[Glass] Changed DataCurator password and now I cannot start seaside gems
Locked
[Glass] Changed DataCurator password and now I cannot start seaside gems
 
|
Hi guys,
I modified my DataCurator password as explained in the guide: (AllUsers userWithId: 'DataCurator') password: 'xxx' . System commitTransaction
Then just in case I restarted everything. GemStone can start and I can login with topaz (with the new password). However, when I start my seaside gems as I used to do: WAFastCGIAdaptor stop.
WAGemStoneRunSeasideGems default name: 'FastCGI'; adaptorClass: WAFastCGIAdaptor;
ports: #(9001 9002 9003). WAGemStoneRunSeasideGems restartGems. They fail...in the log I read:
[Info]: Logging out at 12/05/2013 15:53:49 EST ----------------------------------------------------- GemStone: Error Fatal Login failed: the GemStone userId/password combination is invalid
or expired. Error Category: 231169 [GemStone] Number: 4051 Arg Count: 0 Context : 20 exception : 20 If I see $GEMSTONE/seaside/etc/gemstone.secret it has the old default swordfish password....
I am not supposed to change that by hand since it is read only. So...what else should I change? Thanks in advance, Mariano http://marianopeck.wordpress.com _______________________________________________ Glass mailing list [hidden email] http://lists.gemtalksystems.com/mailman/listinfo/glass |
Re: [Glass] Changed DataCurator password and now I cannot start seaside gems
|
|
/opt/gemstone/product/seaside/bin/changeSystemPassword does not help either and in fact it seems to do the equivalent to what I did... On Thu, Dec 5, 2013 at 6:13 PM, Mariano Martinez Peck <[hidden email]> wrote:
Mariano http://marianopeck.wordpress.com _______________________________________________ Glass mailing list [hidden email] http://lists.gemtalksystems.com/mailman/listinfo/glass |
Re: [Glass] Changed DataCurator password and now I cannot start seaside gems
|
|
Mariano,
The scripts that start the Seaside adaptors in a topaz session log into GS as DataCurator and use the password defined in /opt/gemstone/product/seaside/etc/gemstone.secret cheers Johan On 05 Dec 2013, at 22:21, Mariano Martinez Peck <[hidden email]> wrote: > /opt/gemstone/product/seaside/bin/changeSystemPassword does not help either and in fact it seems to do the equivalent to what I did... > > > > > On Thu, Dec 5, 2013 at 6:13 PM, Mariano Martinez Peck <[hidden email]> wrote: > Hi guys, > > I modified my DataCurator password as explained in the guide: > > (AllUsers userWithId: 'DataCurator') > password: 'xxx' . System commitTransaction > > Then just in case I restarted everything. GemStone can start and I can login with topaz (with the new password). However, when I start my seaside gems as I used to do: > > WAFastCGIAdaptor stop. > WAGemStoneRunSeasideGems default > name: 'FastCGI'; > adaptorClass: WAFastCGIAdaptor; > ports: #(9001 9002 9003). > WAGemStoneRunSeasideGems restartGems. > > They fail...in the log I read: > > [Info]: Logging out at 12/05/2013 15:53:49 EST > ----------------------------------------------------- > GemStone: Error Fatal > Login failed: the GemStone userId/password combination is invalid > or expired. > Error Category: 231169 [GemStone] Number: 4051 Arg Count: 0 Context : 20 exception : 20 > > > If I see $GEMSTONE/seaside/etc/gemstone.secret > it has the old default swordfish password.... > > I am not supposed to change that by hand since it is read only. > > So...what else should I change? > > Thanks in advance, > > > -- > Mariano > http://marianopeck.wordpress.com > > > > -- > Mariano > http://marianopeck.wordpress.com > _______________________________________________ > Glass mailing list > [hidden email] > http://lists.gemtalksystems.com/mailman/listinfo/glass _______________________________________________ Glass mailing list [hidden email] http://lists.gemtalksystems.com/mailman/listinfo/glass |
Re: [Glass] Changed DataCurator password and now I cannot start seaside gems
|
|
In reply to this post by Mariano Martinez Peck
From: "Mariano Martinez Peck" <[hidden email]>It is readOnly because you are not supposed to change it without thinking ... this is where the seaside start scripts get the password information by default, so go ahead and change the password here ..... if you want more security than that, I think you can use use LDAP (you might need 3.1.0.5 to use LDAP). I personally haven't played around with LDAP, so I'm not completely clear on how to hook it up ...
_______________________________________________ Glass mailing list [hidden email] http://lists.gemtalksystems.com/mailman/listinfo/glass |
Re: [Glass] Changed DataCurator password and now I cannot start seaside gems
|
|
On Thu, Dec 5, 2013 at 8:52 PM, Dale K. Henrichs <[hidden email]> wrote:
mmmmm I would give write permissions at least for the owner. Seeing it as read only makes me think I should not touch it and that they modified from some bash.... Also...shouldn't changeSystemPassword also modify the entry for GEMSTONE_CURATOR_PASS in $GEMSTONE/seaside/etc/gemstone.secret ?
OK...this yields to the next question I was going to ask...there is no way to choose with which GemStone user to run the seaside gems? This is related to another thread I sent "DataCurator and then own user?". Say I want to start 3 seaside gems (fastCGI) with user XXX (not DataCurator). What is the easiest way to do this?
Mariano http://marianopeck.wordpress.com _______________________________________________ Glass mailing list [hidden email] http://lists.gemtalksystems.com/mailman/listinfo/glass |
Re: [Glass] Changed DataCurator password and now I cannot start seaside gems
|
|
From: "Mariano Martinez Peck" <[hidden email]>I think when you introduce separate user gems into the equation everything get harder ... so perhaps it is worth taking a hard look at why you are going with separate gemstone users ... typically the rationale for using gemstone users is that you need to protect sensitive data from folks who have physical access to the machine, i.e., software developers should not be able to view sensitive customer data, but they should be allowed to write code and view non-sensitive information ... I think that isolating userdata via programatic discipline is a viable solution and if you can make this choice will greatly simplify your infrastructure ... Dale
_______________________________________________ Glass mailing list [hidden email] http://lists.gemtalksystems.com/mailman/listinfo/glass |
«
Return to GLASS
|
1 view|%1 views
| Free forum by Nabble | Edit this page |