[opencms-dev] Switching the user of cmsObject/Safety

[Andy Bicksbo]

Hi

I worked on this the last days and i didn't find a possibility the get a
readble password out of an user. The Password is decoded into md5, i
think, and as far as i k´know, there isn't any possibility the retrieve a
md5 into human readable coding and there's nothing, where opencms retrieves
a password. I'm working currently on a component for opencms, where i need
to build a cmsobject with a user with admin rights, but i don't want to
write a user with it'S password into sourcecode(cmsObject.loginuser(String
username, String password)) nor to change the permissions of every file i
have to alter before doing stuff with it and afterwards. (The user, who
should initiate this component has no adminrights, so i have to switch the
user of cmsObject)

At topic:
But you can directly alter passwords in the db opencms uses(CMS_USER)
At this point, i think it#s not very save, that the db connection stuff is
written readable in the opencms.properties file

Does anybody know a solution?

Thanks for listening
Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20061019/96ab5b7c/attachment.htm>