Bug 841970

Summary: After installing the Wordpress 'instant app' via the web console, the admin username/password combination doesn't work
Product: OKD Reporter: Nam Duong <nduong>
Component: TemplatesAssignee: Ram Ranganathan <ramr>
Status: CLOSED DUPLICATE QA Contact: libra bugs <libra-bugs>
Severity: high Docs Contact:
Priority: unspecified    
Version: 2.xCC: dmcphers, jofernan, mfisher, xtian
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-07-21 00:46:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Nam Duong 2012-07-20 17:38:24 UTC 
Description of problem:
This was reported by a user on our mailing list.

Installing the Wordpress instant app via the web console outputs the following creds:
---
Your application contains pre-configured accounts, here are their credentials. You may want to change them as soon as possible.

USERNAME: Admin
PASSWORD: OpenShiftAdmin
---

Seems those creds don't work.  The user was directed to change the password via sql.
Comment 1 Nam Duong 2012-07-20 23:41:47 UTC 
Digging through the github repo, it was due to a bug fix:
https://github.com/openshift/wordpress-example/commit/07904f338de9debf07d16361f2d8496cf3397d50

https://bugzilla.redhat.com/show_bug.cgi?id=837488:
---
Description of problem:

The Wordpress cartridge sets a default admin password and sets the admin email address to "admin" (or something like that, I forgot to write it down exactly).

We could hit two birds with one stone: set a random admin password and also set the admin email address to the users email address (that they registered with OpenShift).

e.g.:

UPDATE `wp34`.`wp_users` SET `user_email` = 'kseifried' WHERE `wp_users`.`ID` =1;

this means that the user would then simply go to login and execute password recovery. We wouldn't need to communicate the initial password to the user either since they simply reset it. This would be both more secure, and easier for users.
---

Randomizing the admin email address and password effectively keeps the user from logging in unless they set the admin user email address, then use the password reset functionality; or simply set the admin user password.
Comment 2 Ram Ranganathan 2012-07-21 00:46:45 UTC 
Closing this out as the issue is fixed -- the wordpress sample has been rolled back.
Comment 3 Xiaoli Tian 2012-07-23 03:53:11 UTC 

*** This bug has been marked as a duplicate of bug 841725 ***