Skip to main content
M
Manoj36229141q88d
Inspiring
March 27, 2024
Question

unable to access CFMX 2023 admin console with admin credentials

  • March 27, 2024
  • 3 replies
  • 1329 views

Hello,

 

I have recently installed cfmx 2023 but however I'm unable to access the admin page using the credentials I have provided via silent install.

 

I have done two things here -->

1. It first had localhost(default I believe) in allowedAdminIPList but then I have removed it and restarted cfmx.  so, now I can see the admin page(planning to restrict through in next phase but wanted to get somewhere) . However,  when I provide the admin credentials it gives me 403

2.   later, I tried changing the admin.security.enabled from true to false. and I was  able to view the admin page without passing credentials. However, I believe thats not the right way and its a security risk. 

 

I'm not quite sure what the issue is here. can someone provide any inputs on what could be the issue?

 

Stack details:

CFMX version : 2023

OS : RHEL9

Tomcat : 9.0.86

JDK17

 

Thanks,

Manoj

    This topic has been closed for replies.

    3 replies

    BKBK
    BKBK
    Adobe Expert
    March 30, 2024

    Have you configured the connector? Just a thought.

    Charlie Arehart
    Charlie Arehart
    Adobe Expert
    March 30, 2024

    Bkbk, the connector has no bearing on the cf admin, ket alone the setting of cf admin passwords. If you're thinking of something I'm somehow not seeing, I'd appreciate hearing it. If it was just a "hail mary pass", as a last resort for Manoj to consider, I guess we'll wait to hear how things go. 

    /Charlie (troubleshooter, carehart. org)
    BKBK
    BKBK
    Adobe Expert
    April 2, 2024

    You might get a 403 error if you configured https, but launched the Administrator on http. Again, just a thought.

    Charlie Arehart
    Charlie Arehart
    Adobe Expert
    March 28, 2024

    Manoj, I can tell you've been using CF a long time, and there are some important changes to be aware of.

     

    First, starting in cf 10 Adobe added a passwordreset script (.sh or .bat) in the cfusion/bin folder, so no need to edit that xml file anymore. 🙂 For more, besides the docs, see this blog post.

     

    Second, you were using that old trick just to remove the need to login. Once you did that, did you realize you could have also CHANGED (enabled) the admin password there? It would be on the CF Admin security page. In the new look CF Admin (changed in CF2018), see the "security"/padlock icon whcih is seventh down in the navigational icons on the left, which will land you on its first section link at the top, for "administrator" (which is about these admin pw settings). The change you make there would take effect immediately. Or did that not work for you somehow?

     

    Note also that the Admin has changed in another important way: when you want to find something (in the mass of icons and links), just use the search icon at the top right, and type in what you seek. It will offer links to get there. 🙂

     

    As for why your silent install attempt to set the password failed, we'd need more info. But you may be moving on to other challenges once you get past this one.

     

    And no, nothing is different if one uses the trial or developer edition,. You refer to both in your next reply. I'll assume you meant one or the other, as is asked at the start of the install process.

     

    Finally, though less important, you'll want to note that CF was called CFMX only in CF6 and 7 (back in the early 2000's). You will help youself (in asking for help) to just drop the "MX", as Adobe did starting with CF8 as documented here. 🙂

     

    Hope all that's helpful.

    /Charlie (troubleshooter, carehart. org)
    M
    Manoj36229141q88dAuthor
    Inspiring
    March 28, 2024

    Thanks Charlie for the response.

     

    when I initially installed, I tried the password reset script that I found in the documentation which didn't work.

     

    Later I tried installing fresh on a different server and ended up with same issue. 

    However,  I also tried changing password from console(thinking my password is incorrect and may work) and unfortunately that didn't work as well. Also, I see a blank screen after submitting the changes(doesn't look like perm issues and nothing from logs unless I missing something?)

    So, looks like  the changes are not updated?

    Technically, regardless of console or cli - both doesn't work.

     

    and yeah I have just got used to cfmx . I will try to use CF2023 hereon.

    here is the silent install properties file that I have

    #Silent properties for ColdFusion 2023

INSTALLER_UI=SILENT

#Valid Values are full/trial/developer 
SILENT_LICENSE_MODE=trail

SILENT_SERIAL_NUMBER=

#Use when it is upgrade

SILENT_PREV_SERIAL_NUMBER=

#Valid values are ear/war/standalone

SILENT_INSTALLER_TYPE=war

SILENT_INSTALL_JNBRIDGE=true

#Remote administrator component for server remote start/stop
SILENT_INSTALL_ADMIN=false

SILENT_INSTALL_SOLR=true

SILENT_INSTALL_PDFG=true

SILENT_INSTALL_FOLDER=/opt/web/

SILENT_ENABLE_PROD_SECURE_PROFILE=true

SILENT_ENABLE_PROD_DEFAULT_PROFILE=false

SILENT_ENABLE_DEV_PROFILE=false

#IP addresses from which Administrator can be accessed.
SILENT_ADMIN_IP=

#IP address of the CF installed machine through which PDFG/Solr service would be accessed remotely.
SILENT_JETTY_IP=

SILENT_ADMIN_USERNAME=admin

SILENT_ADMIN_PASSWORD=${JETTY_PASSWORD} (I have given the actual password here)

SILENT_ENABLE_RDS=false

SILENT_RUNTIME_USER=

#Provide password when enable RDS is true

SILENT_RDS_PASSWORD=${JETTY_PASSWORD} (I have given the actual password here)

#username/password of remote administrator component for server remote start/stop

SILENT_JETTY_USERNAME=admin

SILENT_JETTY_PASSWORD=${JETTY_PASSWORD} (I have given the actual password here)

#Context Root for J2ee Installation

SILENT_CONTEXT_ROOT=

SILENT_AUTO_ENABLE_UPDATES=false

SILENT_PREV_CF_MIGR_DIR=/opt/web

ENABLE_RDS=false

ENABLE_WSRP=false

ENABLE_JSDEBUG=false

ENABLE_CFR=false

ENABLE_CFSWF=false

     

    I'm trying to double check everything to see if I missed anything but would appreciate your guidance. 

    Charlie Arehart
    Charlie Arehart
    Adobe Expert
    March 29, 2024

    If you say that changing the admin password in the CF Admin "doesn't work", then I WOULD think this is a "perm issue". Let's talk about that.

     

    First, I see you have no value for the silent install line for runtime_user. As such, what user would you expect CF to be running as? Have you done a top or ps (or the like) to see what user the coldfusion process is in fact running as? And does that user (whatever it is) have permissions to edit the cfusion/lib folder, and espeically the password.properties (where the password is stored, encrypted) and other neo*.xml files which get modified when one makes a change in the CF Admin? 

     

    The commandline passwordreset.sh would ALSO modify that file. When you ran that at the command line, what user were YOU running as? And what if you used sudo to prefix that? Then that would run as the root user--who should DEFINITELY have the needed permissions to change that password.properties file.

     

    Let's hear what you may find or say, before proceeding with more thoughts.

    /Charlie (troubleshooter, carehart. org)
    M
    Manoj36229141q88dAuthor
    Inspiring
    March 27, 2024

    forgot to mention that I'm using a trial developer edition

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices