Friday, March 23, 2012

How to create encoded password that you can use for curl in CQ / WEM

Use Case: In Curl command most of the time you have to enter user credentials to perform CRUD operation. Some people might have security concern sharing admin password with other users.

Solution: You can use following java program to create encrypted password that you can use in curl command

import java.io.UnsupportedEncodingException;


public class Test {
public static void main(String[] args) {
String password = "admin";
try {
for (byte x : password.getBytes("UTF-8")) {
System.out.print("%" + Integer.toHexString((x & 255) + 256).substring(1));
}
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

}
}

1) Create Test.java
2) Copy paste above code
3) Run program by changing password value (Or pass it through command line arg)
4) Use output of program to use it in CURL

Special thanks to Thomas Mueller From Adobe for providing this information.

5 comments:

  1. It works only in java program , I was looking a solution to get worked in simple linux curl or curl with perl.

    --
    Sun

    ReplyDelete
  2. This obfuscates the password, it does not encrypt it.

    ReplyDelete
    Replies
    1. Thanks for comment. Yes you are right. For custom password usage you can use Crypto support in CQ5.5. Above example is just intended for internal IT use in case you don't want to share password.

      Delete