talk@lists.collectionspace.org
WE HAVE SUNSET THIS LISTSERV - Join us at collectionspace@lyrasislists.org
View all threadspassword change problem for Admin account v5.2
Hi, I've been working with a sandbox of v5.2 to master the procedure for changing the Admin password. I can repeatedly show that changing the PW locks me out! (I get the CSID as instructed.) You can see in the response that it returns a 200, but in the log it says "Put request failed". Unfortunately it mangles the original password. I'm not sure what the value in the password element in the log is.
Here is the xml:
<ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account">
<userId>admin@core.collectionspace.org</userId>
<password>d2lsbGl3b2xmMjAyMAo=</password>
</ns2:accounts_common>
Here is the curl:
curl -X PUT http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc -i -u admin@core.collectionspace.org:Administrator -H "Content-Type: application/xml" -T my_password_update_admin.xml
Here is the curl response:
HTTP/1.1 100
HTTP/1.1 200
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Type: application/xml
Content-Length: 545
Date: Sun, 26 Apr 2020 16:36:43 GMT
Here is the cspace-services.log
2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.common.SecurityResourceBase:151] updateRole with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.AccountResource:480] PUT request failed: org.collectionspace.services.account.AccountResource for org.collectionspace.services.account.AccountResource with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.AccountValidatorHandler:80] validate() action=UPDATE
2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.csidp.UserStorageClient:117] updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:user xmlns:ns2="http://collectionspace.org/services/authentication">
<username>admin@core.collectionspace.org</username>
<passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd>
<createdAt>2020-04-16T14:12:18.123Z</createdAt>
<updatedAt>2020-04-26T16:36:43.039Z</updatedAt>
</ns2:user>
(BTW the doc here shows both POST and PUT ; POST does not work at all)
https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account
thanks-Willi Wolf
William,
Within the next few days, I'll set aside some time and try to reproduce
your issue. Definitely seems like there is at least a documentation issue.
-Richard
On Sun, Apr 26, 2020 at 6:08 PM William Wolf ww@williwolf.net wrote:
Hi, I’ve been working with a sandbox of v5.2 to master the procedure for
changing the Admin password. I can repeatedly show that changing the PW
locks me out! (I get the CSID as instructed.) You can see in the response
that it returns a 200, but in the log it says “Put request failed”.
Unfortunately it mangles the original password. I’m not sure what the
value in the password element in the log is.
Here is the xml:
<ns2:accounts_common xmlns:ns2="
http://collectionspace.org/services/account">
<userId>admin@core.collectionspace.org</userId>
<password>d2lsbGl3b2xmMjAyMAo=</password>
</ns2:accounts_common>
Here is the curl:
curl -X PUT
http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
-i -u admin@core.collectionspace.org:Administrator -H "Content-Type:
application/xml" -T my_password_update_admin.xml
Here is the curl response:
HTTP/1.1 100
HTTP/1.1 200
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Type: application/xml
Content-Length: 545
Date: Sun, 26 Apr 2020 16:36:43 GMT
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account" xmlns:ns3="
http://collectionspace.org/services/jaxb"
csid="3fb2d91f-a7f4-46e4-b713a5f8695cc8bc"><screenName>Administrator</screenName><email>
admin@core.collectionspace.org</email><userId>
admin@core.collectionspace.org
</userId><status>active</status><metadataProtection>immutable</metadataProtection><rolesProtection>immutable</rolesProtection><createdAt>2020-04-16T14:12:18.125Z</createdAt></ns2:accounts_common>root@ah_pw_test
:~#
Here is the cspace-services.log
2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9]
[org.collectionspace.services.common.SecurityResourceBase:151] updateRole
with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9]
[org.collectionspace.services.account.AccountResource:480] PUT request
failed: org.collectionspace.services.account.AccountResource for
org.collectionspace.services.account.AccountResource with
csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9]
[org.collectionspace.services.account.storage.AccountValidatorHandler:80]
validate() action=UPDATE
2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9]
[org.collectionspace.services.account.storage.csidp.UserStorageClient:117]
updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:user xmlns:ns2="http://collectionspace.org/services/authentication">
<username>admin@core.collectionspace.org</username>
<passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd>
<createdAt>2020-04-16T14:12:18.123Z</createdAt>
<updatedAt>2020-04-26T16:36:43.039Z</updatedAt>
</ns2:user>
(BTW the doc here shows both POST and PUT ; POST does not work at all)
thanks—Willi Wolf
Talk mailing list
Talk@lists.collectionspace.org
http://lists.collectionspace.org/mailman/listinfo/talk_lists.collectionspace.org
Hi Willi,
I've corrected the documentation on changing the admin password. The problem was with the command:
echo 'This is the password' | base64
It should have said:
echo -n 'This is the password' | base64
(The echo command normally adds a newline to the text; -n suppresses it.)
