Changes for page Security

Last modified by Vincent Massol on 2023/11/07
<
From version < 1.5 >
edited by Sergiu Dumitriu
on 2007/03/16
To version < 1.7 >
edited by Vincent Massol
on 2007/05/20
>
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.sdumitriu
1 +XWiki.VincentMassol
Content
... ... @@ -13,7 +13,7 @@
13 13  
14 14  By default, this account is disabled. To enable it, you have to edit <tt>&lt;xwiki-dir&gt;/WEB-INF/xwiki.cfg</tt>, uncomment the <tt>xwiki.superadminpassword=system</tt> line and set a proper password. To disable it, just comment this line. Remember to restart the servlet container after changing <tt>xwiki.cfg</tt>.
15 15  
16 -#info("Using this superadmin account is useful when you cannot log in anymore, for example when you forgot your admin user password or if you messed up the rights.")
16 +#info("Using this superadmin account is useful when you cannot log in anymore, for example when you forgot your admin user password, if you messed up some rights or if you have deleted your admin user by mistake.")
17 17  
18 18  1.1 Cookie Encryption Keys
19 19  
XWiki.XWikiComments[0]
Comment
... ... @@ -1,0 +1,1 @@
1 +You shouldn't store the username and password in the cookie itself. Keep that information on the server side, hidden behind a randomly generated number. Ie. use it as the primary key in a databasetable. The random number is then stored in the users cookie. It's much safer and it does not require secrets.
Date
... ... @@ -1,0 +1,1 @@
1 +2007-05-20 13:10:10.50
Author
... ... @@ -1,0 +1,1 @@
1 +XWiki.Jersin

About

About

Support

Platform

User Guide

Admin Guide

Developer Guide

Projects

XWiki

Extensions

Other

Contribute

Status

Practices

Under the Hood

Get Involved

Get Connected