Changes for page Security

Last modified by Simon Urli on 2023/12/26

<
From version < 1.3 >
edited by Sergiu Dumitriu
on 2007/03/16
To version < 1.5 >
edited by Sergiu Dumitriu
on 2007/03/16
>
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -8,10 +8,13 @@
8 8  * It is not stored in the database
9 9  * It cannot be modified in any way
10 10  * It always has full access, regardless of the rights settings
11 -Because it is so powerful, it is not safe to leave it enabled for a long time.
12 12  
12 +#warning("Because it is so powerful, it is not safe to leave it enabled for a long time.")
13 +
13 13  By default, this account is disabled. To enable it, you have to edit <tt>&lt;xwiki-dir&gt;/WEB-INF/xwiki.cfg</tt>, uncomment the <tt>xwiki.superadminpassword=system</tt> line and set a proper password. To disable it, just comment this line. Remember to restart the servlet container after changing <tt>xwiki.cfg</tt>.
14 14  
16 +#info("Using this superadmin account is useful when you cannot log in anymore, for example when you forgot your admin user password or if you messed up the rights.")
17 +
15 15  1.1 Cookie Encryption Keys
16 16  
17 17  When a user chooses to be remembered when he logs in, a cookie is saved on his machine. The cookie is encrypted so that nobody having access to it can see the username/password. This encryption is done using 2 configuration parameters located in the ~~xwiki.cfg~~ configuration file. This file is located in ~~WEB-INF/~~ in the XWiki WAR (see the [Installation>AdminGuide.Installation] for where it's installed).

Get Connected