[Zope] lost zope password
Hi I am new around here. If I am not in the right place then please feel free to point me elsewhere. I have a site running Plone. The admin/manager password for zope is lost. I followed the instructions here after googling a bit: http://quintagroup.com/services/support/tutorials/zope-access/ to create an emergency user (following the 2. How to create emergency Zope access user in your Zope instance, created with buildout, instructions) But I can't login with the login created for the emergency user I can see the 'access' file that is created, and I put it where the instructions indicate. * Plone 3.1.6 * CMF 2.1.1 * Zope (Zope 2.10.6-final, python 2.4.5, linux2) * Python 2.4.5 (#2, Jul 31 2008, 18:51:48) [GCC 4.2.3 (Ubuntu 4.2.3-2ubuntu7)] * PIL 1.1.6 Running on ubuntu server. I am using the port specified in zope.conf Any pointers would be gratefully received :) Thanks! -- Jel Coward ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] lost zope password
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jel Coward wrote: Hi I am new around here. If I am not in the right place then please feel free to point me elsewhere. I have a site running Plone. The admin/manager password for zope is lost. I followed the instructions here after googling a bit: http://quintagroup.com/services/support/tutorials/zope-access/ to create an emergency user (following the 2. How to create emergency Zope access user in your Zope instance, created with buildout, instructions) But I can't login with the login created for the emergency user I can see the 'access' file that is created, and I put it where the instructions indicate. * Plone 3.1.6 * CMF 2.1.1 * Zope (Zope 2.10.6-final, python 2.4.5, linux2) * Python 2.4.5 (#2, Jul 31 2008, 18:51:48) [GCC 4.2.3 (Ubuntu 4.2.3-2ubuntu7)] * PIL 1.1.6 Running on ubuntu server. I am using the port specified in zope.conf Any pointers would be gratefully received :) Thanks! You need to restart Zope after creating the 'access' file. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software Excellence by Designhttp://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFKvBXb+gerLs4ltQ4RAtCHAJ93y1malQmP9XVGWPnTFL3o0/5NygCfUF1i VnvBMKbnltONSumUYjNRT7c= =DRxO -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] lost zope password - resolved
Hi all Just an update. Zope wasn't getting restarted by ../bin/instance restart .but about an hour ago I tried manually killing all the zope processes and then starting zope..and all is good now :) Thanks to those who emailed. -- Jel ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Password expiration
Hello, "Out of the box", is Zope able to do password-expiration ? Or do I needan authentication product to do this ? Will this external product be able to effectpassword expirationon existing acl_user folder users ? Regards, Danny ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Password expiration
--On 15. November 2006 11:11:53 +0800 Sinang, Danny [EMAIL PROTECTED] wrote: Hello, Out of the box, is Zope able to do password-expiration ? No -aj pgp0gIxrDues4.pgp Description: PGP signature ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Password expiration
zope by it self can not do such an expiration. there is a product for plone cmfmeber (now in transition to become obsolete and replaced by membrane) that treats a user like some portal content that can be controlled by a workflow, expiration date and so on. I do not know whet the state of membrane is. robert Sinang, Danny wrote: Hello, Out of the box, is Zope able to do password-expiration ? Or do I need an authentication product to do this ? Will this external product be able to effect password expiration on existing acl_user folder users ? Regards, Danny ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev ) begin:vcard fn:robert rottermann n:rottermann;robert email;internet:[EMAIL PROTECTED] tel;work:031 333 10 20 tel;fax:031 333 10 23 tel;home:031 333 36 03 x-mozilla-html:FALSE version:2.1 end:vcard ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Password Protection
This may be a really simple thing to do (but I'm a bit stuck and searched the web but found no answers). I have a Plone site working great. I have a folder which I wish to password protect (and all of the data in the folder). Thing is, I want to use our LDAP server for authentication. I have the site setup as normal with an ACL_users folder. I then have a folder called protected. In this folder I have added a LDAPUserFolder object and linked it with our main LDAP server. Question is, how do I use this LDAPUserFolder to provide authentication for the Protected folder? Thanks begin:vcard fn:Phil Beardmore n:Beardmore;Phil org:University of Sunderland;Sunderland Business School email;internet:[EMAIL PROTECTED] title:Senior IT/Network Technician tel;work:0191 515 3436 tel;cell:07766805820 version:2.1 end:vcard ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Password Protection
On May 6, 2005, at 12:08 , Phil Beardmore wrote: This may be a really simple thing to do (but I'm a bit stuck and searched the web but found no answers). I have a Plone site working great. I have a folder which I wish to password protect (and all of the data in the folder). Thing is, I want to use our LDAP server for authentication. I have the site setup as normal with an ACL_users folder. I then have a folder called protected. In this folder I have added a LDAPUserFolder object and linked it with our main LDAP server. Question is, how do I use this LDAPUserFolder to provide authentication for the Protected folder? ??? There is nothing you set up to make Zope use a user folder. It will automatically be consulted. jens ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Password Protection
On 06.Mai 2005 - 12:44:24, Jens Vagelpohl wrote: On May 6, 2005, at 12:08 , Phil Beardmore wrote: This may be a really simple thing to do (but I'm a bit stuck and searched the web but found no answers). I have a Plone site working great. I have a folder which I wish to password protect (and all of the data in the folder). Thing is, I want to use our LDAP server for authentication. I have the site setup as normal with an ACL_users folder. I then have a folder called protected. In this folder I have added a LDAPUserFolder object and linked it with our main LDAP server. Question is, how do I use this LDAPUserFolder to provide authentication for the Protected folder? ??? There is nothing you set up to make Zope use a user folder. It will automatically be consulted. As long as the object has an id of acl_users. Andreas -- You will be given a post of trust and responsibility. ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Password Protection
