Page tree
Skip to end of metadata
Go to start of metadata

Your Rating: Results: PatheticBadOKGoodOutstanding! 156 rates

JSP script

If you lost superuser password and are unable log in, use this procedure to reset the account back to its default settings. In case the user has been locked see Re-enabling a locked-out account instead.

  1. Stop Magnolia CMS.
  2. Copy the following JSP script and save it to your docroot folder, for example <apache-tomcat>/webapps/magnoliaAuthor/docroot/recovery-script.jsp.

    recovery-script.jsp
    <%@ page contentType="text/plain" %>
    <%@ page import="info.magnolia.importexport.BootstrapUtil"%>
    <%@ page import="info.magnolia.context.*"%>
    <%@ page import="info.magnolia.cms.util.ContentUtil"%>
    <%@ page import="info.magnolia.cms.core.HierarchyManager"%>
    <%@ page import="javax.jcr.Node"%>
    <%@ page import="javax.jcr.ImportUUIDBehavior"%>
    <%
    info.magnolia.context.MgnlContext.setInstance(new info.magnolia.context.SingleJCRSessionSystemContext());
    try{
      BootstrapUtil.bootstrap(new String[]{"/mgnl-bootstrap/core/users.system.superuser.xml"}, 
        ImportUUIDBehavior.IMPORT_UUID_COLLISION_REMOVE_EXISTING);
      HierarchyManager hm = MgnlContext.getHierarchyManager("users");
      hm.save();
      } catch (Exception e) {
      System.out.println(e);
      }
      System.out.println("finished");
    %>
    
  3. Open <apache-tomcat>/webapps/magnoliaAuthor/WEB-INF/web.xml in a text editor.

  4. Comment out the <filter> and <filter-mapping>sections.

    <!-- filter>
      <display-name>Magnolia global filters</display-name>
      <filter-name>magnoliaFilterChain</filter-name>
      <filter-class>info.magnolia.cms.filters.MgnlMainFilter</filter-class>
    </filter>
    <filter-mapping>
      <filter-name>magnoliaFilterChain</filter-name>
      <url-pattern>/*</url-pattern>
      <dispatcher>REQUEST</dispatcher>
      <dispatcher>FORWARD</dispatcher>
      <dispatcher>INCLUDE</dispatcher>
      <dispatcher>ERROR</dispatcher>
    </filter-mapping -->
    

    This will also disable the URI security filter, making your system vulnerable. Use a firewall or Apache Web Server in front of your application server to prevent unauthorized access while you do this.

  5. Save the web.xml file.
  6. Start Magnolia CMS.
  7. Request the JSP script at http://localhost:8080/magnoliaAuthor/docroot/recovery-script.jsp.
    The script will bootstrap the superuser account to default settings. You should see the following line in the log:

    WARN  info.magnolia.importexport.BootstrapUtil: 
    Deleted already existing node for bootstrapping: 
    /system/superuser
    
  8. Stop Magnolia CMS.
  9. Uncomment the <filter> and <filter-mapping> sections in the web.xml. (Undo step 4).
  10. Start Magnolia CMS.
  11. Log in as superuser with password superuser.

Alternative procedure using the Groovy Rescue App

An alternative to the above procedure is using the Groovy Rescue App.

Once set up as explained in the documentation link above, you can run the following script in the rescue app

Reset superuser with Groovy
session = MgnlContext.getJCRSession('users')
superuser = session.getNode('/system/superuser') 
superuser.pswd = info.magnolia.cms.security.SecurityUtil.getBCrypt('superuser') 
session.save()

As with the JSP script, after you run the script you need to stop the web app and uncomment the filters sections in web.xml before rebooting Magnolia (refer again to Groovy Rescue App). 



  • No labels

1 Comment

  1. Having carried out the above in 4.5, we noticed that resetting the superuser meant the account lost membership of the "publishers" group. This makes sense because the "plain" superuser is re-bootstrapped by the recovery script and the group membership is only added by the Workflow Module but it is worth noting.