[archiva.git] /

<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
  ~ Licensed to the Apache Software Foundation (ASF) under one
  ~ or more contributor license agreements.  See the NOTICE file
  ~ distributed with this work for additional information
  ~ regarding copyright ownership.  The ASF licenses this file
  ~ to you under the Apache License, Version 2.0 (the
  ~ "License"); you may not use this file except in compliance
  ~ with the License.  You may obtain a copy of the License at
  ~
  ~   http://www.apache.org/licenses/LICENSE-2.0
  ~
  ~ Unless required by applicable law or agreed to in writing,
  ~ software distributed under the License is distributed on an
  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  ~ KIND, either express or implied.  See the License for the
  ~ specific language governing permissions and limitations
  ~ under the License.
  -->

<plexus>
  <components>
    <component>
      <role>org.codehaus.plexus.registry.Registry</role>
      <implementation>org.codehaus.plexus.registry.commons.CommonsConfigurationRegistry</implementation>
      <role-hint>commons-configuration</role-hint>
      <configuration>
        <properties>
          <system/>
          <jndi prefix="java:comp/env" config-optional="true"/>
          <xml fileName="${user.home}/.m2/archiva.xml" config-optional="true"
               config-name="org.apache.maven.archiva.user"
               config-at="org.apache.maven.archiva"/>
          <xml fileName="${user.home}/.m2/shared.xml" config-optional="true"
               config-name="org.apache.maven.shared.app.user" config-at="org.apache.maven.shared.app"
               config-forceCreate="true"/>
          <properties fileName="${user.home}/.m2/security.properties" config-optional="true"
                      config-at="org.codehaus.plexus.redback"/>
          <properties fileName="${user.home}/.m2/archiva.properties" config-optional="true"
                      config-at="org.codehaus.plexus.redback"/>
          <xml fileName="${appserver.base}/conf/archiva.xml" config-optional="true"
               config-name="org.apache.maven.archiva.base"
               config-at="org.apache.maven.archiva"/>
          <xml fileName="${appserver.base}/conf/shared.xml" config-optional="true"
               config-name="org.apache.maven.shared.app.base" config-at="org.apache.maven.shared.app"/>
          <xml fileName="${appserver.base}/conf/common.xml" config-optional="true"/>
          <properties fileName="${appserver.base}/conf/security.properties" config-optional="true"
                      config-at="org.codehaus.plexus.redback"/>
          <xml fileName="${appserver.home}/conf/archiva.xml" config-optional="true"
               config-at="org.apache.maven.archiva"/>
          <xml fileName="${appserver.home}/conf/shared.xml" config-optional="true"
               config-at="org.apache.maven.shared.app"/>
          <xml fileName="${appserver.home}/conf/common.xml" config-optional="true"/>
          <properties fileName="${appserver.home}/conf/security.properties" config-optional="true"
                      config-at="org.codehaus.plexus.redback"/>
          <properties fileName="org/apache/maven/archiva/security.properties" config-at="org.codehaus.plexus.redback"/>
        </properties>
      </configuration>
    </component>

    <component>
      <role>org.codehaus.plexus.mailsender.MailSender</role>
      <implementation>org.codehaus.plexus.mailsender.javamail.JndiJavamailMailSender</implementation>
      <configuration>
        <jndiSessionName>java:comp/env/mail/Session</jndiSessionName>
      </configuration>
    </component>

    <component>
      <role>org.codehaus.plexus.jdo.JdoFactory</role>
      <role-hint>archiva</role-hint>
      <implementation>org.codehaus.plexus.jdo.DataSourceConfigurableJdoFactory</implementation>
      <configuration>

        <connectionFactoryName>java:comp/env/jdbc/archiva</connectionFactoryName>
        <shutdownConnectionFactoryName>java:comp/env/jdbc/archivaShutdown</shutdownConnectionFactoryName>