Ray
��
Ray Lee
CollectionSpace Senior Developer
LYRASIS
ray.lee@lyrasis.org
From: Talk talk-bounces@lists.collectionspace.org on behalf of William Wolf ww@williwolf.net
Sent: Sunday, April 26, 2020 9:07 PM
To: talk@lists.collectionspace.org
Subject: [Talk] password change problem for Admin account v5.2
Hi, I��ve been working with a sandbox of v5.2 to master the procedure for changing the Admin password. I can repeatedly show that changing the PW locks me out! (I get the CSID as instructed.) You can see in the response that it returns a 200, but in the log it says ��Put request failed��. Unfortunately it mangles the original password. I��m not sure what the value in the password element in the log is.
Here is the xml:
<ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account">
<userId>admin@core.collectionspace.org</userId>
<password>d2lsbGl3b2xmMjAyMAo=</password>
</ns2:accounts_common>
Here is the curl:
curl -X PUT http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc -i -u admin@core.collectionspace.org:Administrator -H "Content-Type: application/xml" -T my_password_update_admin.xml
Here is the curl response:
HTTP/1.1 100
HTTP/1.1 200
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Type: application/xml
Content-Length: 545
Date: Sun, 26 Apr 2020 16:36:43 GMT
Here is the cspace-services.log
2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.common.SecurityResourceBase:151] updateRole with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.AccountResource:480] PUT request failed: org.collectionspace.services.account.AccountResource for org.collectionspace.services.account.AccountResource with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.AccountValidatorHandler:80] validate() action=UPDATE
2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.csidp.UserStorageClient:117] updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:user xmlns:ns2="http://collectionspace.org/services/authentication">
<username>admin@core.collectionspace.org</username>
<passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd>
<createdAt>2020-04-16T14:12:18.123Z</createdAt>
<updatedAt>2020-04-26T16:36:43.039Z</updatedAt>
</ns2:user>
(BTW the doc here shows both POST and PUT ; POST does not work at all)
https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account
thanks�XWilli Wolf
Thank you Ray, I'll try this and report results. Willi
-----Original Message-----
From: Ray Lee ray.lee@lyrasis.org
Sent: Monday, May 11, 2020 21:41
To: William Wolf ww@williwolf.net; talk@lists.collectionspace.org
Subject: Re: password change problem for Admin account v5.2
Hi Willi,
I've corrected the documentation on changing the admin password. The problem was with the command:
echo 'This is the password' | base64
It should have said:
echo -n 'This is the password' | base64
(The echo command normally adds a newline to the text; -n suppresses it.)
Ray
═
Ray Lee
CollectionSpace Senior Developer
LYRASIS
ray.lee@lyrasis.org
From: Talk talk-bounces@lists.collectionspace.org on behalf of William Wolf ww@williwolf.net
Sent: Sunday, April 26, 2020 9:07 PM
To: talk@lists.collectionspace.org
Subject: [Talk] password change problem for Admin account v5.2
Hi, I've been working with a sandbox of v5.2 to master the procedure for changing the Admin password. I can repeatedly show that changing the PW locks me out! (I get the CSID as instructed.) You can see in the response that it returns a 200, but in the log it says "Put request failed". Unfortunately it mangles the original password. I'm not sure what the value in the password element in the log is.
Here is the xml:
<ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account">
<userId>admin@core.collectionspace.org</userId>
<password>d2lsbGl3b2xmMjAyMAo=</password>
</ns2:accounts_common>
Here is the curl:
curl -X PUT http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc -i -u admin@core.collectionspace.org:Administrator -H "Content-Type: application/xml" -T my_password_update_admin.xml
Here is the curl response:
HTTP/1.1 100
HTTP/1.1 200
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Type: application/xml
Content-Length: 545
Date: Sun, 26 Apr 2020 16:36:43 GMT
Here is the cspace-services.log
2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.common.SecurityResourceBase:151] updateRole with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.AccountResource:480] PUT request failed: org.collectionspace.services.account.AccountResource for org.collectionspace.services.account.AccountResource with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.AccountValidatorHandler:80] validate() action=UPDATE
2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.csidp.UserStorageClient:117] updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ns2:user xmlns:ns2="http://collectionspace.org/services/authentication">
<username>admin@core.collectionspace.org</username>
<passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd>
<createdAt>2020-04-16T14:12:18.123Z</createdAt>
<updatedAt>2020-04-26T16:36:43.039Z</updatedAt>
</ns2:user>
(BTW the doc here shows both POST and PUT ; POST does not work at all) https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account
thanks-Willi Wolf