+---[ Andreas Pakulat ]-- | On 06.Mai 2005 - 12:44:24, Jens Vagelpohl wrote: | | On May 6, 2005, at 12:08 , Phil Beardmore wrote: | | This may be a really simple thing to do (but I'm a bit stuck and searched | the web but found no answers). I have a Plone site working great. I have a | folder which I wish to password protect (and all of the data in the folder). | Thing is, I want to use our LDAP server for authentication. I have the site | setup as normal with an ACL_users folder. I then have a folder called | protected. In this folder I have added a LDAPUserFolder object and linked | it with our main LDAP server. Question is, how do I use this LDAPUserFolder | to provide authentication for the Protected folder? | | ??? | | There is nothing you set up to make Zope use a user folder. It will | automatically be consulted. | | As long as the object has an id of acl_users. And the containing folder has __allow_groups__ attribute set to that user folder. In fact you can call your user folder anything, as long as this attribute is set to be the instance.. -- Andrew Milton [EMAIL PROTECTED] ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Password Protection
On May 6, 2005, at 1:24 , Andreas Pakulat wrote: There is nothing you set up to make Zope use a user folder. It will automatically be consulted. As long as the object has an id of acl_users. Umh, no. First of all, all user folders have that ID. If not, they are not user folders. Secondly, the ID is not used to hook into the authentication mechanism. It has nothing to do with it really. jens ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Password Protection
On May 6, 2005, at 1:26 , Andrew Milton wrote: | There is nothing you set up to make Zope use a user folder. It will | automatically be consulted. | | As long as the object has an id of acl_users. And the containing folder has __allow_groups__ attribute set to that user folder. In fact you can call your user folder anything, as long as this attribute is set to be the instance.. Exactly. jens ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Password Protection
On May 6, 2005, at 2:23 , Phil Beardmore wrote: Hi Guys, still cant get it to work. Is it okay to have multiple ACL_users folders? Basdically I want to grant access to Folder A to all users in one tree of our LDAP server, then grant access to Folder B to all users in another Tree. I can get the folder to be password protected, so they need to login to access the pages, but it always seems to use the acl_users folder at the root of the site. It is perfectly OK to have several user folders. The closest one looking towards the root of the ZODB will be used when accessing a resource, and if it cannot resolve the credentials the next one up is consulted, until you reach the root user folder. The fact that authentications falls through to the root user folder makes me thing the LDAPUserFolder instance is misconfigured. jens ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Confusing posts (was Re: [Zope] password)
Jonathan Desp wrote: Hi, the program zpasswd prompt. ... Filename is not option, and should be the name of the file to store the information in. ... What I should write in this source code from zpasswd ? -- What is your question, now? Generally, you should not write anything in the source code to zpasswd.py, unless you want to change how it works. But you know that, don't you. Jonathan, it happens often on the list that someone posts confusing questions, where people scratch their head for some time trying to figure out what the person's problem might be. This is rather inefficient, as the person does not get the answer they want, or get an answer that does not fit their problem (as the answering person did not understand it). Unfortunately, your posts fall rather often in this category. I would recommend that, when asking a question to the list, to - take time describing your problem clearly, assuming the reader knows Zope but not your application; - make clear what you want to achieve; - make clear if you either have a question how to do something, or if anything does not work as you expected; - wait at least one hour and re-read your post to verify that it is fully understandable before actually posting it; - if at all possible, have some other person read your post and ask them to rephrase your question back to you, i.e., make sure that they get your real question from your post. More work? For you, initially yes. For all together? No, a lot less. For you untilk you get an answer? Probably not, as you are much more likely to get an answer to your problem, without several exchanges back and forth. In any case, it is making better use of the time of people wanting to help you, and prevents them from just adding you to their kill file (as I was very nearly to do at some time). And it is likely to give you a better standing in the Zope community. This is not to say that I am perfect in that respect - even after some fourteen years on mailing lists I still manage to send out posts that I find less than perfect upon reading them when they come back from the listserver. But one must always strive for the best :-) Cheera, Jan ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] password
Hi Jonathan, Try this from the console: python zpasswd.py --username="superuser" --password="TheNewPassword" "access" This is documented in the Zope installation files. Note that doing it this way, the command line will be stored in the command line buffer file on your system, which may be a security issue. HTH, Eric. // -Original Message- // From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of // Jonathan Desp // Sent: Saturday, July 29, 2000 3:21 PM // To: [EMAIL PROTECTED] // Cc: zope zope zope // Subject: [Zope] password // // // Hi, // // the program zpasswd prompt. // // they said: snip ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] password
"Eric L. Walstad" wrote: Hi Jonathan, Try this from the console: python zpasswd.py --username="superuser" --password="TheNewPassword" "access" This is documented in the Zope installation files. Note that doing it this way, the command line will be stored in the command line buffer file on your system, which may be a security issue. To avoid this you could do: $ python zpasswd.py access And just answer the prompts ;) -- Do not meddle in the affairs of sysadmins, for they are easy to annoy, and have the root password. ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
[Zope] password
Hi,
the program zpasswd prompt.
