talk@lists.collectionspace.org

Targeted discussion among implementers and between implementers and the CollectionSpace development team

View all threads

password change problem for Admin account v5.2

WW
William Wolf
Mon, Apr 27, 2020 1:07 AM

Hi, I've been working with a sandbox of v5.2 to master the procedure for changing the Admin password. I can repeatedly show that changing the PW locks me out! (I get the CSID as instructed.) You can see in the response that it returns a 200, but in the log it says "Put request failed". Unfortunately it mangles the original password.  I'm not sure what the value in the password element in the log is.

Here is the xml:

<ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account">
<userId>admin@core.collectionspace.org</userId>
<password>d2lsbGl3b2xmMjAyMAo=</password>
</ns2:accounts_common>

Here is the curl:

curl -X PUT http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc -i -u admin@core.collectionspace.org:Administrator -H "Content-Type: application/xml" -T my_password_update_admin.xml

Here is the curl response:

HTTP/1.1 100
HTTP/1.1 200
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Type: application/xml
Content-Length: 545
Date: Sun, 26 Apr 2020 16:36:43 GMT

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account" xmlns:ns3="http://collectionspace.org/services/jaxb" csid="3fb2d91f-a7f4-46e4-b713a5f8695cc8bc"><screenName>Administrator</screenName><email>admin@core.collectionspace.org</email><userId>admin@core.collectionspace.org</userId><status>active</status><metadataProtection>immutable</metadataProtection><rolesProtection>immutable</rolesProtection><createdAt>2020-04-16T14:12:18.125Z</createdAt></ns2:accounts_common>root@ah_pw_test:~#

Here is the cspace-services.log

2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.common.SecurityResourceBase:151] updateRole with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.AccountResource:480] PUT request failed: org.collectionspace.services.account.AccountResource for org.collectionspace.services.account.AccountResource with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.AccountValidatorHandler:80] validate() action=UPDATE
2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.csidp.UserStorageClient:117] updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:user xmlns:ns2="http://collectionspace.org/services/authentication">
<username>admin@core.collectionspace.org</username>
<passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd>
<createdAt>2020-04-16T14:12:18.123Z</createdAt>
<updatedAt>2020-04-26T16:36:43.039Z</updatedAt>
</ns2:user>

(BTW the doc here shows both POST and PUT ; POST does not work at all)
https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account

thanks-Willi Wolf

Hi, I've been working with a sandbox of v5.2 to master the procedure for changing the Admin password. I can repeatedly show that changing the PW locks me out! (I get the CSID as instructed.) You can see in the response that it returns a 200, but in the log it says "Put request failed". Unfortunately it mangles the original password. I'm not sure what the value in the password element in the log is. Here is the xml: <ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account"> <userId>admin@core.collectionspace.org</userId> <password>d2lsbGl3b2xmMjAyMAo=</password> </ns2:accounts_common> Here is the curl: curl -X PUT http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc -i -u admin@core.collectionspace.org:Administrator -H "Content-Type: application/xml" -T my_password_update_admin.xml Here is the curl response: HTTP/1.1 100 HTTP/1.1 200 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-XSS-Protection: 1; mode=block X-Frame-Options: DENY X-Content-Type-Options: nosniff Content-Type: application/xml Content-Length: 545 Date: Sun, 26 Apr 2020 16:36:43 GMT <?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account" xmlns:ns3="http://collectionspace.org/services/jaxb" csid="3fb2d91f-a7f4-46e4-b713a5f8695cc8bc"><screenName>Administrator</screenName><email>admin@core.collectionspace.org</email><userId>admin@core.collectionspace.org</userId><status>active</status><metadataProtection>immutable</metadataProtection><rolesProtection>immutable</rolesProtection><createdAt>2020-04-16T14:12:18.125Z</createdAt></ns2:accounts_common>root@ah_pw_test:~# Here is the cspace-services.log 2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.common.SecurityResourceBase:151] updateRole with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc 2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.AccountResource:480] PUT request failed: org.collectionspace.services.account.AccountResource for org.collectionspace.services.account.AccountResource with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc 2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.AccountValidatorHandler:80] validate() action=UPDATE 2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.csidp.UserStorageClient:117] updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ns2:user xmlns:ns2="http://collectionspace.org/services/authentication"> <username>admin@core.collectionspace.org</username> <passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd> <createdAt>2020-04-16T14:12:18.123Z</createdAt> <updatedAt>2020-04-26T16:36:43.039Z</updatedAt> </ns2:user> (BTW the doc here shows both POST and PUT ; POST does not work at all) https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account thanks-Willi Wolf
RM
Richard Millet
Tue, Apr 28, 2020 4:31 PM