        <!-- JPOX and JDO configuration -->
        <persistenceManagerFactoryClass>org.jpox.PersistenceManagerFactoryImpl</persistenceManagerFactoryClass>
        <otherProperties>
          <property>
            <name>org.jpox.autoCreateSchema</name>
            <value>true</value>
          </property>
          <property>
            <name>org.jpox.autoCreateColumns</name>
            <value>true</value>
          </property>
          <property>
            <name>org.jpox.validateTables</name>
            <value>false</value>
          </property>
          <property>
            <name>org.jpox.validateConstraints</name>
            <value>false</value>
          </property>
          <property>
            <name>org.jpox.validateColumns</name>
            <value>false</value>
          </property>
          <property>
            <name>org.jpox.autoStartMechanism</name>
            <value>None</value>
          </property>
          <property>
            <name>org.jpox.transactionIsolation</name>
            <value>READ_COMMITTED</value>
          </property>
          <property>
            <name>org.jpox.poid.transactionIsolation</name>
            <value>READ_COMMITTED</value>
          </property>
          <property>
            <name>org.jpox.rdbms.dateTimezone</name>
            <value>JDK_DEFAULT_TIMEZONE</value>
          </property>
          <!-- NEEDED FOR POSTGRES, But causes problems in other JDBC implementations.
          <property>
            <name>org.jpox.identifier.case</name>
            <value>PreserveCase</value>
          </property>
            -->
        </otherProperties>
      </configuration>
    </component>

    <component>
      <role>org.codehaus.plexus.jdo.JdoFactory</role>
      <role-hint>users</role-hint>
      <implementation>org.codehaus.plexus.jdo.DataSourceConfigurableJdoFactory</implementation>
      <configuration>

        <connectionFactoryName>java:comp/env/jdbc/users</connectionFactoryName>
        <shutdownConnectionFactoryName>java:comp/env/jdbc/usersShutdown</shutdownConnectionFactoryName>

        <!-- JPOX and JDO configuration -->
        <persistenceManagerFactoryClass>org.jpox.PersistenceManagerFactoryImpl</persistenceManagerFactoryClass>
        <otherProperties>
          <property>
            <name>org.jpox.autoCreateSchema</name>
            <value>true</value>
          </property>
          <property>
            <name>org.jpox.validateTables</name>
            <value>false</value>
          </property>
          <property>
            <name>org.jpox.validateConstraints</name>
            <value>false</value>
          </property>
          <property>
            <name>org.jpox.validateColumns</name>
            <value>false</value>
          </property>
          <property>
            <name>org.jpox.autoStartMechanism</name>
            <value>None</value>
          </property>
          <property>
            <name>org.jpox.transactionIsolation</name>
            <value>READ_COMMITTED</value>
          </property>
          <property>
            <name>org.jpox.poid.transactionIsolation</name>
            <value>READ_COMMITTED</value>
          </property>
          <property>
            <name>org.jpox.rdbms.dateTimezone</name>
            <value>JDK_DEFAULT_TIMEZONE</value>
          </property>
          <!-- NEEDED FOR POSTGRES, But causes problems in other JDBC implementations.
          <property>
            <name>org.jpox.identifier.case</name>
            <value>PreserveCase</value>
          </property>
            -->
        </otherProperties>
      </configuration>
    </component>
    
    <!-- <component>
      <role>org.apache.maven.archiva.webdav.util.MimeTypes</role>
      <implementation>org.apache.maven.archiva.webdav.util.MimeTypes</implementation>
      <description>MimeTypes</description>
      <configuration>
        <resource>archiva-mime-types.txt</resource>
      </configuration>
    </component> -->

    <!--
     | Logger manager
     -->
    <component>
      <role>org.codehaus.plexus.logging.LoggerManager</role>
      <implementation>org.codehaus.plexus.logging.slf4j.Slf4jLoggerManager</implementation>
      <lifecycle-handler>basic</lifecycle-handler>
    </component>

