diff options
Diffstat (limited to 'archiva-docs/src/site/apt/guides/security-configuration.apt')
| -rw-r--r-- | archiva-docs/src/site/apt/guides/security-configuration.apt | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/archiva-docs/src/site/apt/guides/security-configuration.apt b/archiva-docs/src/site/apt/guides/security-configuration.apt new file mode 100644 index 000000000..2263cb409 --- /dev/null +++ b/archiva-docs/src/site/apt/guides/security-configuration.apt @@ -0,0 +1,126 @@ + ------ + Archiva Security Configuration + ------ + The Maven Team + ------ + 17 February 2007 + ------ + +~~ Licensed to the Apache Software Foundation (ASF) under one +~~ or more contributor license agreements. See the NOTICE file +~~ distributed with this work for additional information +~~ regarding copyright ownership. The ASF licenses this file +~~ to you under the Apache License, Version 2.0 (the +~~ "License"); you may not use this file except in compliance +~~ with the License. You may obtain a copy of the License at +~~ +~~ http://www.apache.org/licenses/LICENSE-2.0 +~~ +~~ Unless required by applicable law or agreed to in writing, +~~ software distributed under the License is distributed on an +~~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +~~ KIND, either express or implied. See the License for the +~~ specific language governing permissions and limitations +~~ under the License. + +~~ NOTE: For help with the syntax of this file, see: +~~ http://maven.apache.org/guides/mini/guide-apt-format.html + +Archiva Security Configuration + +* Properties + + Archiva makes use of Redback to handle user ids, passwords and roles. + + Security properties and password rules can be configured in the + <<<security.properties>>> file, which by default is searched for in: + + * <<<~/.m2/security.properties>>> + + * <<<$ARCHIVA_HOME/conf/security.properties>>> + + [] + + (In the above list, <<<~>>> is the home directory of the user who is running + Archiva, and <<<$ARCHIVA_HOME>>> is the directory where Archiva is installed, + such as <<</opt/archiva-1.0-SNAPSHOT>>>.) + +~~ TODO: Link to plexus-redback documentation when available + + Following are some of the properties you can modify. For a complete list, + consult the default properties file in Redback's svn repo: + {{{http://svn.codehaus.org/redback/redback/trunk/redback-configuration/src/main/resources/org/codehaus/plexus/redback/config-defaults.properties} + config-defaults.properties}} + ++-----+ +# Security Policies +#security.policy.password.encoder= +security.policy.password.previous.count=6 +security.policy.password.expiration.days=90 +security.policy.allowed.login.attempt=3 + +# Password Rules +security.policy.password.rule.alphanumeric.enabled=false +security.policy.password.rule.alphacount.enabled=true +security.policy.password.rule.alphacount.minimum=1 +security.policy.password.rule.characterlength.enabled=true +security.policy.password.rule.characterlength.minimum=1 +security.policy.password.rule.characterlength.maximum=8 +security.policy.password.rule.musthave.enabled=true +security.policy.password.rule.numericalcount.enabled=true +security.policy.password.rule.numericalcount.minimum=1 +security.policy.password.rule.reuse.enabled=true +security.policy.password.rule.nowhitespace.enabled=true ++-----+ + + <<Note:>> Archiva's list of configuration files is <itself> configurable, and + can be found in: + <<<$ARCHIVA_HOME/apps/archiva/webapp/WEB-INF/classes/META-INF/plexus/application.xml>>> + +* Database + + By default, Archiva uses embedded {{{http://db.apache.org/derby}Apache Derby}} + to store the user information. It can be configured to use an external database + by providing a JDBC driver and editing the <<<plexus.xml>>> file. + + [[1]] Place the jar containing the JDBC driver in <<<$ARCHIVA_HOME/core>>>. + + [[2]] Edit <<<$ARCHIVA_HOME/conf/plexus.xml>>>, providing the JDBC driver class + name, and the database url, username, and password. + + [] + + For example: + ++------+ +<!-- + Datasources +--> +<resource> + <name>jdbc/users</name> + <type>javax.sql.DataSource</type> + <properties> + <property> + <name>driverClassName</name> + <value>org.apache.derby.jdbc.ClientDriver</value> + </property> + <property> + <name>url</name> + <value>jdbc:derby://localhost:1527/archiva-users;create=true</value> + </property> + <property> + <name>username</name> + <value>user1</value> + </property> + <property> + <name>password</name> + <value>user1</value> + </property> + </properties> +</resource> ++------+ + + More information about using Derby Network Server as an external user database + for Archiva can be found on the wiki: + {{{http://docs.codehaus.org/display/MAVENUSER/Archiva+User+DB+on+Derby+Network+Server} + Archiva User DB on Derby Network Server}} |