Red Hat Bugzilla – Bug 973135
JPP6.0 Backward compatibility - unable to log in with an old account
Last modified: 2013-11-04 19:56:43 EST
Description of problem:
JPP6.0 Backward compatibility - unable to log in with an account from JPP6.0
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. start and stop JPP6.0
2. copy $JPP60/standalone/data/gatein to $JPP61/standalone/data
3. edit $JPP61/gatein/gatein.ear/portal.war/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-config.xml according to https://docs.jboss.org/author/display/GTNPORTAL36/Password+Encryption#PasswordEncryption-HashingEncoder :
4. start JPP6.1 and open http://$HOST:8080/portal
5. there is Set root password dialog
Set root password dialog
default page with possibility to log in
When I set root password I tried to log in as John and login failed. There all default users in Users and groups management.
It looks like that test's steps are not correct.
Copying full data/gatein (step 2) means to overwrite the JCR configuration.
I've performed the following steps to validate that we can easily import users from JPP6.0 to JPP6.1.
1.- Start JPP6.0.
2.- Create a new user in JPP6.0 (i.e. testuser/password).
3.- Stop JPP6.0.
4.- Unzip a fresh install of JPP61 ER01.1.
5.- Set up credentialEncoder as JPP6.0:
6.- Start JPP6.1.
7.- Configure root user (this will set up a JCR flag).
8.- Stop JPP6.1.
9.- Copy IDM database from JPP6.0 to JPP6.1.
10.- Start JPP6.1
11.- Validate that you can enter with your users of JPP6.0:
root/gtn (instead of root user in the setup).
Please, could you repeat this test to validate it.
I've followed steps from Lucas's comment and I can confirm it works as described in the comment.
In my opinion this step should be definitely described in migration guide.
Thank you Lucas for your comment.
Thanks Vlasta for your tests.
I'm going to close the BZ and contact with team to place a note for documentation.
I've tested also the same scenario but changing H2 by MySQL and it works without issues.
So, we will update the doc to explain the process.
An additional note:
- The only additional note is that migrating users from JPP 6.0 to JPP 6.1 only requeries to update root user password.
- JPP 6.1 has a JCR flag (that are not present in JPP 6.0) to detect if this is a new installation, and then set up the root password.
- We are discussing if this is valid or if this logic have to be change thinking on migration (the only impact is to re-set the root password, rest of user remains as in JPP 6.0).
Note added on:
So, as a summary, JPP 6.1 is fully compatible with JPP 6.0 migrating users and portal structure.
We have made tests with H2 and MySQL databases.
It's part of the process, that in the first installation of JPP 6.1, password of root user has to be updated.
Please, let us know if there is some issue or something is not working as described.