    <!-- 
   PLXREDBACK-81 bad role hint, redefining here until redback alpha-2 is released.
    -->
    <component>
      <role>org.codehaus.plexus.redback.system.check.EnvironmentCheck</role>
      <role-hint>locked-admin-check</role-hint>
      <implementation>org.codehaus.plexus.redback.xwork.checks.security.LockedAdminEnvironmentCheck</implementation>
      <description>LockedAdminEnvironmentCheck: checks if accounts marked as system administrator are locked
        and unlocks them on startup.
      </description>
      <requirements>
        <requirement>
          <role>org.codehaus.plexus.redback.users.UserManager</role>
          <role-hint>cached</role-hint>
          <field-name>userManager</field-name>
        </requirement>
        <requirement>
          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
          <role-hint>cached</role-hint>
          <field-name>rbacManager</field-name>
        </requirement>
      </requirements>
    </component>

    <!-- START SNIPPET: ldap -->
    <!-- 
       Ldap Authentication can be enabled by setting enabling these components and setting the following configuration options in your security.properties file

       ============================================================
       user.manager.impl=ldap
       ldap.bind.authenticator.enabled=true
       redback.default.admin=admin
       redback.default.guest=guest
       security.policy.password.expiration.enabled=false

       ldap.config.hostname=ldap.hostname
       ldap.config.port=389
       ldap.config.base.dn=o=com
       ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory
       ldap.config.bind.dn=uid=myusername,o=com
       ldap.config.password=s3cr3t
       #ldap.config.authentication.method=
       ============================================================

       * ldap.config.hostname - The hostname of the ldap server
       * ldap.config.port - The port of the ldap server
       * ldap.config.base.dn - The baseDn of the ldap system
       * ldap.config.context.factory - context factory for ldap connections
       * ldap.config.bind.dn - the core user used for authentication the ldap server, must be able to perform the necessary searches, etc.
       * ldap.config.password - password for the bindDn for the root ldap connection

       until this process is better documented, the following is the document for configuration ldap with redback
      
       http://redback.codehaus.org/integration/ldap.html
    -->

    <!--
    
    this component manages the connection to the ldap server
     -->

    <!-- component>
      <role>org.codehaus.plexus.redback.common.ldap.connection.LdapConnectionFactory</role>
      <role-hint>configurable</role-hint>
      <implementation>org.codehaus.plexus.redback.common.ldap.connection.ConfigurableLdapConnectionFactory</implementation>
      <requirements>
        <requirement>
          <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
        </requirement>
      </requirements>
    </component-->
    
    <!-- 
    
    this component manages the mapping of attributes in ldap to user information in redback. To configure the mapping, you can add the following properties in your security.properties

       ============================================================
       ldap.config.mapper.attribute.email=mail
       ldap.config.mapper.attribute.fullname=givenName
       ldap.config.mapper.attribute.password=userPassword
       ldap.config.mapper.attribute.user.id=cn
       ldap.config.mapper.attribute.user.base.dn=
       ldap.config.mapper.attribute.user.object.class=inetOrgPerson
       ldap.config.mapper.attribute.user.filter=(attributeName=value)
       ============================================================


     * email-attribute - The name of the attribute on a user that contains the email address
     * full-name-attribute - The name of the attribute on a user that contains the users fullName
     * password-attribute - The name of the attribute containing the users password, used for the authentiction using the user manager and not the ldap bind authenticator
     * user-id-attribute - The name of the attribute containing the users userId, most commonly cn or sn.
     * user-base-dn - The base dn that will be subtree searched for users.
     * user-object-class - the objectClass used in the ldap server for indentifying users, most commonly inetOrgPerson.
     -->
    
    <!-- component>
      <role>org.codehaus.plexus.redback.common.ldap.UserMapper</role>
      <role-hint>ldap</role-hint>
      <implementation>org.codehaus.plexus.redback.common.ldap.LdapUserMapper</implementation>
      <configuration>
        <email-attribute>email</email-attribute>
        <full-name-attribute>givenName</full-name-attribute>
        <password-attribute>userPassword</password-attribute>
        <user-id-attribute>cn</user-id-attribute>
        <user-base-dn>o=com</user-base-dn>
        <user-object-class>inetOrgPerson</user-object-class>
      </configuration>
      <requirements>
        <requirement>
          <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
        </requirement>
      </requirements>
    </component-->
    
