Skip to content
Permalink
Browse files
Apache Archiva Versionned docs for 2.2.3
git-svn-id: http://svn.apache.org/repos/asf/archiva/site-content@1795074 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information
effrafax authored and martin_s committed May 13, 2017
1 parent 19457f7 commit 062ed26709ad1ac068e17a6c22a7c467a562c4c5
Showing 6 changed files with 245 additions and 50 deletions.
@@ -341,7 +341,7 @@ <h2><a name="Configuration_Files_of_Apache_Archiva"></a>Configuration Files of A
<p>The following files compose the configuration for Archiva:</p>
<ul>
<li><tt>archiva.xml</tt> - this is the primary Archiva configuration file</li>
<li><tt>security.properties</tt> - this configures the security as described in the <a href="./security.html"> security configuration documentation</a></li></ul>
<li><tt>security.properties</tt> - This file, if it exists, is only read once to populate the Redback Runtime Configuration properties (see <a href="./redback-runtime-configuration.html#Runtime_Properties">Redback Runtime Configuration</a>, stored in <tt>archiva.xml</tt>. The file will be ignored after this.</li></ul>
<p>This section will focus on the <tt>archiva.xml</tt> file.</p>
<div class="section">
<h3><a name="The_Archiva_configuration_file"></a>The Archiva configuration file</h3>
@@ -360,35 +360,147 @@

<!-- Licensed to the Apache Software Foundation (ASF) under one --><!-- or more contributor license agreements. See the NOTICE file --><!-- distributed with this work for additional information --><!-- regarding copyright ownership. The ASF licenses this file --><!-- to you under the Apache License, Version 2.0 (the --><!-- "License"); you may not use this file except in compliance --><!-- with the License. You may obtain a copy of the License at --><!-- --><!-- http://www.apache.org/licenses/LICENSE-2.0 --><!-- --><!-- Unless required by applicable law or agreed to in writing, --><!-- software distributed under the License is distributed on an --><!-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY --><!-- KIND, either express or implied. See the License for the --><!-- specific language governing permissions and limitations --><!-- under the License. --><!-- NOTE: For help with the syntax of this file, see: --><!-- http://maven.apache.org/guides/mini/guide-apt-format.html --><div class="section">
<h2><a name="Archiva_Security_Configuration"></a>Archiva Security Configuration</h2>
<p>Security properties and password rules can be configured in the <tt>security.properties</tt> file, which by default is searched for in:</p>
<ul>
<li><tt>~/.m2/security.properties</tt></li>
<li><tt>conf/security.properties</tt> in the Archiva installation</li></ul>
<p>(In the above list, <tt>~</tt> is the home directory of the user who is running Archiva.)</p><!-- TODO: Link to plexus-redback documentation when available -->
<p>Following are some of the properties you can modify. For a complete list, consult the default properties file in Redback's svn repo: <a class="externalLink" href="http://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties"> config-defaults.properties</a></p>
<p>Security properties and password rules are configured now in the Redback Runtime Configuration properties (see <a href="./redback-runtime-configuration.html#Runtime_properties">Redback Runtime Configuration</a>).</p>
<p>The Redback Runtime Configuration properties are stored in <tt>archiva.xml</tt>. The former <tt>security.properties</tt> file, if it exists, is only used once for populating the Runtime Configuration settings. After that, this file will be ignored.</p><!-- TODO: Link to plexus-redback documentation when available -->
<p>These are the default properties. The file can be found in in Redback's svn repo: <a class="externalLink" href="http://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties"> config-defaults.properties</a></p>
<div class="source">
<pre># Security Policies
# -----------------
<pre># Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# &quot;License&quot;); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# &quot;AS IS&quot; BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.

# --------------------------------------------------------------------
# Application Configuration

application.timestamp=EEE d MMM yyyy HH:mm:ss Z

# --------------------------------------------------------------------
# JDBC Setup

#jdbc.driver.name=org.apache.derby.jdbc.EmbeddedDriver
#jdbc.url=jdbc:derby:memory:users-tests;create=true

jdbc.driver.name=org.hsqldb.jdbcDriver
jdbc.url=jdbc:hsqldb:mem:redback-test

jdbc.username=sa
jdbc.password=

# --------------------------------------------------------------------
# Email Settings

email.jndiSessionName=java:comp/env/mail/Session
email.smtp.host=localhost
email.smtp.port=25
email.smtp.ssl.enabled=false
email.smtp.tls.enabled=false
email.smtp.username=
email.smtp.password=

#TODO: move description elsewhere, remove bad default
# All emails sent by the system will be from the following address
#email.from.address=${user.name}@localhost
# All emails sent by the system will be from the following user name (used in conjunction with address)
#email.from.name=Unconfigured Username

# If all email addresses (from new user registration) require an account validation email.
email.validation.required=true
# Timeout (in minutes) for the key generated for an email validation to remain valid.
# 2880 minutes = 48 hours
email.validation.timeout=2880
# The subject line for the email message.
email.validation.subject=Welcome

