Changes for page Security

Last modified by Simon Urli on 2023/12/26

From version 1.3
edited by Sergiu Dumitriu
on 2007/03/16
Change comment: There is no comment for this version
To version 1.1
edited by vmassol
on 2006/12/17
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.sdumitriu
1 +XWiki.vmassol
Content
... ... @@ -1,17 +1,5 @@
1 1  1 Security
2 2  
3 -It's important you spend some time understanding the different settings you can modify to protected your wiki.
4 -
5 -1.1 Superadmin account
6 -
7 -XWiki provides a superadmin account. It is special, because:
8 -* It is not stored in the database
9 -* It cannot be modified in any way
10 -* It always has full access, regardless of the rights settings
11 -Because it is so powerful, it is not safe to leave it enabled for a long time.
12 -
13 -By default, this account is disabled. To enable it, you have to edit <tt>&lt;xwiki-dir&gt;/WEB-INF/xwiki.cfg</tt>, uncomment the <tt>xwiki.superadminpassword=system</tt> line and set a proper password. To disable it, just comment this line. Remember to restart the servlet container after changing <tt>xwiki.cfg</tt>.
14 -
15 15  1.1 Cookie Encryption Keys
16 16  
17 17  When a user chooses to be remembered when he logs in, a cookie is saved on his machine. The cookie is encrypted so that nobody having access to it can see the username/password. This encryption is done using 2 configuration parameters located in the ~~xwiki.cfg~~ configuration file. This file is located in ~~WEB-INF/~~ in the XWiki WAR (see the [Installation>AdminGuide.Installation] for where it's installed).

Get Connected