William,

Within the next few days, I'll set aside some time and try to reproduce
your issue.  Definitely seems like there is at least a documentation issue.

-Richard

On Sun, Apr 26, 2020 at 6:08 PM William Wolf ww@williwolf.net wrote:

Hi, I’ve been working with a sandbox of v5.2 to master the procedure for
changing the Admin password. I can repeatedly show that changing the PW
locks me out! (I get the CSID as instructed.) You can see in the response
that it returns a 200, but in the log it says “Put request failed”.
Unfortunately it mangles the original password.  I’m not sure what the
value in the password element in the log is.

Here is the xml:

<ns2:accounts_common xmlns:ns2="
http://collectionspace.org/services/account">

<userId>admin@core.collectionspace.org</userId>

<password>d2lsbGl3b2xmMjAyMAo=</password>

</ns2:accounts_common>

Here is the curl:

curl -X PUT
http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
-i -u admin@core.collectionspace.org:Administrator -H "Content-Type:
application/xml" -T my_password_update_admin.xml

Here is the curl response:

HTTP/1.1 100

HTTP/1.1 200

Cache-Control: no-cache, no-store, max-age=0, must-revalidate

Pragma: no-cache

Expires: 0

X-XSS-Protection: 1; mode=block

X-Frame-Options: DENY

X-Content-Type-Options: nosniff

Content-Type: application/xml

Content-Length: 545

Date: Sun, 26 Apr 2020 16:36:43 GMT

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns2:accounts_common xmlns:ns2="

http://collectionspace.org/services/account" xmlns:ns3="
http://collectionspace.org/services/jaxb"
csid="3fb2d91f-a7f4-46e4-b713a5f8695cc8bc"><screenName>Administrator</screenName><email>
admin@core.collectionspace.org</email><userId>
admin@core.collectionspace.org
</userId><status>active</status><metadataProtection>immutable</metadataProtection><rolesProtection>immutable</rolesProtection><createdAt>2020-04-16T14:12:18.125Z</createdAt></ns2:accounts_common>root@ah_pw_test
:~#

Here is the cspace-services.log

2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9]
[org.collectionspace.services.common.SecurityResourceBase:151] updateRole
with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc

2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9]
[org.collectionspace.services.account.AccountResource:480] PUT request
failed: org.collectionspace.services.account.AccountResource for
org.collectionspace.services.account.AccountResource with
csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc

2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9]
[org.collectionspace.services.account.storage.AccountValidatorHandler:80]
validate() action=UPDATE

2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9]
[org.collectionspace.services.account.storage.csidp.UserStorageClient:117]
updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<ns2:user xmlns:ns2="http://collectionspace.org/services/authentication">

 <username>admin@core.collectionspace.org</username>

 <passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd>

 <createdAt>2020-04-16T14:12:18.123Z</createdAt>

 <updatedAt>2020-04-26T16:36:43.039Z</updatedAt>

</ns2:user>

(BTW the doc here shows both POST and PUT ; POST does not work at all)