#TODO: move description elsewhere, remove bad default
# Get the Feedback to use for any outgoing emails.
# NOTE: if feedback.path starts with a &quot;/&quot; it is appended to the end of the value provided in application.url
# This value can be in the format/syntax of &quot;/feedback.action&quot; or even &quot;mailto:feedback@application.com&quot;
#email.feedback.path=/feedback.action

#Set the application base URL. The default is to derive it from the HTTP request
#application.url=http://myurl.mycompany.com

# --------------------------------------------------------------------
# Auto Login Settings

security.rememberme.enabled=true
# Timeout in days ( 365 days = 1 year )
security.rememberme.timeout=365
security.rememberme.path=/
security.rememberme.domain=
security.rememberme.secure=false

# Single Sign On
# Timeout in minutes
security.signon.timeout=30

# --------------------------------------------------------------------
# Default Username Values
redback.default.admin=admin
redback.default.guest=guest

# --------------------------------------------------------------------
# Security Policies

#security.policy.password.encoder=
security.policy.password.previous.count=6
security.policy.password.expiration.days=90
security.policy.password.expiration.enabled=true
security.policy.allowed.login.attempt=3
security.policy.password.expiration.days=90
security.policy.password.expiration.notify.days=10
security.policy.allowed.login.attempt=10

# turn off the perclick enforcement of various security policies, slightly
# more heavyweight since it will ensure that the User object on each click
# is up to date
security.policy.strict.enforcement.enabled=true
security.policy.strict.force.password.change.enabled=true

# --------------------------------------------------------------------
# Password Rules
# --------------
security.policy.password.rule.alphanumeric.enabled=false
security.policy.password.rule.alphacount.enabled=true
security.policy.password.rule.alphacount.minimum=1
security.policy.password.rule.characterlength.enabled=true
security.policy.password.rule.characterlength.minimum=1
security.policy.password.rule.characterlength.maximum=8
security.policy.password.rule.characterlength.maximum=24
security.policy.password.rule.musthave.enabled=true
security.policy.password.rule.numericalcount.enabled=true
security.policy.password.rule.numericalcount.minimum=1
security.policy.password.rule.reuse.enabled=true
security.policy.password.rule.nowhitespace.enabled=true

# --------------------------------------------------------------------
# ldap settings
#
ldap.bind.authenticator.enabled=false

# ldap options for configuration via properties file
#ldap.config.hostname=
#ldap.config.port=
#ldap.config.base.dn=
#ldap.config.context.factory=
#ldap.config.bind.dn=
#ldap.config.password=
#ldap.config.authentication.method=

# config parameter for the ConfigurableUserManager
user.manager.impl=jdo


# REST security settings

# Cross Site Request Forgery (CSRF) Prevention
# --------------------------------------------
# Enable/Disable CSRF filtering.
@@ -404,7 +516,8 @@ <h2><a name="Archiva_Security_Configuration"></a>Archiva Security Configuration<
# Enable/Disable the token validation only.
# If true, the validation of the CSRF tokens will be disabled.
# Possible values: true, false
rest.csrffilter.disableTokenValidation=false</pre></div>
rest.csrffilter.disableTokenValidation=false
</pre></div>
<p><b>Note:</b> If installed standalone, Archiva's list of configuration files is <i>itself</i> configurable, and can be found in: <tt>apps/archiva/WEB-INF/applicationContext.xml</tt></p>
<p>Values from sources</p>
<div class="source">
@@ -441,7 +441,7 @@ <h2><a name="Apache_Archiva_Redback_Runtime_Configuration"></a>Apache Archiva Re
<li><a href="#Users_Cache">Users Cache</a></li></ul></li></ul>
<div class="section">
<h3><a name="Apache_Redback_User_ManagerRbacManager_Implementations"></a>Apache Redback User Manager/RbacManager Implementations</h3>
<p>Since 1.4-M4, you can choose to switch dynamically</p>
<p>You can choose to switch dynamically</p>
<ul>
<li>User Manager Implementations (from Database and/or LDAP).</li>
<li>RbacManager Implementations (from Database and/or LDAP): to manage if roles management comes from Database and/or LDAP.</li></ul><img src="../images/redback-runtime-conf-general.png" alt="" /></div>
@@ -451,7 +451,7 @@ <h3><a name="LDAP_configuration"></a>LDAP configuration</h3>
<p>You can test your ldap configuration too.</p><img src="../images/ldap-configuration.png" alt="" /></div>
<div class="section">
<h3><a name="LDAP_Group-Roles_mapping"></a>LDAP Group-Roles mapping</h3>
<p>Since 1.4-M4, you can map dynamically LDAP Group to Archiva Roles</p><img src="../images/ldap-group-roles-mapping.png" alt="" /></div>
<p>You can map dynamically LDAP Group to Archiva Roles</p><img src="../images/ldap-group-roles-mapping.png" alt="" /></div>
<div class="section">
<h3><a name="Runtime_properties"></a>Runtime properties</h3>
<p>You can now too modify some Redback configuration properties. You have a help button which explains to you what the property is doing.</p><img src="../images/redback-properties.png" alt="" /></div>

0 comments on commit 062ed26

Please sign in to comment.