Archiva Security Configuration
- Security properties and password rules can be configured in the
- <<<security.properties>>> file, which by default is searched for in:
+ Security properties and password rules are configured now in the Redback Runtime Configuration
+ properties (see {{{./redback-runtime-configuration.html#Runtime_properties}Redback Runtime Configuration}}).
- * <<<~/.m2/security.properties>>>
-
- * <<<conf/security.properties>>> in the Archiva installation
+ The Redback Runtime Configuration properties are stored in <<<archiva.xml>>>.
+ The former <<<security.properties>>> file, if it exists, is only used once for populating the
+ Runtime Configuration settings. After that, this file will be ignored.
[]
- (In the above list, <<<~>>> is the home directory of the user who is running
- Archiva.)
~~TODO: Link to plexus-redback documentation when available
- Following are some of the properties you can modify. For a complete list,
- consult the default properties file in Redback's svn repo:
+ These are the default properties. The file can be found in in Redback's svn repo:
{{{http://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties}
config-defaults.properties}}
-+-----+
-# Security Policies
-# -----------------
-#security.policy.password.encoder=
-security.policy.password.previous.count=6
-security.policy.password.expiration.days=90
-security.policy.password.expiration.enabled=true
-security.policy.allowed.login.attempt=3
-
-# Password Rules
-# --------------
-security.policy.password.rule.alphanumeric.enabled=false
-security.policy.password.rule.alphacount.enabled=true
-security.policy.password.rule.alphacount.minimum=1
-security.policy.password.rule.characterlength.enabled=true
-security.policy.password.rule.characterlength.minimum=1
-security.policy.password.rule.characterlength.maximum=8
-security.policy.password.rule.musthave.enabled=true
-security.policy.password.rule.numericalcount.enabled=true
-security.policy.password.rule.numericalcount.minimum=1
-security.policy.password.rule.reuse.enabled=true
-security.policy.password.rule.nowhitespace.enabled=true
-
-# Cross Site Request Forgery (CSRF) Prevention
-# --------------------------------------------
-# Enable/Disable CSRF filtering.
-# Possible values: true, false
-rest.csrffilter.enabled=true
-# Base URL used to verify the origin headers of the requests. If not set or empty
-# it tries to determine the base url automatically
-rest.baseUrl=
-# What to do, if the request contains no Origin or Referer header.
-# If true, requests without Origin or Referer Header are denied, otherwise accepted.
-# Possible values: true, false
-rest.csrffilter.absentorigin.deny=true
-# Enable/Disable the token validation only.
-# If true, the validation of the CSRF tokens will be disabled.
-# Possible values: true, false
-rest.csrffilter.disableTokenValidation=false
-+-----+
-
+%{snippet|ignoreDownloadError=true|url=https://raw.githubusercontent.com/apache/archiva-redback-core/master/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties}
+
<<Note:>> If installed standalone, Archiva's list of configuration files is <itself> configurable, and
can be found in:
<<<apps/archiva/WEB-INF/applicationContext.xml>>>
Managed repository fields:
- * <<identifier>> - the id of the repository. This must be unique.
-
- * <<name>> - the name of the repository.
-
- * <<directory>> - the location of the repository. If the path specified does not
- exist, Archiva will create the missing directories.
-
- * <<index directory>> - the location of the index files generated by Archiva. If
- no location is specified, then the index directory (named <<<.indexer>>>)
- will be created at the root of the repository directory.
- This directory contains the packaged/bundled index which is consumed by different consumers of the index such as M2Eclipse.
-
- * <<type>> - the repository layout (maven 2 or maven 1)
-
- * <<cron>> - the
- {{{http://quartz-scheduler.org/api/2.1.5/org/quartz/CronTrigger.html}cron schedule}} when
- repository scanning will be executed.
-
- * <<repository purge by days older>> - the first option for repository purge.
- Archiva will check how old the artifact is and if it is older than the set
- number of days in this field, then the artifact will be deleted respecting
- the retention count of course. In order to disable the purge by
- number of days old and set Archiva to purge by retention count, just set the
- repository purge field to 0. The maximum number of days which can be set
- here is 1000. See the Repository Purge section below for more details.
-~~ above was:the retention count (see #7) of course no idea what is was linkeed to
-
- * <<repository purge by retention count>> - the second option for repository
- purge. When running the repository purge, Archiva will retain only the
- number of artifacts set for this field for a specific snapshot version. See
- the Repository Purge section below for more details.
-
- * <<releases included>> - specifies whether there are released artifacts in the
- repository.
-
- * <<block re-deployment of released artifacts>> - specifies whether released
- artifacts that are already existing in the repository can be overwritten.
- Note that this only take effects for non-snapshot deployments.
-
- * <<snapshots included>> - specifies whether there are snapshot artifacts in the
- repository.
-
- * <<scannable>> - specifies whether the repository can be scanned, meaning it is
- a local repository which can be indexed, browsed, purged, etc.
-
- * <<delete released snapshots>> - specifies whether to remove those snapshot
- artifacts which already has release versions of it in the repository during
- repository purge.
-
- * << Skip Packed Index creation >> - avoid creation of compressed index for IDE usage.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Id>> | The identifier of the repository. This must be unique.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Name>> | The name of the repository. This is the display name.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Directory>> | The location of the repository. If the path specified does not
+| | exist, Archiva will create the missing directories.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Index Directory>> | The location of the index files generated by Archiva. If
+| | no location is specified, then the index directory (named <<<.indexer>>>)
+| | will be created at the root of the repository directory.
