removed concept of empty passwords as "no passwords used",

because we now start YaCy with a default password (yacy).
This has impact of all function that check the current state of
password-protection that included the empty password situation,
including the warnings to set a password in case that none is set (which
cannot be the case any more).

htroot/ConfigAccounts_p.html

@@ -26,21 +26,26 @@
     ::
     <p class="error">Username already used (not allowed).</p>
     #(/error)#
-    #(passwordNotSetWarning)#::<div class="error">No password is set for the administration account. Please define a password for the admin account.</div>#(/passwordNotSetWarning)#
+    #(changedfltpw)#::
+    <div class="alert alert-danger" role="alert">
+        <b>WARNING</b> This YaCy instance can be administered with the account "admin" and the default password "yacy". 
+        Change the password as soon as possible!
+    </div>
+    #(/changedfltpw)#
 
     <fieldset><legend>Admin Account</legend>
       <form action="ConfigAccounts_p.html" method="post" accept-charset="UTF-8">
-      	  <input type="hidden" name="transactionToken" value="#[transactionToken]#"/>
+            <input type="hidden" name="transactionToken" value="#[transactionToken]#"/>
           <fieldset>
             <legend>
             <input type="radio" name="access" id="access_localhost" value="localhost"#(localhost.checked)#:: checked="checked"#(/localhost.checked)# />
             <label for="access_localhost">Access from localhost without account</label>
             </legend>
             Access to your peer from your own computer (localhost access) is granted with administrator rights. No need to configure an administration account.
-            	<div class="alert alert-warning" role="alert">
-					This setting is convenient but less secure than using a qualified admin account. 
-					Please use with care, notably when you browse untrusted and potentially malicious websites while running your YaCy peer on the same computer.
-				</div>
+                <div class="alert alert-warning" role="alert">
+                    This setting is convenient but less secure than using a qualified admin account. 
+                    Please use with care, notably when you browse untrusted and potentially malicious websites while running your YaCy peer on the same computer.
+                </div>
             </fieldset>
 
             <fieldset>
@@ -65,14 +70,14 @@
 
     <fieldset><legend>Access Rules</legend>
       <form action="ConfigAccounts_p.html" method="post" accept-charset="UTF-8">
-      		<input type="hidden" name="transactionToken" value="#[transactionToken]#"/>
+              <input type="hidden" name="transactionToken" value="#[transactionToken]#"/>
             <dl class="userConfig">
               <dt>Protection of all pages: if set to on, access to all pages need authorization; if off, only pages with "_p" extension are protected.</dt>
               <dd><input type="checkbox" name="adminAccountAllPages" data-size="small"#(adminAccountAllPages.checked)#:: checked="checked"#(/adminAccountAllPages.checked)#></dd>
               <script>$("[name='adminAccountAllPages']").bootstrapSwitch();
               $("[name='adminAccountAllPages']").bootstrapSwitch('onText', 'ON');
               $("[name='adminAccountAllPages']").bootstrapSwitch('offText', 'OFF');</script>
-			  <dt></dt>
+              <dt></dt>
               <dd><input type="submit" name="setAccess" value="Set Access Rules" class="btn btn-primary"/></dd>
             </dl>
       </form>
@@ -118,11 +123,9 @@
           <dt><label for="address">Address</label>:</dt>
           <dd><input type="text" id="address" name="address" value="#[address]#" /></dd>
           <dt>Rights:</dt>
-          <dd>
-          	#{rights}#
+          <dd>#{rights}#
             <input type="checkbox" id="#[name]#" name="#[name]#"#(set)#:: checked="checked"#(/set)# /><label for="#[name]#">#[friendlyName]# right</label><br />
-            #{/rights}#
-          </dd>
+          #{/rights}#</dd>
           <dt><label for="tlimit">Timelimit</label>:</dt>
           <dd><input type="text" id="tlimit" name="timelimit" value="#[timelimit]#" /></dd>
           <dt><label for="tused">Time used</label>:</dt>

htroot/Status_p.inc

@@ -18,16 +18,11 @@
     </dd>
     <dt>Protection</dt>
     <dd>#(protection)#
-      <strong>Password is missing.</strong>
+      <strong>Default password is not changed</strong>
+      <a href="ConfigAccounts_p.html">[Configure]</a>
       ::
       password-protected
       #(/protection)#
-
-      #(unrestrictedLocalAccess)#
-      ::
-      <br />Unrestricted access from localhost.
-      #(/unrestrictedLocalAccess)#
-      <a href="ConfigAccounts_p.html">[Configure]</a>
     </dd>
 
     <dt>Address</dt>

source/net/yacy/data/TransactionManager.java

@@ -63,18 +63,14 @@ public class TransactionManager {
      */
     private static String getUserName(final RequestHeader header) {
         String userName = header.getRemoteUser();
+        if (userName == null) userName = "admin"; // set a default to be able to create a transaction token
         Switchboard sb = Switchboard.getSwitchboard();
 
         if (sb != null) {
             final String adminAccountBase64MD5 = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "");
             final String adminAccountUserName = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_USER_NAME, "admin");
-            if (adminAccountBase64MD5.equals(sb.emptyPasswordAdminAccount)) {
-                // admin users with empty passwords do not need to authentify, thus do not have
-                // this header present. We just consider the name is "admin"
-                userName = adminAccountUserName;
-            }
 
-            if (userName == null && header.accessFromLocalhost()) {
+            if (header.accessFromLocalhost()) {
 
                 if (sb.getConfigBool(SwitchboardConstants.ADMIN_ACCOUNT_FOR_LOCALHOST, false)) {
                     /* Unauthenticated local access as administrator can be enabled */
@@ -134,7 +130,7 @@ public class TransactionManager {
         /* Check this comes from an authenticated user */
         final String userName = getUserName(header);
         if (userName == null) {
-                throw new IllegalArgumentException("User is not authenticated");
+            throw new IllegalArgumentException("User is not authenticated");
         }
 
         /* Produce a token by signing a message with the server secret key : 

source/net/yacy/htroot/ConfigAccounts_p.java

@@ -112,9 +112,10 @@ public class ConfigAccounts_p {
             }
         }
 
-        if (env.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "").isEmpty() && !env.getConfigBool(SwitchboardConstants.ADMIN_ACCOUNT_FOR_LOCALHOST, false)) {
-            prop.put("passwordNotSetWarning", 1);
-        }
+        // set a warning in case that the default password was not changed
+        String currpw = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "");
+        String dfltpw = SwitchboardConstants.ADMIN_ACCOUNT_B64MD5_DEFAULT;
+        prop.put("changedfltpw", currpw.equals(dfltpw) ? "1" : "0");
 
         prop.put(SwitchboardConstants.ADMIN_ACCOUNT_All_PAGES + ".checked", sb.getConfigBool(SwitchboardConstants.ADMIN_ACCOUNT_All_PAGES, false) ? 1 : 0);
         prop.put("localhost.checked", (localhostAccess) ? 1 : 0);

source/net/yacy/htroot/Status.java

@@ -131,14 +131,10 @@ public class Status
             prop.put("privateStatusTable", "");
         }
 
-        // password protection
-        if ( (sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "").isEmpty())
-                && (!sb.getConfigBool(SwitchboardConstants.ADMIN_ACCOUNT_FOR_LOCALHOST, false)) ) {
-            prop.put("protection", "0"); // not protected
-            prop.put("urgentSetPassword", "1");
-        } else {
-            prop.put("protection", "1"); // protected
-        }
+        // password protection: set a warning in case that the default password was not changed
+        String currpw = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "");
+        String dfltpw = SwitchboardConstants.ADMIN_ACCOUNT_B64MD5_DEFAULT;
+        prop.put("protection", currpw.equals(dfltpw) ? "0" : "1");
 
         if ( sb.getConfigBool(SwitchboardConstants.ADMIN_ACCOUNT_FOR_LOCALHOST, false) ) {
             prop.put("unrestrictedLocalAccess", 1);

source/net/yacy/http/YaCySecurityHandler.java

@@ -84,10 +84,6 @@ public class YaCySecurityHandler extends ConstraintSecurityHandler {
         // Pages suffixed with "_p" are by the way always considered protected
         protectedPage = protectedPage || (pathInContext.indexOf("_p.") > 0);
 
