Documentation for CQ 5.2 WCM
Prev  Next
Homepage > CQ5 WCM System Administrator Guide > Security Checklist

Security Checklist

This section deals with various steps you should take to ensure that your CQ5 installation is secure.

Change Default Passwords

Contents

Changing the CQ admin password
Changing the admin password for CQSE
Changing the admin password for the Apache Felix Web Management Console

Day strongly recommends that you change the passwords for the following (privileged) admin accounts (on all instances) after installation:

  1. The CQ admin account.

    [Important]Important

    The CQ admin account and the CRX admin accounts are actually one and the same. So once you have changed the password for the “CQ admin” account, you will need to use the new password when accessing CRX.

    [Important]Important

    To change the password for the CQ / CRX admin account, you need to make changes in both CRX and the OSGi Console. See the section called “Changing the CQ admin password in the CRX console” and the section called “Changing the CQ admin password in the OSGi Apache Felix console”.

  2. The CQSE (Communiqué Servlet Engine) admin account.

  3. The Apache Felix Web Management Console admin password.

[Note]Note

Further actions are described in the table the section called “Default Users and Groups”, which gives an overview of the default users and groups included in the standard installation.

Changing the CQ admin password

To change the password for the CQ admin account, you need to make changes in both CRX and the OSGi Console.

Changing the CQ admin password in the CRX console

To change the admin account in the CRX console:

  1. Navigate to http://<server>:<port_number>/crx to open the CRX console.

  2. Log in as admin to the crx.system workspace.

  3. Open the Content Explorer and navigate to the admin user and select it.

  4. In the Security menu, select Set User Password. A Set User Password window opens.

  5. Enter the new password and re-enter to confirm and click OK to save your changes.

    [Note]Note

    The new password is instantly persisted in the repository, a dedicated click on Save All is not required.

Changing the CQ admin password in the OSGi Apache Felix console

To change the admin account in the OSGi Apache Felix console:

  1. Navigate to http://<server>:<port_number>/system/console/configMgr, and login as admin, to open Configurations in the Apache Felix console.

  2. In the Configurations menu, select CRX Sling Client Repository.

  3. In the Admin password field, change the password to match the one you entered in the CRX console.

  4. Click Save to save your changes.

Changing the admin password for CQSE

To change the admin account in the CQSE console:

  1. Navigate to http://<server>:<port_number>/admin to open the CRX console.

  2. Log in as admin (the default password is admin).

  3. Select the Change Password tab:

  4. Enter the Old Password, your New Password, then Confirm the new password.

  5. Click Change to save the new password.

Changing the admin password for the Apache Felix Web Management Console

To change the admin account in the OSGi Apache Felix console:

  1. Navigate to http://<server>:<port_number>/system/console/configMgr, and login as admin, to open Configurations in the Apache Felix console.

  2. In the Configurations menu, select Apache Felix OSGi Management Console.

  3. In the Password field, change the password.

  4. Click Save to save your changes.

Prev   Next
Checklists Home Disable WebDAV
Copyright 1993-2009 Day Management AG | CQ 5.2 WCM