Cfconfig does not seem to set the server password

Communities CommandBox CLI
1

Hi gang.
I am in the webroot of my app.
server.json is created and defines a lucee 5.4.5.23 server with JRE of Java 11
I run box
I run server start
I run cfconfig set adminPassword=myPassword toFormat=luceeWeb
I run server restart

I CAN successfully login into web administrator

I run cfconfig set adminPassword=myPassword
I run server restart

I CANNOT successfully login into server administrator

I run cfconfig show adminPassword
I get Property [adminPassword] doesn't exist.

  • not sure if that is expected or not?

I am running the latest version of commandbox and also ran;
update --system --force
just to make sure…

Can anyone see what I am doing wrong?

2

I don’t know for certain, but I’d bet money you are specifically requesting that CFConfig set an admin password on the Lucee Web administrator and NOT the server administrator OR your .cfconfig.json.

  • If you want to set a value in the .cfconfig.json, use to=.cfconfig.json.
  • If you want to set a value in the lucee server admin, use to={server 'name' value from server.json} or to=server.json
  • Once the value is in your .cfconfig.json, you can set it in the lucee (server) administrator via cfconfig import .cfconfig.json

Finally, if you’re having trouble overriding the admin password, check for an environment variable override:

3

Yes, that’s expected. Since the admin passwords are hashed, you can’t view them in plain text. The adminPassword property only works when setting.

I would check for another place in your stack that is overriding the password, like an env var or JSON which is getting automatically applied on restart. (which was Michael’s suggestion) Start by doing a --verbose start and inspecting the output to see what things CFConfig is loading. It will tell you every file and env var it’s finding. This really should be your very first debugging step.

4

Sorry to bring this old thread back to life…
But I am having a really hard time in setting the admin password.

I am on Windows.
I am in the webroot.
I have the latest commandbox installed
I have the latest cfconfig installed
I am using lucee-light 5.4.6.9

I run box
I run server forget --all --force

I run server start
I run cfconfig set adminpassword=myPassword toFormat=luceeServer
(I get [adminpassword] set)

If I try and log in to the server admin at localhost/lucee/admin/server.cfm, I get:
No access, password is invalid
(that is to say that I don’t get the form - asking me for a password. The “proper” server.cfm does not successfully get processed - I get a yellow lucee exception error screen)

It doesn’t matter if I restart the server before trying to access the server admin - or not.
I get the same error message, regardless of combination of commands.

I also tried setting the web admin password with:
cfconfig set adminpassword=myPassword toFormat=luceeWeb
(I get [adminpassword] set)

If I try and login to the WEB admin I get:

Access is protected
to access the configuration without a password, you need to change the access to [open] in the Server Administrator

I also tried adding a password.txt file into the context directory of lucee-server
But that didn’t work either.
In that the file was never used by the server after a restart (or stop - then start).
The password.txt file is still in the context directory.
(and yes I am certain I am the right place as I used: server info property=serverHomeDirectory) to get the start of the path.

I also tried setting the password via an environment variable.
When I do this - I see during startup - commandbox stating that it found the setting and applied it.
However - I still cannot login, and I get the same error message.

Additionally;
If I forget the server,
start the server without attempting any kind of admin setting - I get the yellow Lucee exception error template. I don’t get the usual message about setting a password and the button to “import” the password.txt file either.

And when attempting to login to the server or web admin - I get the yellow exception screen then, too.

I am not sure how much it is going to help - but here is the stacktrace I get when I try to access the server admin…

