How can I get access to a VIVO database?

This question most commonly arises when someone ships dump of a MySQL database to a developer at another site, for testing or debugging purposes. The sender of the data may be reluctant to provide the password to the root account, either because

• they do not wish the developer to know their root password, or
• they do not wish to use unsecured media to send their root password.

So the developer faces a puzzle. They can load the data into MySQL, they can start an instance of VIVO and give it access to the data, but they cannot log in to that VIVO because they don't know the password.

How to get access to a VIVO instance without knowing the root password?

VIVO release 1.6 and beyond

To gain access to the database, simply create a new root account.

• Modify the runtime.properties file to include a root account of your choosing, and restart VIVO

  rootUser.emailAddress = new_root@mydomain.edu

• Open VIVO in the browser. You will see a warning screen like the following:
  
  Click Continue to view the VIVO home page.
• Log in using the new root account. The first-time password for your new root account will be rootPassword, and you will be asked to assign a new password.

You now have two root accounts, and you know the password to the new one. Use the User Accounts pages to either

• Delete the old root account,
  or
• Change the password on the old root account and delete the new root account.

VIVO releases from 1.3 to 1.5.2

These releases of VIVO include a "back door" to permit this operation. A developer can add a special file to the VIVO code, which will enable a special URL that will give access.

In more detail:

• Create a file called friend.xml, containing a line like this: <date value="2013-02-18"/>, and put it in the [tomcat]/webapps/<vivocontext>/WEB-INF/classes directory. The date in the file must not be more than 1 week old. If you need to use this mechanism for more than 1 week, you will need to update the file. For example:

  cd /usr/local/tomcat/webapps/vivo/WEB-INF/classes echo '<date value="2013-02-18"/>' > friend.xml

• Go to http://localhost:8080/vivo/admin/friend (or whatever is correct for your host and port number and context path), and you are immediately logged in as root.
• Go to the Site Admin page, User Accounts, and either change the password on the root account or create a new admin account for your use.

This back door will offer no diagnostics if it is attempted incorrectly. The /admin/friend URL will return a simple 404 status

• if friend.xml does not exist
• if friend.xml is in the wrong directory
• if friend.xml is not in the correct format
• if friend.xml contains a stale date

VIVO releases prior to 1.3

Older VIVO instances did not have a "root" account, per se. Instead, they had "default_admin" accounts.

It is possible to set a new password on the default_admin account using the command line interface to MySQL.

• Find out the name of the default_admin account (in this example, the name is admin):

  mysql> select obj from jena_g3t1_stmt -> where subj = 'Uv::http://vitro.mannlib.cornell.edu/ns/vitro/default#defaultAdminUser:' -> and prop = 'Uv::http://vitro.mannlib.cornell.edu/ns/vitro/0.7#username:'; +-------------------------------------------------------+ | Obj | +-------------------------------------------------------+ | Lv:0:39:http://www.w3.org/2001/XMLSchema#stringadmin: | +-------------------------------------------------------+ 1 row in set (0.00 sec)

• Set the password to rootPassword

  mysql> update jena_g3t1_stmt -> set obj = 'Lv:0:39:http://www.w3.org/2001/XMLSchema#string4BBA69E66998C59F03530EE02C406CB0:' -> where subj = 'Uv::http://vitro.mannlib.cornell.edu/ns/vitro/default#defaultAdminUser:' -> and prop = 'Uv::http://vitro.mannlib.cornell.edu/ns/vitro/0.7#md5password:'; Query OK, 1 row affected (0.01 sec) Rows matched: 1 Changed: 1 Warnings: 0

• Log in with the name that you found in the first step, and the password of rootPassword.