This article covers a Bloomreach Experience Manager version 11. There's an updated version available that covers our most recent release.

Users

User Configuration

Users are stored in the repository as children of the node /hippo:configuration/hippo:users.

Structure

+ hippo:configuration
    + hippo:users
        + admin [hipposys:user]
            - hipposys:securityprovider = internal
            - hipposys:password = secret
            - hipposys:active = true
        + myuser [hipposys:user]
            - hipposys:securityprovider = internal
            - hipposys:password = secret
            - hipposys:active = true
            - hipposys:firstname = John
            - hipposys:lastname = Doe
            - hipposys:email = [email protected]
            

hipposys:user

Name

Type

Required

Description

node name

String

yes

The username

hipposys:securityprovider String yes default 'internal'. Mandatory property indicating which security provider to use.

hipposys:active

Boolean

yes

Can be used to (temporary) disable the user.A user MUST have hipposys:active set to true to be able to login.

hipposys:system

Boolean

no

Can be used to indicate that the user is a system user.

hipposys:password

String

no

The hipposys:password can be stored in plain text or with a hash. A hash has the following form:

$<hash alogrith>$<salt>$<hash>

For example the password "admin" could result in the following hash:

$SHA-256$HIlytXwnqSU=$NqCi2sJoM4qAwQ8136GYueUVA/TSyidpAI3Evn+y/hc=

The hashing alogrithm can be any alogrith supported by MessageDigest like MD5, SHA-1 and SHA-256. The password utility class " PasswordHelper" can be used to generate hashes with the static method PasswordHelper.getHash(String password).

hipposys:passkey String no

Since 10.0 :  hipposys:passkey is in general not present, but in case it is present and its value is 'jvm://' , the user can be accessed as a JVM enabled user. Typically the HST site users are JVM enabled.

hipposys:firstname

String

no

user's first name

hipposys:lastname

String

no

user's last name

hipposys:email

String

no

user's email

 

 

Did you find this page helpful?
How could this documentation serve you better?
On this page
    Did you find this page helpful?
    How could this documentation serve you better?