[opencms-dev] Switching the user of cmsObject/Safety

Andy Bicksbo schlachtzeuger at gmail.com
Thu Oct 19 15:55:55 CEST 2006


Hi
Thanks for quick feedback.,...this module is an admin module i have to work
on.
Andy


2006/10/19, Jonathan Woods <jonathan.woods at scintillance.com>:
>
>  If your module registers a class implementing I_CmsModuleAction in
> opencms-modules.xml, then that class will get instantiated and called on
> module initialisation time (e.g. at system start-up).  Various methods
> defined in the interface include as a parameter an instance of CmsObject,
> and I believe the OpenCms runtime calls these methods (at start-up) using a
> CmsObject which has administrative rights.  In your module's implementation
> of I_CmsModuleAction, you can store a reference to this CmsObject to be used
> later.  It doesn't feel like a neat solution, but I believe people have used
> it successfully.
>
> There's been discussion on this subject on this list in the past year -
> you might be able to find something else by searching e.g. at
> http://www.nabble.com/OpenCMS---Dev-f654.html.
>
> Jon
>
>  ------------------------------
> *From:* opencms-dev-bounces at opencms.org [mailto:
> opencms-dev-bounces at opencms.org] *On Behalf Of *Andy Bicksbo
> *Sent:* 19 October 2006 13:57
> *To:* The OpenCms mailing list
> *Subject:* [opencms-dev] Switching the user of cmsObject/Safety
>
>
>  Hi
>
> I worked on this the last days and i didn't find a possibility the get a
> readble password out of an user. The Password is decoded into md5, i
> think, and as far as i k´know, there isn't any possibility the retrieve a
> md5 into human readable coding and there's nothing, where opencms retrieves
> a password. I'm working currently on a component for opencms, where i need
> to build a cmsobject with a user with admin rights, but i don't want to
> write a user with it'S password into sourcecode( cmsObject.loginuser(String
> username, String password)) nor to change the permissions of every file i
> have to alter before doing stuff with it and afterwards. (The user, who
> should initiate this component has no adminrights, so i have to switch the
> user of cmsObject)
>
> At topic:
> But you can directly alter passwords in the db opencms uses(CMS_USER)
> At this point, i think it#s not very save, that the db connection stuff is
> written readable in the opencms.properties file
>
> Does anybody know a solution?
>
> Thanks for listening
> Andy
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20061019/3c11a7c0/attachment.htm>


More information about the opencms-dev mailing list