    <!--
     
    If caching is desired to improve performance then make uncomment this and make sure the following configuration parameter is in the security.properties
     
    user.manager.impl=cached
    -->
     
    <!-- component>
      <role>org.codehaus.plexus.redback.users.UserManager</role>
      <role-hint>cached</role-hint>
      <implementation>org.codehaus.plexus.redback.users.cached.CachedUserManager</implementation>
      <description>CachedUserManager</description>
      <requirements>
        <requirement>
          <role>org.codehaus.plexus.redback.users.UserManager</role>
          <role-hint>ldap</role-hint>
          <field-name>userImpl</field-name>
        </requirement>
        <requirement>
          <role>org.codehaus.plexus.ehcache.EhcacheComponent</role>
          <role-hint>users</role-hint>
          <field-name>usersCache</field-name>
        </requirement>
      </requirements>
    </component-->
    
    <!-- 
    
    if using the user manager authenticator to authenticate the user and not the ldap bind authenticator make sure
    this definition has the correct password encoder
    
    Note: you should probably just use the ldap bind authenticator which is enabled by putting
    
    ldap.bind.authenticator.enabled=true
    
    in the security.properties
    -->
    
    <!-- component>
      <role>org.codehaus.plexus.redback.policy.UserSecurityPolicy</role>
      <role-hint>default</role-hint>
      <implementation>org.codehaus.plexus.redback.policy.DefaultUserSecurityPolicy</implementation>
      <description>User Security Policy.</description>
      <requirements>
        <requirement>
          <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
          <field-name>config</field-name>
        </requirement>
        <requirement>
          <role>org.codehaus.plexus.redback.policy.PasswordEncoder</role>
          <role-hint>sha1</role-hint>
          <field-name>passwordEncoder</field-name>
        </requirement>
        <requirement>
          <role>org.codehaus.plexus.redback.policy.UserValidationSettings</role>
          <field-name>userValidationSettings</field-name>
        </requirement>
        <requirement>
          <role>org.codehaus.plexus.redback.policy.CookieSettings</role>
          <role-hint>rememberMe</role-hint>
          <field-name>rememberMeCookieSettings</field-name>
        </requirement>
        <requirement>
          <role>org.codehaus.plexus.redback.policy.CookieSettings</role>
          <role-hint>signon</role-hint>
          <field-name>signonCookieSettings</field-name>
        </requirement>
        <requirement>
          <role>org.codehaus.plexus.redback.policy.PasswordRule</role>
          <field-name>rules</field-name>
        </requirement>
      </requirements>
    </component-->
    <!-- END SNIPPET: ldap -->
  </components>

  <lifecycle-handler-manager implementation="org.codehaus.plexus.lifecycle.DefaultLifecycleHandlerManager">
    <default-lifecycle-handler-id>plexus</default-lifecycle-handler-id>
    <lifecycle-handlers>
      <lifecycle-handler implementation="org.codehaus.plexus.personality.plexus.PlexusLifecycleHandler">
        <id>plexus</id>
        <name>Plexus Lifecycle Handler</name>
        <begin-segment>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.LogEnablePhase"/>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.CompositionPhase"/>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.ContextualizePhase"/>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.AutoConfigurePhase"/>
          <phase implementation="org.codehaus.plexus.registry.RegistryConfigurePhase"/>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.ServiceablePhase"/>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializePhase"/>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.StartPhase"/>
        </begin-segment>
        <suspend-segment>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.SuspendPhase"/>
        </suspend-segment>
        <resume-segment>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.ResumePhase"/>
        </resume-segment>
        <end-segment>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.StopPhase"/>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.DisposePhase"/>
          <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.LogDisablePhase"/>
        </end-segment>
      </lifecycle-handler>
    </lifecycle-handlers>
  </lifecycle-handler-manager>
</plexus>