Whatterz


Resetting a Lost ColdFusion Password

by Simon. Average Reading Time: about a minute.

I’m a ColdFusion freelance developer and as can often happen, I end up using a spare machine sitting in the corner of a room. Being relegated to the “dunce’s corner” is bad enough, but commonly the ColdFusion password has also been forgotten. This happened to me just the other day. So, how do we go about resetting the password?

Back in the ColdFusion 5 days you could edit the registry value:

HKEY_LOCAL_MACHINE\software\allaire\coldfusion\currentversion\server

set UseAdminPassword to 0 and restart the ColdFusion service, not forgetting to set a new password afterwards, especially if you’re on a production server.

Now with ColdFusion MX and MX7, you can’t but the process is not too tricky either. In fact there are two methods available to you.

First method:

You need to locate the password.properties file in the C:\CFusionMX7\lib\ directory. Opening the file, you will be presented with something much like this:

#Tue Apr 24 10:41:59 BST 2007
rdspassword=09GTH9 8O&>36& \\Q>[K\=XP \n
password=5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8
encrypted=true

Change the password to an alpha-numeric string of your choice and encrypted to false, much like this:

#Tue Apr 24 10:41:59 BST 2007
rdspassword=09GTH9 8O&>36& \\Q>[K\=XP \n
password=L3tM31n
encrypted=false

save the file and restart the ColdFusion service, you will be able to get into the ColdFusion Administrator with your chosen password.

Second method:

Locate the neo-security.xml file in the C:\CFusionMX7\lib\ directory. Opening the file you will be presented with a WDDX packet containing ColdFusion server configuration settings. The lines you will need to edit are the following:

<var name=’admin.security.enabled’>
<boolean value=’true’/>
</var>

Change the boolean value to false, like this:

<var name=’admin.security.enabled’>
<boolean value=’false’/>
</var>

save and restart the ColdFusion service. You can now log into the ColdFusion Adminsitrator without a password.

NB It is always recommended that a password be used for production systems.

This article has been tagged

, , , , , , , , , ,

Other articles I recommend

Repairing a Corrupt ColdFusion JVM Config

Killing ColdFusion is something I love to do!! This time I managed to kill ColdFusion by amending the Class Paths listed in the Java and JVM settings of my local instance of ColdFusion MX 7. When you amend any Java and JVM settings you need to restart the ColdFusion service and hope.

Using JavaScript Logical Operators in ColdFusion 8

Logical operators are typically used with Boolean (logical) values; when they are, they return a Boolean value. However, the && and || operators actually return the value of one of the specified operands, so if these operators are used with non-Boolean values, they may return a non-Boolean value.

Configuring ColdFusion 8 with Apache

After installing ColdFusion 8 and Apache successfully you may still see an “HTTP 500 Internal Server Error” when navigating to a ColdFusion page. All is not lost, you simply need to configure, or check the configuration of Apache. Apache requires very little post installation modification, but it is always good practice to check the httpd.conf file to ensure that the ColdFusion “install” scripts did what they were supposed to do.

  • http://www.cf-examples.net ahamad

    Very cool… Thanks for the detailed explanations.