--- /dev/null
+ ------
+ Archiva Security Configuration
+ ------
+ The Maven Team
+ ------
+ 17 February 2007
+ ------
+
+~~ Licensed to the Apache Software Foundation (ASF) under one
+~~ or more contributor license agreements. See the NOTICE file
+~~ distributed with this work for additional information
+~~ regarding copyright ownership. The ASF licenses this file
+~~ to you under the Apache License, Version 2.0 (the
+~~ "License"); you may not use this file except in compliance
+~~ with the License. You may obtain a copy of the License at
+~~
+~~ http://www.apache.org/licenses/LICENSE-2.0
+~~
+~~ Unless required by applicable law or agreed to in writing,
+~~ software distributed under the License is distributed on an
+~~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+~~ KIND, either express or implied. See the License for the
+~~ specific language governing permissions and limitations
+~~ under the License.
+
+~~ NOTE: For help with the syntax of this file, see:
+~~ http://maven.apache.org/guides/mini/guide-apt-format.html
+
+Archiva Security Configuration
+
+* Properties
+
+ Archiva makes use of Plexus Security to handle user ids, passwords and roles.
+
+ Security properties and password rules can be configured in the
+ <<<security.properties>>> file, which by default is searched for in:
+
+ * <<<~/.m2/security.properties>>>
+
+ * <<<$ARCHIVA_HOME/conf/security.properties>>>
+
+ * <<<$ARCHIVA_HOME/apps/archiva/conf/security.properties>>>
+
+ []
+
+ (In the above list, <<<~>>> is the home directory of the user who is running
+ Archiva, and <<<$ARCHIVA_HOME>>> is the directory where Archiva is installed,
+ such as <<</opt/archiva-1.0-SNAPSHOT>>>.)
+
+~~ TODO: Link to plexus-security documentation when available
+
+ Following are some of the properties you can modify. For a complete list,
+ consult the default properties file in Plexus Security's svn repo:
+ {{{http://svn.codehaus.org/plexus/plexus-security/trunk/configuration/src/main/resources/org/codehaus/plexus/security/config-defaults.properties}
+ config-defaults.properties}}
+
++-----+
+# Security Policies
+#security.policy.password.encoder=
+security.policy.password.previous.count=6
+security.policy.password.expiration.days=90
+security.policy.allowed.login.attempt=3
+
+# Password Rules
+security.policy.password.rule.alphanumeric.enabled=false
+security.policy.password.rule.alphacount.enabled=true
+security.policy.password.rule.alphacount.minimum=1
+security.policy.password.rule.characterlength.enabled=true
+security.policy.password.rule.characterlength.minimum=1
+security.policy.password.rule.characterlength.maximum=8
+security.policy.password.rule.musthave.enabled=true
+security.policy.password.rule.numericalcount.enabled=true
+security.policy.password.rule.numericalcount.minimum=1
+security.policy.password.rule.reuse.enabled=true
+security.policy.password.rule.nowhitespace.enabled=true
++-----+
+
+ <<Note:>> Archiva's list of configuration files is <itself> configurable, and
+ can be found in:
+ <<<$ARCHIVA_HOME/apps/archiva/webapp/WEB-INF/classes/META-INF/plexus/application.xml>>>
+
+* Database
+
+ TODO
+
+ * {{{http://docs.codehaus.org/display/MAVENUSER/Archiva+User+DB+on+Derby+Network+Server}
+ Archiva User DB on Derby Network Server}}
projects / archiva.git / commitdiff