|
Roman: "That password is just used internally, so it probably doesn't make sense to hide it."
See also https://docs.magnolia-cms.com/product-docs/Administration/Architecture/Configuration-management.html#_defining_properties:
Jackrabbit uses the default admin values of magnolia.connection.jcr.password and magnolia.connection.jcr.userId to initialize its internal admin account to access the repository. When Magnolia initializes the session, it uses the same parameters to connect to the repository to obtain the session before logging in the user.
There is no security risk with those values because they are used only internally to communicate between Magnolia and Jackrabbit and are not exposed to the outside world. With those credentials, you cannot log in to the repository via UI or externally since Magnolia keeps exclusive access to it.
Closing the ticket as Won't Do.
|