they said:
If this program is called without command-line options, it will prompt
for all necessary information. The available options are:
-u / --username=
Set the username to be used for the superuser
-p / --password=
Set the password
-e / --encoding=
Set the encryption/encoding rules. Defaults to SHA-1. OPTIONAL
-d / --domains=
Set the domain names that the user user can log in from. Defaults to
any. OPTIONAL.
Filename is not option, and should be the name of the file to store the
information in.
__
What I should write in this source code from zpasswd ? --
"""Zope password change system"""
__version__='$Revision: 1.8 $ '[11:-2]
import sys, string, sha, binascii, whrandom, getopt, getpass, os
try:
from crypt import crypt
except ImportError:
crypt = None
def generate_salt():
"""Generate a salt value for the crypt function."""
salt_choices = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
"abcdefghijklmnopqrstuvwxyz" \
"0123456789./"
return whrandom.choice(salt_choices)+whrandom.choice(salt_choices)
def generate_passwd(password, encoding):
encoding=string.upper(encoding)
if encoding == 'SHA':
pw = '{SHA}' + binascii.b2a_base64(sha.new(password).digest())[:-1]
elif encoding == 'CRYPT':
pw = '{CRYPT}' + crypt(password, generate_salt())
elif encoding == 'CLEARTEXT':
pw = password
return pw
def write_access(home, user='', group=''):
import whrandom
pw_choices = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
"abcdefghijklmnopqrstuvwxyz" \
"0123456789!"
ac_path=os.path.join(home, 'access')
if not os.path.exists(ac_path):
print '-'*78
print 'creating default access file'
acfile=open(ac_path, 'w')
pw = ''
for i in range(8):
pw = pw + whrandom.choice(pw_choices)
acfile.write('superuser:' + generate_passwd(pw, 'SHA'))
acfile.close()
os.system('chmod 644 access')
print """Note:
The super user name and password are 'superuser'
and '%s'.
You can change the superuser name and password with the
zpasswd script. To find out more, type:
%s zpasswd.py
""" % (pw, sys.executable)
import do; do.ch(ac_path, user, group)
def main(argv):
short_options = ':u:p:e:d:'
long_options = ['username=',
'password=',
'encoding=',
'domains=']
usage = """%s [options] filename
If this program is called without command-line options, it will prompt
for all necessary information. The available options are:
-u / --username=
Set the username to be used for the superuser
-p / --password=
Set the password
-e / --encoding=
Set the encryption/encoding rules. Defaults to SHA-1. OPTIONAL
-d / --domains=
Set the domain names that the user user can log in from. Defaults to
any. OPTIONAL.
Filename is not option, and should be the name of the file to store the
information in.
Copyright (C) 1999 Digital Creations, Inc.
""" % argv[0]
try:
if len(argv) 2:
raise "CommandLineError"
optlist, args = getopt.getopt(sys.argv[1:], short_options,
long_options)
if len(args) != 1:
raise "CommandLineError"
access_file = open(args[0], 'w')
if len(optlist) 0:
# Set the sane defaults
username = 'superuser'
encoding = 'SHA'
domains = ''
for opt in optlist:
if (opt[0] == '-u') or (opt[0] == '--username'):
username = opt[1]
elif (opt[0] == '-p') or (opt[0] == '--password'):
password = opt[1]
elif (opt[0] == '-e') or (opt[0] == '--encoding'):
encoding = opt[1]
elif (opt[0] == '-d') or (opt[0] == '--domains'):
domains = ":" + opt[1]
# Verify that we got what we need
if not username or not password:
raise "CommandLineError"
access_file.write(username + ':' +
generate_passwd(password, encoding) +
domains)
else:
# Run through the prompts
while 1:
username = raw_input("Username: ")
if username != '':
break
while 1:
password = getpass.getpass("Password: ")
verify = getpass.getpass("Vefify password: ")
if verify ==