+| | This directory contains the packaged/bundled index which is consumed by different
+| | consumers of the index such as M2Eclipse.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Type>> | The repository layout (maven 2 or maven 1)
+*----------------------+----------------------------------------------------------------------------------+
+| <<Cron Expression>> | The
+| | {{{http://www.quartz-scheduler.org/documentation/quartz-2.x/tutorials/crontrigger.html}cron schedule}}
+| | when repository scanning will be executed.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Days Older>> | The first option for repository purge.
+| | Archiva will check how old the artifact is and if it is older than the set
+| | number of days in this field, then the artifact will be deleted respecting
+| | the retention count of course. In order to disable the purge by
+| | number of days old and set Archiva to purge by retention count, just set the
+| | repository purge field to 0. The maximum number of days which can be set
+| | here is 1000. See the Repository Purge section below for more details.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Retention Count>> | The second option for repository purge. When running the repository purge,
+| | Archiva will retain only the number of artifacts set for this field for a
+| | specific snapshot version. See the Repository Purge section below for more details.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Description>> | Additional information about the repository.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Releases>> | Specifies whether there are released artifacts in the repository.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Snapshots>> | Specifies whether there are snapshot artifacts in the repository.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Block Redeployments>> | Specifies whether released artifacts that are already existing in the
+| | repository can be overwritten. Note that this only take effects for non-snapshot
+| | deployments.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Scanned>> | Specifies whether the repository can be scanned, meaning it is a local repository
+| | which should be indexed, purged, etc.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Delete Released Snapshots>> | Specifies whether to remove those snapshot artifacts which already has
+| | release versions of it in the repository during repository purge.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Staging Repository>>| Automatic creation of a stage repository for this local repository.
+*----------------------+----------------------------------------------------------------------------------+
+|<< Skip Packed Index Creation>> | Avoid creation of compressed index for IDE usage.
+*----------------------+----------------------------------------------------------------------------------+
[]
Remote repository fields:
- * <<identifier>> - the id of the remote repository.
-
- * <<name>> - the name of the remote repository.
-
- * <<url>> - the url of the remote repository. It is also possible to use a
- 'file://' url to proxy a local repository. Be careful that if this local
- repository is a managed repository of archiva which has some proxies
- connectors, those ones won't be triggered.
-
- * <<username>> - the username (if authentication is needed) to be used to access
- the repository.
-
- * <<password>> - the password (if authentication is needed) to be used to access
- the repository.
-
- * <<type>> - the layout (maven 2 or maven 1) of the remote repository.
-
- * <<Activate download remote index>> - to activate downloading remote index to
- add available remote artifacts in search queries.
-
- * <<Remote index url, can be relative to url>> - path of the remote index
- directory.
-
- * <<Cron expression>> - cron expression for downloading remote index (default
- weekly on sunday)
-
- * <<Directory index storage>> - path to store index directory, default will be
- $\{appserver.base\}/data/remotes/$\{repositoryId\}/.indexer
-
- * <<Download Remote Index Timeout in seconds>> - read time out for downloading
- remote index files (default 300)
-
- * <<Network Proxy to Use for download Remote Index>> - proxy to use for
- downloading remote index files.
-
- * <<Download Remote Index on Startup>> - will download remote index on Archiva startup.
-
- * <<Additionnal url parameters>> - key/value pairs to add to url when querying remote repository.
-
- * <<Additionnal Http Headers>> - key/value pairs to add as http headers when querying remote repository.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Id>> | The identifier of the remote repository. |
+*----------------------+----------------------------------------------------------------------------------+
+| <<Name>> | The name of the remote repository. |
+*----------------------+----------------------------------------------------------------------------------+
+| <<Url>> | The url of the remote repository. It is also possible to use a
+| | 'file://' url to proxy a local repository. Be careful that if this local
+| | repository is a managed repository of archiva which has some proxies
+| | connectors, those ones won't be triggered. |
+*----------------------+----------------------------------------------------------------------------------+
+| <<Username>> | The username (if authentication is needed) to be used to access
+| | the repository.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Password>> | The password (if authentication is needed) to be used to access
+| | the repository.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Download Timeout>> | The time in seconds after which a download from the remote repository is stopped.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Type>> | The layout (maven 2 or maven 1) of the remote repository.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Download Remote Index>> | To activate downloading remote index to
+| | add available remote artifacts in search queries.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Remote Index Url>> | Can be relative to Url - path of the remote index
+| | directory.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Cron expression>> | Cron expression for downloading remote index (default
+| | weekly on sunday)
+*----------------------+----------------------------------------------------------------------------------+
+| <<Index Directory>> | Path to store index directory, default will be
+| | $\{appserver.base\}/data/remotes/$\{repositoryId\}/.indexer
+*----------------------+----------------------------------------------------------------------------------+
+| <<Download Remote Index Timeout>> | Time in seconds, after which download of remote index files will be
+| | stopped (default 300).
+*----------------------+----------------------------------------------------------------------------------+
+| <<Proxy for Remote Download Index>> | Proxy to use for downloading remote index files.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Download Remote Index on Startup>> | If selected, the remote index will be downloaded on Archiva
+| | startup.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Description>> | Can be used to store additional information about the repository.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Connection Check Path>> | If set, the connection to the remote repository is checked by validating the
+| | existence of the given file / artifact. Some repositories do not allow to browse
+| | the base directory and the standard check may fail. The path is relative to the
+| | repository Url.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Additionnal Url Parameters>> | Key/Value pairs to add to url when querying remote repository.
+*----------------------+----------------------------------------------------------------------------------+
+| <<Additionnal Http Headers>> | Key/Value pairs to add as http headers when querying remote repository.
+*----------------------+----------------------------------------------------------------------------------+
[]
projects / archiva.git / commitdiff