No password asked when upgrading

Openfire Openfire Support
1

Hi !

I’'m now upgrading my Jive Messenger server to a new version and I noticed that when I start the server with the new version and I go to the web admin, the wizzard never ask me my password before completing the upgrade step. So anyone that go to that URL before me may fuck my configuration with random data. The wizzard should ask the admin password when a previous setup is detected.

I don’'t think this is very dangerous, but this may be a waste of time.

On another hand, this will be great if we don’'t have to redo the database configuration after each upgrade ;).

And thanks for this great Jabber server

2

interesting

Though i think this is rather the question about your security setup. I have setup firewall and it allows connections to AC only from my PC. Maybe upgrades could be done with network disabled (locally), though it’'s not very convinient. As about redoing of configuration, how are you upgrading your server? RPM or EXE versions shouldnt overwrite /conf/jive-messenger.xml file now. If you doing it manually (copying) make sure to backup this xml, or not to overwrite it.

3

interesting

Though i think this is rather the question about your

security setup. I have setup firewall and it allows

connections to AC only from my PC. Maybe upgrades

could be done with network disabled (locally), though

it’'s not very convinient.

Hello,

Blocking network access is not a solution. My Jive Messenger server is hosted on a remote server (and my ip is a dynamic address provided by my ISP so, I cannot add a firewall rule).

As about redoing of

configuration, how are you upgrading your server? RPM

or EXE versions shouldnt overwrite

/conf/jive-messenger.xml file now. If you doing it

manually (copying) make sure to backup this xml, or

not to overwrite it.

I’'m using the .tar.gz version (on a Debian Linux system). When I untar my archive, it override my original file. If I take a backup of my file and replace it after, I cannot proceed to the upgrade step: it says that setup is already complete.

4

I’'m using the .tar.gz version (on a Debian Linux

system). When I untar my archive, it override my

original file. If I take a backup of my file and

replace it after, I cannot proceed to the upgrade

step: it says that setup is already complete.

Havent done upgrade for a long time so i dont remember all the stuff. But i just untar it to some other location and then copy everything except /conf /logs to installation dir. And that’‘s all. In Windows i’'m upgrading to the night builds in the same manner and all is working fine. You dont have to “upgrade” something after you copy newer files.

5

Havent done upgrade for a long time so i dont

remember all the stuff. But i just untar it to some

other location and then copy everything except /conf

/logs to installation dir. And that’'s all. In Windows

i’'m upgrading to the night builds in the same manner

and all is working fine. You dont have to “upgrade”

something after you copy newer files.

There is no upgrade script to run to upgrade the database schema ?

6

There is no upgrade script to run to upgrade the

database schema ?

there was when upgrading from 2.1.x to 2.2.x as long as i remember. But after some time Gato have made this to do automaticly upon startup. What version are you upgrading?

7

I’'m using Jive Messenger since the version 2.1 I think… so I upgraded each time a new version was released.

8

There were no changes to DB since 2.2.x AFAIK, so you can just overwrite it with new version. It shouldnt complain about setup after this.