https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account

thanks—Willi Wolf


Talk mailing list
Talk@lists.collectionspace.org

http://lists.collectionspace.org/mailman/listinfo/talk_lists.collectionspace.org

William, Within the next few days, I'll set aside some time and try to reproduce your issue. Definitely seems like there is at least a documentation issue. -Richard On Sun, Apr 26, 2020 at 6:08 PM William Wolf <ww@williwolf.net> wrote: > Hi, I’ve been working with a sandbox of v5.2 to master the procedure for > changing the Admin password. I can repeatedly show that changing the PW > locks me out! (I get the CSID as instructed.) You can see in the response > that it returns a 200, but in the log it says “Put request failed”. > Unfortunately it mangles the original password. I’m not sure what the > value in the password element in the log is. > > > > Here is the xml: > > > > <ns2:accounts_common xmlns:ns2=" > http://collectionspace.org/services/account"> > > <userId>admin@core.collectionspace.org</userId> > > <password>d2lsbGl3b2xmMjAyMAo=</password> > > </ns2:accounts_common> > > > > Here is the curl: > > > > curl -X PUT > http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc > -i -u admin@core.collectionspace.org:Administrator -H "Content-Type: > application/xml" -T my_password_update_admin.xml > > > > Here is the curl response: > > > > HTTP/1.1 100 > > HTTP/1.1 200 > > Cache-Control: no-cache, no-store, max-age=0, must-revalidate > > Pragma: no-cache > > Expires: 0 > > X-XSS-Protection: 1; mode=block > > X-Frame-Options: DENY > > X-Content-Type-Options: nosniff > > Content-Type: application/xml > > Content-Length: 545 > > Date: Sun, 26 Apr 2020 16:36:43 GMT > > <?xml version="1.0" encoding="UTF-8" > standalone="yes"?><ns2:accounts_common xmlns:ns2=" > http://collectionspace.org/services/account" xmlns:ns3=" > http://collectionspace.org/services/jaxb" > csid="3fb2d91f-a7f4-46e4-b713a5f8695cc8bc"><screenName>Administrator</screenName><email> > admin@core.collectionspace.org</email><userId> > admin@core.collectionspace.org > </userId><status>active</status><metadataProtection>immutable</metadataProtection><rolesProtection>immutable</rolesProtection><createdAt>2020-04-16T14:12:18.125Z</createdAt></ns2:accounts_common>root@ah_pw_test > :~# > > > > Here is the cspace-services.log > > > > 2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9] > [org.collectionspace.services.common.SecurityResourceBase:151] updateRole > with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc > > 2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] > [org.collectionspace.services.account.AccountResource:480] PUT request > failed: org.collectionspace.services.account.AccountResource for > org.collectionspace.services.account.AccountResource with > csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc > > 2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] > [org.collectionspace.services.account.storage.AccountValidatorHandler:80] > validate() action=UPDATE > > 2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9] > [org.collectionspace.services.account.storage.csidp.UserStorageClient:117] > updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?> > > <ns2:user xmlns:ns2="http://collectionspace.org/services/authentication"> > > <username>admin@core.collectionspace.org</username> > > <passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd> > > <createdAt>2020-04-16T14:12:18.123Z</createdAt> > > <updatedAt>2020-04-26T16:36:43.039Z</updatedAt> > > </ns2:user> > > > > > > (BTW the doc here shows both POST and PUT ; POST does not work at all) > > > https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account > > > > thanks—Willi Wolf > _______________________________________________ > Talk mailing list > Talk@lists.collectionspace.org > > http://lists.collectionspace.org/mailman/listinfo/talk_lists.collectionspace.org >
RL
Ray Lee
Tue, May 12, 2020 4:40 AM

Hi Willi,
I've corrected the documentation on changing the admin password. The problem was with the command:

echo 'This is the password' | base64

It should have said:

echo -n 'This is the password' | base64

(The echo command normally adds a newline to the text; -n suppresses it.)

Ray

��
Ray Lee
CollectionSpace Senior Developer
LYRASIS
ray.lee@lyrasis.org


From: Talk talk-bounces@lists.collectionspace.org on behalf of William Wolf ww@williwolf.net
Sent: Sunday, April 26, 2020 9:07 PM
To: talk@lists.collectionspace.org
Subject: [Talk] password change problem for Admin account v5.2

Hi, I��ve been working with a sandbox of v5.2 to master the procedure for changing the Admin password. I can repeatedly show that changing the PW locks me out! (I get the CSID as instructed.) You can see in the response that it returns a 200, but in the log it says ��Put request failed��. Unfortunately it mangles the original password.  I��m not sure what the value in the password element in the log is.

