Changes for page How to setup an XWiki docker container
Last modified by Alexandru Pentilescu on 2023/06/25 18:56
From version 46.1
edited by Alexandru Pentilescu
on 2022/06/09 23:19
on 2022/06/09 23:19
Change comment:
There is no comment for this version
To version 44.1
edited by Alexandru Pentilescu
on 2022/06/09 23:05
on 2022/06/09 23:05
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -277,16 +277,7 @@ 277 277 Please be sure to use the appropriate IP address as configured in your "docker-compose.yml" file for your xwiki service. 278 278 For more information about postfix and setting it up, please visit the "How to setup a postfix SMTP server" article in the external references section at the bottom of this article! 279 279 280 -== Modifying cookie encryption keys== 281 -XWiki has an interesting login mechanism. It doesn't use session tokens to keep track of your user account. What it does do is that it stores two session cookies in your browser: one for your username and one for your password. 282 -Every time you make a request to your server, these two session cookies are sent along with each request, effecitvely authenticating it. 283 -This might seem as a huge security problem, as the password is stored in the session cookie and it can be easily viewed by anyone with local access to the web browser's machine. 284 -To mitigate this security risk, XWiki encrypts both the username cookie's value and the password cookie's value using keys configured in a configuration file. These keys come with strong default values, by itself but, since these values are the same for everyone that downloads the docker image, are inherently public. 285 -As such, you, as the administrator, should change these encryption keys to your own, randomly generated ones. To do so, go to <your XWiki directory>/data/xwiki-data/data/ and modify the "xwiki.cfg" configuration file there. This file should have two configuration options called "xwiki.authentication.validationKey" and "xwiki.authentication.encryptionKey". Generate, from scratch, two different 32 character long encryption keys and replace the default ones with your ones. Uppercase and lowercase letters, as well as digits, are allowed. I don't believe other symbols are accepted though. 286 -Change these and restart the docker container, for the changes to apply. 287 - 288 288 = External references = 289 289 290 290 [[Official docker guide for installing XWiki>>https://github.com/xwiki/xwiki-docker/blob/master/README.md]] 291 -How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it [NOT YET WRITTEN!] 292 -How to setup a postfix SMTP server [NOT YET WRITTEN] 283 +How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it -- NOT YET WRITTEN!--