Users
User Configuration
Users are stored in the repository as children of the node /hippo:configuration/hippo:users.
Structure
/hippo:configuration: /hippo:users: /admin: jcr:primaryType: hipposys:user hipposys:securityprovider: internal hipposys:password: secret hipposys:active: true /myuser: jcr:primaryType: hipposys:user hipposys:securityprovider: internal hipposys:password: secret hipposys:active: true hipposys:firstname: John hipposys:lastname: Doe hipposys:email: [email protected]
hipposys:user
|
Name |
Type |
Required |
Description |
|---|---|---|---|
|
node name |
String |
yes |
The username |
| hipposys:securityprovider | String | yes | default 'internal'. Mandatory property indicating which security provider to use. |
|
hipposys:active |
Boolean |
yes |
Can be used to (temporary) disable the user.A user MUST have hipposys:active set to true to be able to login. |
|
hipposys:system |
Boolean |
no |
Can be used to indicate that the user is a system user. |
|
hipposys:password |
String |
no |
The hipposys:password can be stored in plain text or with a hash. A hash has the following form: $<hash alogrith>$<salt>$<hash> For example the password "admin" could result in the following hash: $SHA-256$HIlytXwnqSU=$NqCi2sJoM4qAwQ8136GYueUVA/TSyidpAI3Evn+y/hc= The hashing alogrithm can be any alogrith supported by MessageDigest like MD5, SHA-1 and SHA-256. The password utility class " PasswordHelper" can be used to generate hashes with the static method PasswordHelper.getHash(String password). |
| hipposys:passkey | String | no |
Since 10.0 : hipposys:passkey is in general not present, but in case it is present and its value is 'jvm://' , the user can be accessed as a JVM enabled user. Typically the HST site users are JVM enabled. |
|
hipposys:firstname |
String |
no |
user's first name |
|
hipposys:lastname |
String |
no |
user's last name |
|
hipposys:email |
String |
no |
user's email |