Here is the xml:

<ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account">
<userId>admin@core.collectionspace.org</userId>
<password>d2lsbGl3b2xmMjAyMAo=</password>
</ns2:accounts_common>

Here is the curl:

curl -X PUT http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc -i -u admin@core.collectionspace.org:Administrator -H "Content-Type: application/xml" -T my_password_update_admin.xml

Here is the curl response:

HTTP/1.1 100
HTTP/1.1 200
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Type: application/xml
Content-Length: 545
Date: Sun, 26 Apr 2020 16:36:43 GMT

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account" xmlns:ns3="http://collectionspace.org/services/jaxb" csid="3fb2d91f-a7f4-46e4-b713a5f8695cc8bc"><screenName>Administrator</screenName><email>admin@core.collectionspace.org</email><userId>admin@core.collectionspace.org</userId><status>active</status><metadataProtection>immutable</metadataProtection><rolesProtection>immutable</rolesProtection><createdAt>2020-04-16T14:12:18.125Z</createdAt></ns2:accounts_common>root@ah_pw_test:~#

Here is the cspace-services.log

2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.common.SecurityResourceBase:151] updateRole with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.AccountResource:480] PUT request failed: org.collectionspace.services.account.AccountResource for org.collectionspace.services.account.AccountResource with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.AccountValidatorHandler:80] validate() action=UPDATE
2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.csidp.UserStorageClient:117] updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:user xmlns:ns2="http://collectionspace.org/services/authentication">
<username>admin@core.collectionspace.org</username>
<passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd>
<createdAt>2020-04-16T14:12:18.123Z</createdAt>
<updatedAt>2020-04-26T16:36:43.039Z</updatedAt>
</ns2:user>

(BTW the doc here shows both POST and PUT ; POST does not work at all)
https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account

thanks�XWilli Wolf

Hi Willi, I've corrected the documentation on changing the admin password. The problem was with the command: echo 'This is the password' | base64 It should have said: echo -n 'This is the password' | base64 (The echo command normally adds a newline to the text; -n suppresses it.) Ray �� Ray Lee CollectionSpace Senior Developer LYRASIS ray.lee@lyrasis.org ________________________________________ From: Talk <talk-bounces@lists.collectionspace.org> on behalf of William Wolf <ww@williwolf.net> Sent: Sunday, April 26, 2020 9:07 PM To: talk@lists.collectionspace.org Subject: [Talk] password change problem for Admin account v5.2 Hi, I��ve been working with a sandbox of v5.2 to master the procedure for changing the Admin password. I can repeatedly show that changing the PW locks me out! (I get the CSID as instructed.) You can see in the response that it returns a 200, but in the log it says ��Put request failed��. Unfortunately it mangles the original password. I��m not sure what the value in the password element in the log is. Here is the xml: <ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account"> <userId>admin@core.collectionspace.org</userId> <password>d2lsbGl3b2xmMjAyMAo=</password> </ns2:accounts_common> Here is the curl: curl -X PUT http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc -i -u admin@core.collectionspace.org:Administrator -H "Content-Type: application/xml" -T my_password_update_admin.xml Here is the curl response: HTTP/1.1 100 HTTP/1.1 200 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-XSS-Protection: 1; mode=block X-Frame-Options: DENY X-Content-Type-Options: nosniff Content-Type: application/xml Content-Length: 545 Date: Sun, 26 Apr 2020 16:36:43 GMT <?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account" xmlns:ns3="http://collectionspace.org/services/jaxb" csid="3fb2d91f-a7f4-46e4-b713a5f8695cc8bc"><screenName>Administrator</screenName><email>admin@core.collectionspace.org</email><userId>admin@core.collectionspace.org</userId><status>active</status><metadataProtection>immutable</metadataProtection><rolesProtection>immutable</rolesProtection><createdAt>2020-04-16T14:12:18.125Z</createdAt></ns2:accounts_common>root@ah_pw_test:~# Here is the cspace-services.log 2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.common.SecurityResourceBase:151] updateRole with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc 2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.AccountResource:480] PUT request failed: org.collectionspace.services.account.AccountResource for org.collectionspace.services.account.AccountResource with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc 2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.AccountValidatorHandler:80] validate() action=UPDATE 2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.csidp.UserStorageClient:117] updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ns2:user xmlns:ns2="http://collectionspace.org/services/authentication"> <username>admin@core.collectionspace.org</username> <passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd> <createdAt>2020-04-16T14:12:18.123Z</createdAt> <updatedAt>2020-04-26T16:36:43.039Z</updatedAt> </ns2:user> (BTW the doc here shows both POST and PUT ; POST does not work at all) https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account thanks�XWilli Wolf
WW
William Wolf
Tue, May 12, 2020 10:45 PM

