.

Technically it is system only so you can't authenticate with it  
anyway, so it should be fine to not have a password on...

3) the "admin" user is loaded with seed data in the applications  
(and its password with seed-initial data): should we move it to  
demo data? I think that, now that we have an ant script to create  
a user, we could really move this to demo data without issues

Yeah, IMO we should move it to demo data (and all related data, and  
similar accounts like flexadmin, demoadmin, etc that aren't already  
in demo data).

-David


Sounds like a plan.
I am working on this right now... I just have a doubt about the data  
in this file:

http://svn.apache.org/repos/asf/ofbiz/trunk/applications/securityext/data/SecurityExtData.xml

It is currently loaded as seed data; do you think it will be an  
issue to move it to demo data?

To summarize, all the following entries:

   <entity-resource type="data" reader-name="seed" loader="main"  
location="data/SecurityExtData.xml"/>
   <entity-resource type="data" reader-name="demo" loader="main"  
location="data/UserDemoData.xml"/>
   <entity-resource type="data" reader-name="seed-initial"  
loader="main" location="data/PasswordSecurityData.xml"/>

will be changed to:

   <entity-resource type="data" reader-name="demo" loader="main"  
location="data/SecurityExtData.xml"/>
   <entity-resource type="data" reader-name="demo" loader="main"  
location="data/UserDemoData.xml"/>
   <entity-resource type="data" reader-name="demo" loader="main"  
location="data/PasswordSecurityData.xml"/>

and in the last one I will remove the password for the "system"  
user. Actually, we could even merge SecurityExtData.xml and  
UserDemoData.xml

Yes, that sounds about right. I just checked out those files and I  
also like the idea of merging SecurityExtData.xml into  
UserDemoData.xml too.

-David