[MAGNOLIA-190] Magnolia cease to publish after superuser password change Created: 15/Nov/04 Updated: 18/Nov/04 Resolved: 18/Nov/04 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | None |
| Affects Version/s: | 2.0 Final |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major |
| Reporter: | Massimiliano Segreto | Assignee: | Sameer Charles |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Linux 2.6.3-7mdk i686 |
||
| Template: |
|
| Acceptance criteria: |
Empty
|
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
| Date of First Response: |
| Description |
|
Step to replicate the problem Start author webapp In the author instance log in as superuser 1) Add a page, publish it: It works. 2) Go to user, edit superuser, change password, save, activate superuser. log out closing the browser. 3) Login as superuser using the new password, add a page, publish the added page: It does NOT work anymore Workaround. It seems that as soon as you change the superuser pwd, the superuser account cannot publish himself and the pages because its instance on author an the one on public webapp are not in sync. To avoid the problem you must create another user account with all the privilege like superuser and publish it BEFORE the superuser pwd change. In this way you can change the pwd on superuser, log in as the "NewUserWithAllPriv" and using this user account still working you could activate the superuser account and its new password |
| Comments |
| Comment by Sameer Charles [ 18/Nov/04 ] |
|
sure, may be we should deliver more than just one superuser. |
| Comment by Massimiliano Segreto [ 18/Nov/04 ] |
|
Adding a second superuser is useful, but the most important thing IMHO is to warn about the correct superuser change pwd procedure in the install readme file. I was evaluating M2.0 with some collaborators. To do this I deployed M2.0 on a public server and the first action i did (and anyone would do) to secure M2.0 is to change the standard superuser pwd, causing the problem. |
| Comment by Sameer Charles [ 18/Nov/04 ] |
|
agree, |
| Comment by Sameer Charles [ 18/Nov/04 ] |
| Comment by Sameer Charles [ 18/Nov/04 ] |