Master password setup

GeoServer uses a master password used to safely store security certificates. This password can optionally be used to login as the root user.

Recommendations:

  • When integrating with an external security system such as a LDAP it is recommended to enable root user login using the master password.

Reference:

Recover master password

The master password can be written out to the filesystem:

  1. Navigate to Security > Passwords page.

  2. Click Master password forgotten link to open the Dump master password page.

    ../../_images/password_page.png

    Password page

  3. Use the Dump master password page to define a file location to export the master password:

    Filename:

    /usr/local/geoserver-live/data/master.txt

    ../../_images/filename.png

    Location to export master password

  4. Press Dump to file to write the file out.

    ../../_images/review.png

    Master passport export

  5. Use the Tools > Resource browser to select the master.txt created above:

    • Use Edit to review the contents of the file and make a note of the master password.

    • Use Delete to remove this file when finished

    ../../_images/master.png

    Review and delete exported file

Change master password

To change the master password, follow these steps:

  1. Navigate to Security > Passwords page.

  2. Click the Change password link.

    ../../_images/password_page.png

    Password page

  3. Change the master password using:

    Current password

    Current master password recorded from master.pw.info or recovered to an exported file.

    New Password

    New password definition. Master password policy requires at least eight characters.

    Confirmation

    Retype your new password

    `admin` user configuration link

    Change master password

  4. Press Change Password to set the new master password.

Enable root user login

To enable root user login:

  1. Navigate to Security > Passwords page.

  2. Locate the Master Password Providers table and select default from the list.

    ../../_images/password_provider.png

    Master password providers

  3. Update the settings:

    Allow “root” user to login as Admin

    Selected

    ../../_images/default_settings.png

    Master password settings

  4. Press Save

  5. Press Logout button at the top of the screen, and use your paster password to login as root.

    User name

    root

    Password

    Current master password recorded from master.pw.info or recovered to an exported file.

    ../../_images/root_login.png

    Login as root user