Bug 841970 - After installing the Wordpress 'instant app' via the web console, the admin username/password combination doesn't work
After installing the Wordpress 'instant app' via the web console, the admin u...
Status: CLOSED DUPLICATE of bug 841725
Product: OpenShift Origin
Classification: Red Hat
Component: Templates (Show other bugs)
2.x
Unspecified Unspecified
unspecified Severity high
: ---
: ---
Assigned To: Ram Ranganathan
libra bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-07-20 13:38 EDT by Nam Duong
Modified: 2015-05-14 22:00 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-07-20 20:46:45 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Nam Duong 2012-07-20 13:38:24 EDT
Description of problem:
This was reported by a user on our mailing list.

Installing the Wordpress instant app via the web console outputs the following creds:
---
Your application contains pre-configured accounts, here are their credentials. You may want to change them as soon as possible.

USERNAME: Admin
PASSWORD: OpenShiftAdmin
---

Seems those creds don't work.  The user was directed to change the password via sql.
Comment 1 Nam Duong 2012-07-20 19:41:47 EDT
Digging through the github repo, it was due to a bug fix:
https://github.com/openshift/wordpress-example/commit/07904f338de9debf07d16361f2d8496cf3397d50

https://bugzilla.redhat.com/show_bug.cgi?id=837488:
---
Description of problem:

The Wordpress cartridge sets a default admin password and sets the admin email address to "admin@nowhere.com" (or something like that, I forgot to write it down exactly).

We could hit two birds with one stone: set a random admin password and also set the admin email address to the users email address (that they registered with OpenShift).

e.g.:

UPDATE `wp34`.`wp_users` SET `user_email` = 'kseifried@redhat.com' WHERE `wp_users`.`ID` =1;

this means that the user would then simply go to login and execute password recovery. We wouldn't need to communicate the initial password to the user either since they simply reset it. This would be both more secure, and easier for users.
---

Randomizing the admin email address and password effectively keeps the user from logging in unless they set the admin user email address, then use the password reset functionality; or simply set the admin user password.
Comment 2 Ram Ranganathan 2012-07-20 20:46:45 EDT
Closing this out as the issue is fixed -- the wordpress sample has been rolled back.
Comment 3 Xiaoli Tian 2012-07-22 23:53:11 EDT

*** This bug has been marked as a duplicate of bug 841725 ***

Note You need to log in before you can comment on or make changes to this bug.