hChanging users/password within Ceptor Console
In Ceptor Console, select "Security Configuration" from the menu.
Then, select a group and the user in the group - then click "Edit".
Here, enter a new password twice and click Update.
Changing directly in configuration file
The user ID's and passwords for access to Ceptor Console are by default stored in a file called
ceptor-security.xml which is located in the config directory.
This is an example of its contents:
Here, you can specify userid or password for the various accounts you want to give access to the console.
The password is prefixed with a type enclosed in curled brackets, the following types are supported:
BCrypt encrypted password
- sha or sha1
SHA-1 password has - this is considered insecure, so you should avoid it where possible
Password-Based Key Derivation Function 2
- plain or empty (no prefix)
Plain or unencrypted password
Encoded / obfuscated pasword
Tripple DES encrypted password
RSA private/public key encrypted password
AES encrypted password
See Encrypting or Obfuscating Passwords for details on how to encrypt passwords using the command-line tool.
You can also encrypt passwords, by going into the Ceptor Console and selecting "Tools" from the menu - here, you can type in the password, encrypt it and cut'n paste the corresponding encrypted/hashed version.
Note that bc, sha/sha1 and pbkdf2 are all hashed passwords - meaning they cannot be reversed/decrypted to produce the original password, where the rest of the algorithms are forms of encryption from which the original password can be recreated.
You can find more detailed information here: Ceptor Configuration Server - Access Control - also about ACLs and groups.