[
https://issues.apache.org/jira/browse/SLING-8726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16935688#comment-16935688
]
angela commented on SLING-8726:
-------------------------------
[~rombert], since you recently updated the repo-init documentation, you may
also want to look into this one....
> RepoInit: documentation implies that users can be created with pw-hash
> ----------------------------------------------------------------------
>
> Key: SLING-8726
> URL: https://issues.apache.org/jira/browse/SLING-8726
> Project: Sling
> Issue Type: Bug
> Components: Documentation
> Reporter: angela
> Priority: Major
>
> the documentation for repo init contains the following example on line 171:
> {code}
> create user demoUser with password {SHA-256}
> dc460da4ad72c482231e28e688e01f2778a88ce31a08826899d54ef7183998b5
> {code}
> this implies that repo init allows to create a user with a pw-hash. however,
> this is not the case, when looking at the corresponding code in
> {{o.a.s.jcr.repoinit}}, which ultimately calls {{UserManager.createUser(id,
> pw, principal, intermediatePath}}, which takes a plain text password (any
> string or null). if and how the pw is being hashed is an implementation
> detail.
> in order to make this clear and no generate the impression that a pw-hash can
> be specified, i would suggest to change the example to
> {code}
> create user demoUser with password plaintextpw
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
