Changing User Passwords in AEM 6.1 via cURL

Changing User Passwords in AEM 6.1 via cURL


In AEM 6.1, there have been a number of changes make to the structure of users. In older versions of AEM, users could be found under a directory structure based on thier user name. For example the user admin, would be found at /home/users/a/admin, in AEM 6.1, this has been changed, likely to support a larger number of users without performance issues. Unfortunately, the method used to create this path does not seem to be predictable, so the path for an individual user is not stable across different AEM instances.

Users in AEM 6.0

Users in AEM 6.0

Users in AEM 6.1

Users in AEM 6.1

Normally, this isn’t an issue. However, if you want to change the password on a user through cURL, this is a big issue as you need to know the path to the user. Of course, this can be done by looking for the user in CRXDE Lite, however this generally eliminates the automation you’re probably trying to accomplish. Never fear! Using the query builder, we can get the path to the user and then change the user’s password. This does assume you also have a recent version of ruby and ruby gems installed to parse JSON.

First, we’ll call the Query Builder via cURL to get the path to the user:

curl -s -u admin:admin -X GET "http://localhost:4502/bin/querybuilder.json?path=/home/users&1_property=rep:authorizableId&1_property.value={USER_NAME}&p.limit=-1" > user.json

Next, we read the path from the JSON result:

USER_PATH=`ruby -rjson -e 'j = JSON.parse(File.read("user.json")); puts j["hits"][0]["path"]'`

Finally, the USER_PATH variable can be used to set the user’s password:

curl -s -u admin:admin -Fplain={NEW_PASSWORD} -Fverify={NEW_PASSWORD}  -Fold={OLD_PASSWORD} -FPath=$USER_PATH http://localhost:4502/crx/explorer/ui/setpassword.jsp

Putting it all together, if I wanted to change the admin user’s password I would call:

curl -s -u admin:admin -X GET "http://localhost:4502/bin/querybuilder.json?path=/home/users&1_property=rep:authorizableId&1_property.value=admin&p.limit=-1" > user.json
USER_PATH=`ruby -rjson -e 'j = JSON.parse(File.read("user.json")); puts j["hits"][0]["path"]'`
curl -s -u admin:admin -Fplain=admin1 -Fverify=admin1  -Fold=admin -FPath=$USER_PATH http://localhost:4502/crx/explorer/ui/setpassword.jsp

Hopefully this helps anyone else stuck trying to script a user’s password change!


← New in Apache Sling: FSClassLoader Console Lunch and Learn - Debugging AEM →