-        // ..except that the password for the admin account is empty
-        final String adminAccountBase64MD5 = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "");
-        protectedPage = protectedPage && !adminAccountBase64MD5.equals(sb.emptyPasswordAdminAccount);
-
         // check "/gsa" and "/solr" if not publicSearchpage
         if (!protectedPage && !sb.getConfigBool(SwitchboardConstants.PUBLIC_SEARCHPAGE, true)) { 
             protectedPage = pathInContext.startsWith("/solr/") || pathInContext.startsWith("/gsa/");
@@ -98,6 +94,7 @@ public class YaCySecurityHandler extends ConstraintSecurityHandler {
                 return null;
             } else if (accessFromLocalhost) {
                 // last chance to authorize using the admin from localhost
+                final String adminAccountBase64MD5 = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "");
                 final String credentials = request.getHeader(RequestHeader.AUTHORIZATION);
                 if (credentials != null && credentials.length() < 120 && credentials.startsWith("Basic ")) { // Basic credentials are short "Basic " + b64(user:pwd)
                     final String foruser = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_USER_NAME, "admin");

source/net/yacy/search/Switchboard.java

@@ -316,7 +316,6 @@ public final class Switchboard extends serverSwitch {
     private boolean startupAction = true; // this is set to false after the first event
     private static Switchboard sb;
     public HashMap<String, Object[]> crawlJobsStatus = new HashMap<>();
-    public String emptyPasswordAdminAccount;
 
     public Switchboard(final File dataPath, final File appPath, final String initPath, final String configPath) {
         super(dataPath, appPath, initPath, configPath);
@@ -449,9 +448,6 @@ public final class Switchboard extends serverSwitch {
             }
         }.start();
 
-        // define the "non-password password"
-        this.emptyPasswordAdminAccount = this.encodeDigestAuth(this.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_USER_NAME,"admin"), "");
-
         // init the language detector
         this.log.config("Loading language profiles");
         try {
@@ -3907,13 +3903,10 @@ public final class Switchboard extends serverSwitch {
     /**
      * check authentication status for request access shall be granted if return value >= 2; these are the
      * cases where an access is granted to protected pages:
-     * - a password is not configured: auth-level 2
      * - access from localhost is granted and access comes from localhost: auth-level 3
-     * - a password is configured and access comes from localhost and the realm-value
+     * - access comes from localhost and the realm-value
      *   of a http-authentify String is equal to the stored base64MD5: auth-level 3
-     * - an empty password is configured an access comes from anywhere: auth-level 3
-     *   This may be used in cluster installations where the cluster has an outside protection but inside is none needed.
-     * - a password is configured and access comes with matching http-authentify: auth-level 4
+     * - access comes with matching http-authentify: auth-level 4
      *
      * @param requestHeader
      *  - requestHeader.AUTHORIZATION = B64encode("adminname:password") or = B64encode("adminname:valueOf_Base64MD5cft")
@@ -3931,19 +3924,6 @@ public final class Switchboard extends serverSwitch {
                 return 4; // hard-authenticated, quick return
         }
 
-        // authorization in case that there is no account stored
-        final String adminAccountUserName = this.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_USER_NAME, "admin");
-        final String adminAccountBase64MD5 = this.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "");
-        if ( adminAccountBase64MD5.isEmpty() ) {
-            this.adminAuthenticationLastAccess = System.currentTimeMillis();
-            return 2; // no password stored; this should not happen for older peers
-        }
-
-        // authorization in case that administrators have stored an empty password; this authorizes all users as admin regardless of the give auth
-        if (adminAccountBase64MD5.equals(this.emptyPasswordAdminAccount)) {
-            return 3; // everyone is admin from everywhere
-        }
-
         // authorization for localhost, only if flag is set to grant localhost access as admin
         final boolean accessFromLocalhost = requestHeader.accessFromLocalhost();
         if (accessFromLocalhost && this.getConfigBool(SwitchboardConstants.ADMIN_ACCOUNT_FOR_LOCALHOST, false)) {
@@ -3980,6 +3960,8 @@ public final class Switchboard extends serverSwitch {
         }
 
         // authorization by encoded password, only for localhost access
+        final String adminAccountUserName = this.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_USER_NAME, "admin");
+        final String adminAccountBase64MD5 = this.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "");
         final String pass = Base64Order.standardCoder.encodeString(adminAccountUserName + ":" + adminAccountBase64MD5);
         if ( accessFromLocalhost && (pass.equals(realmValue)) ) { // assume realmValue as is in cfg
             this.adminAuthenticationLastAccess = System.currentTimeMillis();