On Thu, Apr 5, 2012 at 3:55 PM, Tom Mueller <tom.mueller_at_oracle.com> wrote:
> It looks like you have the master password set to a non-default value, and
> you did not use the --save option.
>
That is correct.
> With that configuration, it is indeed impossible to start an instance (on
> any type of node) from the console. Also, the "asadmin start-instance"
> command will not work either. You would have to use asadmin
> start-local-instance, which has the ability to prompt for the master
> password.
>
OK...what are the implications here? Is this to say that if I'm putting
together some early tentative plans for GlassFish administrators I should
tell them to leave the default master password as "changeit"?
The docs mention that when you change the master password using the --save
option is deprecated:
--savemasterpassword
This option indicates whether the master password should be written to the
file system. This is necessary so that the start-domain(1) command can
start the server without having to prompt the user.
The default is false.
Caution: Saving the master password on disk is extremely insecure and
should be avoided.
(Hence when I changed the master password I didn't select this option.) So
that would seem to reduce to:
Either I can have centralized administration or a non-default master
password, but not both.
Is that accurate?
Best,
Laird
--
http://about.me/lairdnelson