Menu

Liferay 6.2: Reset passwords


Nobody wants to forget the passwords. But it usually happens. It is easy to reset the passwords of normal or lower level users and resetting the password of the administrators is a hard work. So, this post is going to help to reset the password of test@liferay.com (or another administrator account) in this situation.
 In this situation, you have to have administrator permission on the server which is hosting your portal and you can access the database. In this post, I will introduce to you two methods to reset the password of test@liferay.com (or another account).

Database

The simplest method is editing the records on the database directly. You must to connect database and find User_ table. Let's see the following image:
I only show some columns of Usesr_ table. Let's open your database to get more details. In this content, we only attend three columns Password_PasswordEncrypted, and PasswordReset.
Usually, user's passwords are encrypted by BCRYPT/10, MD2, MD5, PBKDF2WithHmacSHA1/160/128000, SHA, SHA-256, SHA-384, SSHA, UFC-CRYPT algorithms (open portal.properties file and find passwords.encryption.algorithm keyword). It is difficult to decrypt the encrypted passwords

Implements

  1. We change the content of Password_ column (at the line which has EmailAdress column's value is test@liferay.com) to a plain string (for examples: 123456).
  2. Changing the content of PasswordEncrypted column to 0 (or false, f depend on your database type). Liferay will not encrypt your password when you do this change. It will compare your value which is entered in a browser with the value stored in your database.
  3. Modifying the value of PasswordReset to 1 (or true, t depend on your database). The goal of this modification is the system will require a new password as soon as you sign in.
  4. Last, you have to restart your system and log in with the new password.

Using hook to reset password

This way and the previous one are the same. However, we do not modify the content in our database directly. We only deploy a war file into our portal.
The steps are:

Creating a hook project

Firstly, you create a hook plugin by: Chọn File >> New >> Other >> Liferay >> Liferay Plugin Project.
We will reset the password as soon as the startup event happens. So, we will create a hook configuration by the following steps: Right-click on your project and select New >> Other >> Liferay >> Liferay Hook Configuration.
Creating a new hook configuration
Pressing on Next button, marking on Portal properties and pressing on Next button again to reach the next window. Now, you will override the configurations in portal.properties file. To override a configuration, you have to tick the Add button in Specify properties to override sector.
At the moment, a small dialog appears:
Override a configuration of portal.properties
As you can see, we will override application.startup.events configuration with com.blogspot.chingovan.passwordchanger.PasswordChanger (this is full-path of a class which I will show in the next section). If you do not remember the name of configuration, you should click on Select... button to get its name exactly.
Press on OK button to close current dialog and Click on Finish button to complete the overriding. Now, you can see portal.properties file in the src folder. It stores the configurations which are overridden. At the same time, liferay-hook.xml will write some new lines to involve the configurations in portal.properties file.

Writing Java code

After creating the hook project. Now, we will implement a class to reset the password. As noted earlier, we will write a class named PasswordChanger in com.blogspot.chingovan.passwordchanger package.
Let's see the content of the class:

Evidently, PasswordChanger inherits SimpleAction. So, we have to implement run method clearly. This method will be called as soon as you deploy your project into the system. I will explain run method line by line:
  1. Line 18th : Creating an object of Properties class (java.util.Properties) . This object will store our configuration.
  2. Line 21rt: Loading the configurations stored in password.changer.properties file in src folder. This file container the following configurations:

    • type=e-mail, we will reset the password of a user who have a provided email address . If type equals screen name, you have to provide a nick name (screen name of a user).
    • webId=liferay.com, the id of a company. Normally, the accounts belong the default company (liferay.com).
    • virtualhost=localhost, the virtual address of the company.
    • emailaddress=test@liferay.com, the email address of account which will reset. It is test@liferay.com in this situation. If type equals screenname, this field is blank.
    • screenname=test, provide the nickname of the user. If type equals e-mail, you do not declare this configuration.
    • password=123456, this is default password after success changing. If everything fine, you will use this password for the next login.
  3. Line 22nd-23rd: reading the value of type and webId configuration.
  4. Line 24th: Getting information of company with provided webId.
  5. Line 29th-40th: Depend on the value of type configuration, we will get an account to reset.
  6. Line 43rd: Updating the password by using updatePasswordManually method in UserLocalServiceUtil. The parameters of this method are userId, password, passwordEncrypted, passwordReset, passwordModifiedDate. In fact, we will store the password by plain (passwordEncrypted=false)  and require changing the password at the next login (passwordReset=true). Explicit, this way is absolutely same the above one.
Now, you deploy your project into the portal. If the system notifies a success message, you can login portal with the new password. In another case, let's restart your portal. I prefer the second method to first one because it so easy. You just need to deploy my changepassword-hook-6.2.0.1.war file into your system.

Another situations

The two above solutions are enough to reset your password. However, in some case, you can't reach the desired results. In these exceptions, let's check the value of the status column in User_ table. You have to set the value of this column is zero and restart your portal.

Conclusions

I think you have to note the configurations of our system. However, if you lose this information, you can use my methods to reset your password quickly.
Click here to get the source code and here to download *.war file. With *.war file (Liferay version 6.2), you only copy it to deploy folder.
Good luck.

Không có nhận xét nào:

Đăng nhận xét