How to reset the knimeadmin password from the CLI

Hi there,

how can I reset the knimeadmin password from the CLI. I cannot use the webinterface because I don’t know the current password. However, I have CLI access to the machine the server runs on.

My auth config is as follows:

<Realm className=“org.apache.catalina.realm.DataSourceRealm” dataSourceName=“H2UserDatabase” roleNameCol=“ROLE_NAME” userCredCol=“USER_PASS” userNameCol=“USER_NAME” userRoleTable=“USER_ROLES” userTable=“USERS”>

<CredentialHandler algorithm=“SHA-256” className=“org.apache.catalina.realm.MessageDigestCredentialHandler”/>

</Realm>

KR Andreas

Hi Andreas,

It’s possible to manually reset the database. Under Linux you can run a script something like. Note that you’ll need to edit the script to reflect the correct locations (and the new password) in your case:

#!/bin/bash

set -x

# Location of this script.
location="/opt"

# tomcat home directory
tomcat_home="/opt/apache-tomee-plus-7.0.3"

# db parameters
dburl="jdbc:h2:$tomcat_home/conf/userconf"

# construct db query
newpassword=enteryournewpasswordhere
newpassword=$($tomcat_home/bin/digest.sh -a sha-256 $newpassword)
newpassword=${newpassword#*:}

echo "update users set user_pass='$newpassword' where user_name='knimeadmin';" > $location/dbscript

chown knime:knime $location/dbscript

# manipulate db
java -cp $tomcat_home/lib/h2*.jar org.h2.tools.RunScript -url $dburl -script $location/dbscript

# delete script file
rm dbscript

exit 0
6 Likes

Hi Jon,

thanks a lot for this code snippet!! It worked perfectly.

One note for other people who run into this situation: before running Jon’s script, you need to stop KNIME server as the database can only be used from one application at a time.

Best
Andreas

3 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Hi all,

in case anyone wants to reset the knimeadmin password on Windows, this .bat script may work, or at least serve as a starting point for your own script. Please make sure to shut down the KNIME Server before changing it’s files on disk.

@ECHO OFF
REM Variables you should edit.
SET NEW_PASSWORD=ENTER-YOUR-PASSWORD-HERE
SET CATALINA_HOME=C:\knime_server\apache-tomcat-9.0.58




REM db parameters
SET H2_LIB=%CATALINA_HOME%\lib\h2-1.4.199.jar
SET dburl=jdbc:h2:%CATALINA_HOME%\conf\userconf

REM construct db query
REM run our password through Tomcat's digest.bat
FOR /F "tokens=*" %%g IN ('%CATALINA_HOME%\bin\digest.bat -a sha-256 %NEW_PASSWORD%') DO (SET encpwd=%%g)
REM reduce result string to only the encrypted passsword
FOR /f "tokens=2 delims=:" %%A IN ("%encpwd%") DO SET encpwd=%%A

REM create sql statement to update user in a temporary file
ECHO update users set user_pass='%encpwd%' where user_name='knimeadmin'; > %~dp0\dbscript

REM manipulate db
java -cp %H2_LIB% org.h2.tools.RunScript -url %dburl% -script %~dp0\dbscript

REM delete temporary file
DEL %~dp0\dbscript
2 Likes

In both scripts (the Linux and Windows ones), you can also make it interactive where it can prompt for the password to be entered manually - that way you don’t have to delete the script and it can be re-used :wink: