Community Wiki
Page tree
Skip to end of metadata
  • Created on 2008-02-05, last edited by Federico Grilli on 2015-07-03
Go to start of metadata

Your Rating: Results: 1 Star2 Star3 Star4 Star5 Star 138 rates
If you are unable to login to Magnolia CMS after startup and suspect the cause to be recent changes to security configurations, use the RescueSecuritySupport Java class to reset the security configurations. The procedure below will solve most common configuration problems, but does not work in all situations. This solution is suitable, for example where a typo or the inclusion of a node under the incorrect parent, is the source of the problem. It will not work if you have, for example inadvertently removed all users.

  1. Stop Magnolia CMS.

  2. Add following line to the magnolia.properties file, located at, for example <apache-tomcat>/webapps/magnoliaAuthor/WEB-INF/config/default.

    info.magnolia.cms.security.SecuritySupport=info.magnolia.cms.security.RescueSecuritySupport
  3. Start Magnolia CMS.
  4. Login using the default superuser username and password (superuser/superuser).
  5. Fix the configuration.
  6. Stop Magnolia CMS.
  7. Remove the line inserted in 2. above from the magnolia.properties file.
  8. Start Magnolia CMS.
  9. Make a backup.

4 Comments

  1. Philipp Bärfuss

    While you might expect that the superuser would get full permissions with this rescue tool he actually won't (tested 5.4.4). The superuser role is read from the roles workspace and used.

    It might be a good idea to change the returned RoleManager in a way that it gives at least permissions to security, config and website workspaces.

    1. Federico Grilli

      That sounds like a regression. I implemented and tested it (long time ago tbh) and it looked like superuser had full permissions. Will look into it.

      1. Philipp Bärfuss

        maybe I misinterpreted my debugging results. I kind got lost in the forest of classes involved in authorisation (wink), but thanks for double checking

    2. Federico Grilli

      Okay, I looked into this and found out that we actually have a different problem. The RescueUser has powers on all workspaces but the user one due to a ClassCastException
      I filed an issue   MAGNOLIA-6617 - Getting issue details... STATUS