lucee.runtime.exp.ExpressionException: No access, password is invalid
  at lucee.runtime.config.ConfigServerImpl.checkAccess(ConfigServerImpl.java:694)
  at lucee.runtime.config.ConfigWebImpl.getConfigServer(ConfigWebImpl.java:179)
  at lucee.runtime.tag.Admin._doStartTag(Admin.java:613)
  at lucee.runtime.tag.Admin.doStartTag(Admin.java:364)
  at web_cfm$cf.call(/admin/web.cfm:179)
  at lucee.runtime.PageContextImpl._doInclude(PageContextImpl.java:1026)
  at lucee.runtime.PageContextImpl._doInclude(PageContextImpl.java:949)
  at lucee.runtime.PageContextImpl.doInclude(PageContextImpl.java:930)
  at server_cfm$cf.call(/admin/server.cfm:2)
  at lucee.runtime.PageContextImpl._doInclude(PageContextImpl.java:1026)
  at lucee.runtime.PageContextImpl._doInclude(PageContextImpl.java:949)
  at lucee.runtime.listener.ModernAppListener._onRequest(ModernAppListener.java:219)
  at lucee.runtime.listener.ModernAppListener.onRequest(ModernAppListener.java:107)
  at lucee.runtime.PageContextImpl.execute(PageContextImpl.java:2494)
  at lucee.runtime.PageContextImpl._execute(PageContextImpl.java:2479)
  at lucee.runtime.PageContextImpl.executeCFML(PageContextImpl.java:2450)
  at lucee.runtime.engine.Request.exe(Request.java:45)
  at lucee.runtime.engine.CFMLEngineImpl._service(CFMLEngineImpl.java:1215)
  at lucee.runtime.engine.CFMLEngineImpl.serviceCFML(CFMLEngineImpl.java:1161)
  at lucee.loader.engine.CFMLEngineWrapper.serviceCFML(CFMLEngineWrapper.java:97)
  at lucee.loader.servlet.CFMLServlet.service(CFMLServlet.java:51)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
  at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
  at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
  at org.cfmlprojects.regexpathinfofilter.RegexPathInfoFilter.doFilter(RegexPathInfoFilter.java:54)
  at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:67)
  at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
  at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
  at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
  at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
  at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
  at runwar.undertow.SSLCertHeaderHandler.handleRequest(SSLCertHeaderHandler.java:161)
  at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
  at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117)
  at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
  at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
  at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
  at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
  at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
  at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
  at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
  at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
  at io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
  at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
  at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:275)
  at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:79)
  at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:134)
  at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:131)
  at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
  at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
  at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:255)
  at io.undertow.servlet.handlers.ServletInitialHandler.handleRequest(ServletInitialHandler.java:175)
  at io.undertow.server.handlers.HttpContinueReadHandler.handleRequest(HttpContinueReadHandler.java:69)
  at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
  at runwar.undertow.WelcomeFileHandler.handleRequest(WelcomeFileHandler.java:49)
  at io.undertow.server.handlers.PathHandler.handleRequest(PathHandler.java:104)
  at runwar.undertow.SiteDeployment$1.handleRequest(SiteDeployment.java:164)
  at io.undertow.predicate.PredicatesHandler.handleRequest(PredicatesHandler.java:141)
  at io.undertow.predicate.PredicatesHandler.handleRequest(PredicatesHandler.java:141)
  at io.undertow.predicate.PredicatesHandler.handleRequest(PredicatesHandler.java:113)
  at io.undertow.server.handlers.DisallowedMethodsHandler.handleRequest(DisallowedMethodsHandler.java:62)
  at io.undertow.predicate.PredicatesHandler.handleRequest(PredicatesHandler.java:113)
  at io.undertow.server.handlers.encoding.EncodingHandler.handleRequest(EncodingHandler.java:72)
  at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:52)
  at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
  at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
  at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
  at runwar.undertow.LifecyleHandler.handleRequest(LifecyleHandler.java:143)
  at runwar.undertow.SiteDeployment$4.handleRequest(SiteDeployment.java:355)
  at io.undertow.server.Connectors.executeRootHandler(Connectors.java:395)
  at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:854)
  at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
  at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:2019)
  at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1558)
  at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1449)
  at org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1282)
  at java.base/java.lang.Thread.run(Unknown Source)

Finally,
It makes no difference if I use lucee-light or the FAT version.

As always - thanks very much!

5

This is a Lucee bug. Try clearing your browser cookies

1 Like
6

Thanks @bdw429s - Appreciate the help.

All sorted, now!