Thank you Ray, I'll try this and report results.  Willi

-----Original Message-----
From: Ray Lee ray.lee@lyrasis.org
Sent: Monday, May 11, 2020 21:41
To: William Wolf ww@williwolf.net; talk@lists.collectionspace.org
Subject: Re: password change problem for Admin account v5.2

Hi Willi,
I've corrected the documentation on changing the admin password. The problem was with the command:

echo 'This is the password' | base64

It should have said:

echo -n 'This is the password' | base64

(The echo command normally adds a newline to the text; -n suppresses it.)

Ray


Ray Lee
CollectionSpace Senior Developer
LYRASIS
ray.lee@lyrasis.org


From: Talk talk-bounces@lists.collectionspace.org on behalf of William Wolf ww@williwolf.net
Sent: Sunday, April 26, 2020 9:07 PM
To: talk@lists.collectionspace.org
Subject: [Talk] password change problem for Admin account v5.2

Hi, I've been working with a sandbox of v5.2 to master the procedure for changing the Admin password. I can repeatedly show that changing the PW locks me out! (I get the CSID as instructed.) You can see in the response that it returns a 200, but in the log it says "Put request failed". Unfortunately it mangles the original password.  I'm not sure what the value in the password element in the log is.

Here is the xml:

<ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account">
<userId>admin@core.collectionspace.org</userId>
<password>d2lsbGl3b2xmMjAyMAo=</password>
</ns2:accounts_common>

Here is the curl:

curl -X PUT http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc -i -u admin@core.collectionspace.org:Administrator -H "Content-Type: application/xml" -T my_password_update_admin.xml

Here is the curl response:

HTTP/1.1 100
HTTP/1.1 200
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Type: application/xml
Content-Length: 545
Date: Sun, 26 Apr 2020 16:36:43 GMT

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account" xmlns:ns3="http://collectionspace.org/services/jaxb" csid="3fb2d91f-a7f4-46e4-b713a5f8695cc8bc"><screenName>Administrator</screenName><email>admin@core.collectionspace.org</email><userId>admin@core.collectionspace.org</userId><status>active</status><metadataProtection>immutable</metadataProtection><rolesProtection>immutable</rolesProtection><createdAt>2020-04-16T14:12:18.125Z</createdAt></ns2:accounts_common>root@ah_pw_test:~#

Here is the cspace-services.log

2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.common.SecurityResourceBase:151] updateRole with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.AccountResource:480] PUT request failed: org.collectionspace.services.account.AccountResource for org.collectionspace.services.account.AccountResource with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc
2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.AccountValidatorHandler:80] validate() action=UPDATE
2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.csidp.UserStorageClient:117] updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ns2:user xmlns:ns2="http://collectionspace.org/services/authentication">
<username>admin@core.collectionspace.org</username>
<passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd>
<createdAt>2020-04-16T14:12:18.123Z</createdAt>
<updatedAt>2020-04-26T16:36:43.039Z</updatedAt>
</ns2:user>

