diff options
Diffstat (limited to 'archiva-docs/src/site/apt')
5 files changed, 124 insertions, 146 deletions
diff --git a/archiva-docs/src/site/apt/adminguide/configuration-files.apt.vm b/archiva-docs/src/site/apt/adminguide/configuration-files.apt.vm index 7b7fe8e55..22f17dc16 100644 --- a/archiva-docs/src/site/apt/adminguide/configuration-files.apt.vm +++ b/archiva-docs/src/site/apt/adminguide/configuration-files.apt.vm @@ -31,7 +31,9 @@ Configuration Files of Apache Archiva * <<<archiva.xml>>> - this is the primary Archiva configuration file - * <<<security.properties>>> - this configures the security as described in the {{{./security.html} security configuration documentation}} + * <<<security.properties>>> - This file, if it exists, is only read once to populate the + Redback Runtime Configuration properties (see {{{./redback-runtime-configuration.html#Runtime_Properties}Redback Runtime Configuration}}, + stored in <<<archiva.xml>>>. The file will be ignored after this. This section will focus on the <<<archiva.xml>>> file. diff --git a/archiva-docs/src/site/apt/adminguide/customising-security.apt b/archiva-docs/src/site/apt/adminguide/customising-security.apt index d42c2275c..797b2f309 100644 --- a/archiva-docs/src/site/apt/adminguide/customising-security.apt +++ b/archiva-docs/src/site/apt/adminguide/customising-security.apt @@ -27,66 +27,24 @@ Archiva Security Configuration - Security properties and password rules can be configured in the - <<<security.properties>>> file, which by default is searched for in: + Security properties and password rules are configured now in the Redback Runtime Configuration + properties (see {{{./redback-runtime-configuration.html#Runtime_properties}Redback Runtime Configuration}}). - * <<<~/.m2/security.properties>>> - - * <<<conf/security.properties>>> in the Archiva installation + The Redback Runtime Configuration properties are stored in <<<archiva.xml>>>. + The former <<<security.properties>>> file, if it exists, is only used once for populating the + Runtime Configuration settings. After that, this file will be ignored. [] - (In the above list, <<<~>>> is the home directory of the user who is running - Archiva.) ~~TODO: Link to plexus-redback documentation when available - Following are some of the properties you can modify. For a complete list, - consult the default properties file in Redback's svn repo: + These are the default properties. The file can be found in in Redback's svn repo: {{{http://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties} config-defaults.properties}} -+-----+ -# Security Policies -# ----------------- -#security.policy.password.encoder= -security.policy.password.previous.count=6 -security.policy.password.expiration.days=90 -security.policy.password.expiration.enabled=true -security.policy.allowed.login.attempt=3 - -# Password Rules -# -------------- -security.policy.password.rule.alphanumeric.enabled=false -security.policy.password.rule.alphacount.enabled=true -security.policy.password.rule.alphacount.minimum=1 -security.policy.password.rule.characterlength.enabled=true -security.policy.password.rule.characterlength.minimum=1 -security.policy.password.rule.characterlength.maximum=8 -security.policy.password.rule.musthave.enabled=true -security.policy.password.rule.numericalcount.enabled=true -security.policy.password.rule.numericalcount.minimum=1 -security.policy.password.rule.reuse.enabled=true -security.policy.password.rule.nowhitespace.enabled=true - -# Cross Site Request Forgery (CSRF) Prevention -# -------------------------------------------- -# Enable/Disable CSRF filtering. -# Possible values: true, false -rest.csrffilter.enabled=true -# Base URL used to verify the origin headers of the requests. If not set or empty -# it tries to determine the base url automatically -rest.baseUrl= -# What to do, if the request contains no Origin or Referer header. -# If true, requests without Origin or Referer Header are denied, otherwise accepted. -# Possible values: true, false -rest.csrffilter.absentorigin.deny=true -# Enable/Disable the token validation only. -# If true, the validation of the CSRF tokens will be disabled. -# Possible values: true, false -rest.csrffilter.disableTokenValidation=false -+-----+ - +%{snippet|ignoreDownloadError=true|url=https://raw.githubusercontent.com/apache/archiva-redback-core/master/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties} + <<Note:>> If installed standalone, Archiva's list of configuration files is <itself> configurable, and can be found in: <<<apps/archiva/WEB-INF/applicationContext.xml>>> diff --git a/archiva-docs/src/site/apt/adminguide/redback-runtime-configuration.apt b/archiva-docs/src/site/apt/adminguide/redback-runtime-configuration.apt index 143589a34..7e000aa7e 100644 --- a/archiva-docs/src/site/apt/adminguide/redback-runtime-configuration.apt +++ b/archiva-docs/src/site/apt/adminguide/redback-runtime-configuration.apt @@ -29,7 +29,7 @@ Apache Archiva Redback Runtime Configuration * Apache Redback User Manager/RbacManager Implementations - Since 1.4-M4, you can choose to switch dynamically + You can choose to switch dynamically * User Manager Implementations (from Database and/or LDAP). @@ -49,7 +49,7 @@ Apache Archiva Redback Runtime Configuration * LDAP Group-Roles mapping - Since 1.4-M4, you can map dynamically LDAP Group to Archiva Roles + You can map dynamically LDAP Group to Archiva Roles [../images/ldap-group-roles-mapping.png] diff --git a/archiva-docs/src/site/apt/adminguide/repositories.apt b/archiva-docs/src/site/apt/adminguide/repositories.apt index 850b30a3d..7ec7753af 100644 --- a/archiva-docs/src/site/apt/adminguide/repositories.apt +++ b/archiva-docs/src/site/apt/adminguide/repositories.apt @@ -42,56 +42,58 @@ Understanding Repository Configuration of Apache Archiva Managed repository fields: - * <<identifier>> - the id of the repository. This must be unique. - - * <<name>> - the name of the repository. - - * <<directory>> - the location of the repository. If the path specified does not - exist, Archiva will create the missing directories. - - * <<index directory>> - the location of the index files generated by Archiva. If - no location is specified, then the index directory (named <<<.indexer>>>) - will be created at the root of the repository directory. - This directory contains the packaged/bundled index which is consumed by different consumers of the index such as M2Eclipse. - - * <<type>> - the repository layout (maven 2 or maven 1) - - * <<cron>> - the - {{{http://quartz-scheduler.org/api/2.1.5/org/quartz/CronTrigger.html}cron schedule}} when - repository scanning will be executed. - - * <<repository purge by days older>> - the first option for repository purge. - Archiva will check how old the artifact is and if it is older than the set - number of days in this field, then the artifact will be deleted respecting - the retention count of course. In order to disable the purge by - number of days old and set Archiva to purge by retention count, just set the - repository purge field to 0. The maximum number of days which can be set - here is 1000. See the Repository Purge section below for more details. -~~ above was:the retention count (see #7) of course no idea what is was linkeed to - - * <<repository purge by retention count>> - the second option for repository - purge. When running the repository purge, Archiva will retain only the - number of artifacts set for this field for a specific snapshot version. See - the Repository Purge section below for more details. - - * <<releases included>> - specifies whether there are released artifacts in the - repository. - - * <<block re-deployment of released artifacts>> - specifies whether released - artifacts that are already existing in the repository can be overwritten. - Note that this only take effects for non-snapshot deployments. - - * <<snapshots included>> - specifies whether there are snapshot artifacts in the - repository. - - * <<scannable>> - specifies whether the repository can be scanned, meaning it is - a local repository which can be indexed, browsed, purged, etc. - - * <<delete released snapshots>> - specifies whether to remove those snapshot - artifacts which already has release versions of it in the repository during - repository purge. - - * << Skip Packed Index creation >> - avoid creation of compressed index for IDE usage. +*----------------------+----------------------------------------------------------------------------------+ +| <<Id>> | The identifier of the repository. This must be unique. +*----------------------+----------------------------------------------------------------------------------+ +| <<Name>> | The name of the repository. This is the display name. +*----------------------+----------------------------------------------------------------------------------+ +| <<Directory>> | The location of the repository. If the path specified does not +| | exist, Archiva will create the missing directories. +*----------------------+----------------------------------------------------------------------------------+ +| <<Index Directory>> | The location of the index files generated by Archiva. If +| | no location is specified, then the index directory (named <<<.indexer>>>) +| | will be created at the root of the repository directory. +| | This directory contains the packaged/bundled index which is consumed by different +| | consumers of the index such as M2Eclipse. +*----------------------+----------------------------------------------------------------------------------+ +| <<Type>> | The repository layout (maven 2 or maven 1) +*----------------------+----------------------------------------------------------------------------------+ +| <<Cron Expression>> | The +| | {{{http://www.quartz-scheduler.org/documentation/quartz-2.x/tutorials/crontrigger.html}cron schedule}} +| | when repository scanning will be executed. +*----------------------+----------------------------------------------------------------------------------+ +| <<Days Older>> | The first option for repository purge. +| | Archiva will check how old the artifact is and if it is older than the set +| | number of days in this field, then the artifact will be deleted respecting +| | the retention count of course. In order to disable the purge by +| | number of days old and set Archiva to purge by retention count, just set the +| | repository purge field to 0. The maximum number of days which can be set +| | here is 1000. See the Repository Purge section below for more details. +*----------------------+----------------------------------------------------------------------------------+ +| <<Retention Count>> | The second option for repository purge. When running the repository purge, +| | Archiva will retain only the number of artifacts set for this field for a +| | specific snapshot version. See the Repository Purge section below for more details. +*----------------------+----------------------------------------------------------------------------------+ +| <<Description>> | Additional information about the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <<Releases>> | Specifies whether there are released artifacts in the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <<Snapshots>> | Specifies whether there are snapshot artifacts in the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <<Block Redeployments>> | Specifies whether released artifacts that are already existing in the +| | repository can be overwritten. Note that this only take effects for non-snapshot +| | deployments. +*----------------------+----------------------------------------------------------------------------------+ +| <<Scanned>> | Specifies whether the repository can be scanned, meaning it is a local repository +| | which should be indexed, purged, etc. +*----------------------+----------------------------------------------------------------------------------+ +| <<Delete Released Snapshots>> | Specifies whether to remove those snapshot artifacts which already has +| | release versions of it in the repository during repository purge. +*----------------------+----------------------------------------------------------------------------------+ +| <<Staging Repository>>| Automatic creation of a stage repository for this local repository. +*----------------------+----------------------------------------------------------------------------------+ +|<< Skip Packed Index Creation>> | Avoid creation of compressed index for IDE usage. +*----------------------+----------------------------------------------------------------------------------+ [] @@ -119,46 +121,57 @@ http://[URL TO ARCHIVA]/repository/[REPOSITORY ID] (e.g. http://localhost:8080/r Remote repository fields: - * <<identifier>> - the id of the remote repository. - - * <<name>> - the name of the remote repository. - - * <<url>> - the url of the remote repository. It is also possible to use a - 'file://' url to proxy a local repository. Be careful that if this local - repository is a managed repository of archiva which has some proxies - connectors, those ones won't be triggered. - - * <<username>> - the username (if authentication is needed) to be used to access - the repository. - - * <<password>> - the password (if authentication is needed) to be used to access - the repository. - - * <<type>> - the layout (maven 2 or maven 1) of the remote repository. - - * <<Activate download remote index>> - to activate downloading remote index to - add available remote artifacts in search queries. - - * <<Remote index url, can be relative to url>> - path of the remote index - directory. - - * <<Cron expression>> - cron expression for downloading remote index (default - weekly on sunday) - - * <<Directory index storage>> - path to store index directory, default will be - $\{appserver.base\}/data/remotes/$\{repositoryId\}/.indexer - - * <<Download Remote Index Timeout in seconds>> - read time out for downloading - remote index files (default 300) - - * <<Network Proxy to Use for download Remote Index>> - proxy to use for - downloading remote index files. - - * <<Download Remote Index on Startup>> - will download remote index on Archiva startup. - - * <<Additionnal url parameters>> - key/value pairs to add to url when querying remote repository. - - * <<Additionnal Http Headers>> - key/value pairs to add as http headers when querying remote repository. +*----------------------+----------------------------------------------------------------------------------+ +| <<Id>> | The identifier of the remote repository. | +*----------------------+----------------------------------------------------------------------------------+ +| <<Name>> | The name of the remote repository. | +*----------------------+----------------------------------------------------------------------------------+ +| <<Url>> | The url of the remote repository. It is also possible to use a +| | 'file://' url to proxy a local repository. Be careful that if this local +| | repository is a managed repository of archiva which has some proxies +| | connectors, those ones won't be triggered. | +*----------------------+----------------------------------------------------------------------------------+ +| <<Username>> | The username (if authentication is needed) to be used to access +| | the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <<Password>> | The password (if authentication is needed) to be used to access +| | the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <<Download Timeout>> | The time in seconds after which a download from the remote repository is stopped. +*----------------------+----------------------------------------------------------------------------------+ +| <<Type>> | The layout (maven 2 or maven 1) of the remote repository. +*----------------------+----------------------------------------------------------------------------------+ +| <<Download Remote Index>> | To activate downloading remote index to +| | add available remote artifacts in search queries. +*----------------------+----------------------------------------------------------------------------------+ +| <<Remote Index Url>> | Can be relative to Url - path of the remote index +| | directory. +*----------------------+----------------------------------------------------------------------------------+ +| <<Cron expression>> | Cron expression for downloading remote index (default +| | weekly on sunday) +*----------------------+----------------------------------------------------------------------------------+ +| <<Index Directory>> | Path to store index directory, default will be +| | $\{appserver.base\}/data/remotes/$\{repositoryId\}/.indexer +*----------------------+----------------------------------------------------------------------------------+ +| <<Download Remote Index Timeout>> | Time in seconds, after which download of remote index files will be +| | stopped (default 300). +*----------------------+----------------------------------------------------------------------------------+ +| <<Proxy for Remote Download Index>> | Proxy to use for downloading remote index files. +*----------------------+----------------------------------------------------------------------------------+ +| <<Download Remote Index on Startup>> | If selected, the remote index will be downloaded on Archiva +| | startup. +*----------------------+----------------------------------------------------------------------------------+ +| <<Description>> | Can be used to store additional information about the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <<Connection Check Path>> | If set, the connection to the remote repository is checked by validating the +| | existence of the given file / artifact. Some repositories do not allow to browse +| | the base directory and the standard check may fail. The path is relative to the +| | repository Url. +*----------------------+----------------------------------------------------------------------------------+ +| <<Additionnal Url Parameters>> | Key/Value pairs to add to url when querying remote repository. +*----------------------+----------------------------------------------------------------------------------+ +| <<Additionnal Http Headers>> | Key/Value pairs to add as http headers when querying remote repository. +*----------------------+----------------------------------------------------------------------------------+ [] diff --git a/archiva-docs/src/site/apt/release-notes.apt.vm b/archiva-docs/src/site/apt/release-notes.apt.vm index c41871813..c650c146a 100644 --- a/archiva-docs/src/site/apt/release-notes.apt.vm +++ b/archiva-docs/src/site/apt/release-notes.apt.vm @@ -48,11 +48,16 @@ Release Notes for Archiva ${project.version} and Referer header of the HTTP requests and adding an validation token to the Header. This prevents requests from malicious sites if they are open in the same browser. If you use the REST services from other clients you may change the behaviour with the new - configuration properties for the redback security (rest.csrffilter.*, rest.baseUrl). + configuration properties for the redback security (<<<rest.csrffilter.*>>>, <<<rest.baseUrl>>>). For more information see {{{./adminguide/customising-security.html}Archiva Security Configuration}} and - the {{{/redback/integration/rest.html}Redback REST documentation }} + the {{{/redback/integration/rest.html}Redback REST documentation }}. - * Archiva uses redback for authentication and authorization in version 2.5 + <<Note:>> If your archiva installation is behind a reverse proxy or load balancer, it may be possible + that the Archiva Web UI does not load after the upgrade. If this is the case you may access the WebUI + via localhost or edit archiva.xml manually. In the "Redback Runtime Configuration" properties you have to + enter the base URLs of your archiva installation to the <<<rest.baseUrl>>> field. + + * Archiva uses redback for authentication and authorization in version 2.6 * Release Notes |