-
Notifications
You must be signed in to change notification settings - Fork 12
/
change-cq5-passwords
executable file
·181 lines (162 loc) · 5.25 KB
/
change-cq5-passwords
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
#!/bin/bash
# Copyright 2011-2012, 42 Lines, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
usage() {
cat <<EOF
Change default passwords in CQ5.4 and CQ5.5
usage: `basename $0` --newpw PASSWORD [options]
Options:
--version, -v version of CQ5: 5.4|5.5 (default: 5.5)
--host hostname for URLs (default: localhost)
--port, -p port for URLs (default: 4502)
--oldpw Old admin password (default: admin)
--newpw New password to use for all accounts
--consolepw Sling CRX client password (CQ5.4) (default: admin)
--help, -h show this help
EOF
}
initDefaults() {
HOST="localhost"
export HOST
PORT="4502"
export PORT
OLD_PWD="admin"
export OLD_PWD
CONSOLE_PWD="admin"
export CONSOLE_PWD
VERSION="5.5"
export VERSION
NEW_PWD=""
export NEW_PWD
}
startup_wait() {
# Wait for CQ5 to spin up
while [ `netstat -ntlp | grep -c $PORT` -ne 1 ]; do echo "Waiting for CQ5 to start..."; sleep 5; done
}
change_54_passwords() {
echo -n "Changing the Sling CRX client password: "
FACTORY_PID=com.day.crx.sling.client.impl.CRXSlingClientRepository
# First check our existing password
curl -s -f -u admin:$CONSOLE_PWD "http://$HOST:$PORT/system/console/configMgr/(service.factoryPid=$FACTORY_PID).json" > /dev/null
if [ $? -eq 0 ]
then
apt-get install libjson-perl curl -y >/dev/null
PID=`curl -s -u admin:$CONSOLE_PWD "http://$HOST:$PORT/system/console/configMgr/(service.factoryPid=$FACTORY_PID).json" | perl -ne 'use JSON; $j = decode_json $_; print %{$j->[0]}->{"pid"}'`
echo "Pid is $PID"
curl -s -u admin:$CONSOLE_PWD -dapply=true -dadmin.password=$NEW_PWD -dpropertylist=admin.password http://$HOST:$PORT/system/console/configMgr/$PID > /dev/null
echo "changed"
echo -n "Changing Felix Web Console admin password: "
PID=org.apache.felix.webconsole.internal.servlet.OsgiManager
curl -s -u admin:$CONSOLE_PWD -dapply=true -dadmin.password=$NEW_PWD -dpropertylist=admin.password http://$HOST:$PORT/system/console/configMgr/$PID > /dev/null
echo "changed"
else
echo "I don't have the correct console password"
fi
curl -s -f -u admin:$OLD_PWD http://localhost:4502/crx/config/cluster.jsp | grep -q 'UserID: admin'
if [ $? -eq 0 ]
then
echo "Changing cqse admin password:"
curl -s --data username="admin" --data password_old=$OLD_PWD --data password=$NEW_PWD --data password_check=$NEW_PWD --user admin:$OLD_PWD http://$HOST:$PORT/admin/passwd | grep 'Password changed'
else
echo "I don't have the correct CQSE password"
fi
echo "Changing crx admin password: "
curl -s --data plain=$NEW_PWD --data verify=$NEW_PWD --user admin:$OLD_PWD http://$HOST:$PORT/crx/ui/setpassword.jsp | grep 'Password'
}
change_55_passwords() {
# First test that we have the correct password
curl -s -f --user admin:$OLD_PWD http://$HOST:$PORT/home/users/a/admin.json | grep -q 'rep'
if [ $? -eq 0 ]
then
echo "Changing password for admin"
curl -s --user admin:$OLD_PWD -F rep:password="$NEW_PWD" http://$HOST:$PORT/home/users/a/admin.rw.html | grep 'Content'
else
echo "I don't have the correct admin password"
exit
fi
}
# Start of main program
initDefaults
while [ -n "$1" ]; do
case "$1" in
'--host')
HOST=$2
shift;;
'--port' | '-p')
PORT=$2
shift;;
'--oldpw')
OLD_PWD=$2
shift;;
'--newpw')
NEW_PWD=$2
shift;;
'--consolepw')
CONSOLE_PWD=$2
shift;;
'--version' | '-v')
VERSION=$2
shift;;
'--help' | '-h')
usage
exit ;;
*)
echo "Invalid option: $1"
usage
exit;;
esac
shift
done
if [ -z "$NEW_PWD" ]; then
echo "Must set --newpw"
exit 1
fi
case "$VERSION" in
'5.4' | '5.5')
;;
*)
echo "Invalid version $VERSION"
echo
usage
exit 1
;;
esac
echo "HOST is $HOST; PORT is $PORT"
startup_wait
case "$VERSION" in
'5.4')
change_54_passwords
;;
'5.5')
change_55_passwords
;;
esac
# May have to run this a number of times while waiting for the above
# admin password changes to propogate
echo -n "Changing password for the Author user: "
E=1
while [ $E -ne 0 ]; do
curl -s --data rep:password=$NEW_PWD --user admin:$NEW_PWD http://$HOST:$PORT/home/users/a/author | grep Status
E=$?
if [ $E -ne 0 ]; then echo -n "."; sleep 5; fi
done
echo "done"
echo -n "Changing replication agent password: "
E=1
while [ $E -ne 0 ]; do
curl -s --data transportPassword=$NEW_PWD --user admin:$NEW_PWD http://$HOST:$PORT/etc/replication/agents.author/publish/jcr:content | grep Status
E=$?
if [ $E -ne 0 ]; then echo -n "."; sleep 5; fi
done
echo