How to get decrypted AEM user password | Community
Skip to main content
Dinu_Arya
Level 6
October 16, 2015
Solved

How to get decrypted AEM user password

  • October 16, 2015
  • 2 replies
  • 3573 views

Hi Team,

I'm working on AEM login and sign up components. I have requirement that after sign up I have to show some message and a link"Activation Email/Resend Email". I have to login an user when he/she clicked on this link. Or I have to show his/her "Profile" when he/she clicked on these links. I can say I have to auto login the registered user.

How to login in user in CQ through email activation mail , when he/she clicked on activate my account?

We have userid and rep:password:{SHA-256}153dd7485544e927-1000-739b50f309f0fb1b7960904449092f0ccab like this in the page

Your comments are welcome.

Thanks,

AryA.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by joerghoh

Hi,

it isn't possible to decrypt the user password, as it is hashed; and it should not be possible to reverse the hashing operation.

Sorry, I don't have any good response for your requirement (maybe besides that you store the password somewhere in the browser and sent it to the webapp after having created the account successfully). I would just recommend that the user enters the password again to login (and not having the autologin feature after the account has been created).

kind regards,
Jörg

2 replies

joerghoh
Adobe Employee
joerghohAdobe EmployeeAccepted solution
Adobe Employee
October 16, 2015

Hi,

it isn't possible to decrypt the user password, as it is hashed; and it should not be possible to reverse the hashing operation.

Sorry, I don't have any good response for your requirement (maybe besides that you store the password somewhere in the browser and sent it to the webapp after having created the account successfully). I would just recommend that the user enters the password again to login (and not having the autologin feature after the account has been created).

kind regards,
Jörg

October 16, 2015

Dinu_Arya wrote...

Hi Team,

I'm working on AEM login and sign up components. I have requirement that after sign up I have to show some message and a link"Activation Email/Resend Email". I have to login an user when he/she clicked on this link. Or I have to show his/her "Profile" when he/she clicked on these links. I can say I have to auto login the registered user.

How to login in user in CQ through email activation mail , when he/she clicked on activate my account?

We have userid and rep:password:{SHA-256}153dd7485544e927-1000-739b50f309f0fb1b7960904449092f0ccab like this in the page

Your comments are welcome.

Thanks,

AryA.

 

I don't know if you are using SSO or not but if you do then this the way to go. By doing this you are actually telling CQ to trust the user. Check SSO Authentication Handler implementation. We have done this by using that handler.

SimpleCredentials credentials = new SimpleCredentials(userID, "no_password_needed".toCharArray());

                credentials.setAttribute("TrustedInfo", AUTH_TOKEN);
                info = new AuthenticationInfo("SSO", userID);
                info.put("user.jcr.credentials", credentials);
                return info;