(BTW the doc here shows both POST and PUT ; POST does not work at all) https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account

thanks-Willi Wolf

Thank you Ray, I'll try this and report results. Willi -----Original Message----- From: Ray Lee <ray.lee@lyrasis.org> Sent: Monday, May 11, 2020 21:41 To: William Wolf <ww@williwolf.net>; talk@lists.collectionspace.org Subject: Re: password change problem for Admin account v5.2 Hi Willi, I've corrected the documentation on changing the admin password. The problem was with the command: echo 'This is the password' | base64 It should have said: echo -n 'This is the password' | base64 (The echo command normally adds a newline to the text; -n suppresses it.) Ray ═ Ray Lee CollectionSpace Senior Developer LYRASIS ray.lee@lyrasis.org ________________________________________ From: Talk <talk-bounces@lists.collectionspace.org> on behalf of William Wolf <ww@williwolf.net> Sent: Sunday, April 26, 2020 9:07 PM To: talk@lists.collectionspace.org Subject: [Talk] password change problem for Admin account v5.2 Hi, I've been working with a sandbox of v5.2 to master the procedure for changing the Admin password. I can repeatedly show that changing the PW locks me out! (I get the CSID as instructed.) You can see in the response that it returns a 200, but in the log it says "Put request failed". Unfortunately it mangles the original password. I'm not sure what the value in the password element in the log is. Here is the xml: <ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account"> <userId>admin@core.collectionspace.org</userId> <password>d2lsbGl3b2xmMjAyMAo=</password> </ns2:accounts_common> Here is the curl: curl -X PUT http://149.28.215.123:8180/cspace-services/accounts/3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc -i -u admin@core.collectionspace.org:Administrator -H "Content-Type: application/xml" -T my_password_update_admin.xml Here is the curl response: HTTP/1.1 100 HTTP/1.1 200 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-XSS-Protection: 1; mode=block X-Frame-Options: DENY X-Content-Type-Options: nosniff Content-Type: application/xml Content-Length: 545 Date: Sun, 26 Apr 2020 16:36:43 GMT <?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns2:accounts_common xmlns:ns2="http://collectionspace.org/services/account" xmlns:ns3="http://collectionspace.org/services/jaxb" csid="3fb2d91f-a7f4-46e4-b713a5f8695cc8bc"><screenName>Administrator</screenName><email>admin@core.collectionspace.org</email><userId>admin@core.collectionspace.org</userId><status>active</status><metadataProtection>immutable</metadataProtection><rolesProtection>immutable</rolesProtection><createdAt>2020-04-16T14:12:18.125Z</createdAt></ns2:accounts_common>root@ah_pw_test:~# Here is the cspace-services.log 2020-04-26 16:36:43,023 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.common.SecurityResourceBase:151] updateRole with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc 2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.AccountResource:480] PUT request failed: org.collectionspace.services.account.AccountResource for org.collectionspace.services.account.AccountResource with csid=3fb2d91f-a7f4-46e4-b713-a5f8695cc8bc 2020-04-26 16:36:43,029 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.AccountValidatorHandler:80] validate() action=UPDATE 2020-04-26 16:36:43,077 DEBUG [http-nio-8180-exec-9] [org.collectionspace.services.account.storage.csidp.UserStorageClient:117] updated user=<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ns2:user xmlns:ns2="http://collectionspace.org/services/authentication"> <username>admin@core.collectionspace.org</username> <passwd>CkC3rAgLfX8HvICtEsNKrBzIgvMpi4/BVR8V/U3X1HI=</passwd> <createdAt>2020-04-16T14:12:18.123Z</createdAt> <updatedAt>2020-04-26T16:36:43.039Z</updatedAt> </ns2:user> (BTW the doc here shows both POST and PUT ; POST does not work at all) https://collectionspace.atlassian.net/wiki/spaces/DOC/pages/701465706/Changing+the+Password+of+an+Immutable+Account thanks-Willi Wolf