1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
------
Archiva Security Configuration
------
The Maven Team
------
17 February 2007
------
~~ Licensed to the Apache Software Foundation (ASF) under one
~~ or more contributor license agreements. See the NOTICE file
~~ distributed with this work for additional information
~~ regarding copyright ownership. The ASF licenses this file
~~ to you under the Apache License, Version 2.0 (the
~~ "License"); you may not use this file except in compliance
~~ with the License. You may obtain a copy of the License at
~~
~~ http://www.apache.org/licenses/LICENSE-2.0
~~
~~ Unless required by applicable law or agreed to in writing,
~~ software distributed under the License is distributed on an
~~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~~ KIND, either express or implied. See the License for the
~~ specific language governing permissions and limitations
~~ under the License.
~~ NOTE: For help with the syntax of this file, see:
~~ http://maven.apache.org/guides/mini/guide-apt-format.html
Archiva Security Configuration
* Properties
Archiva makes use of Redback to handle user ids, passwords and roles.
Security properties and password rules can be configured in the
<<<security.properties>>> file, which by default is searched for in:
* <<<~/.m2/security.properties>>>
* <<<$ARCHIVA_HOME/conf/security.properties>>>
[]
(In the above list, <<<~>>> is the home directory of the user who is running
Archiva, and <<<$ARCHIVA_HOME>>> is the directory where Archiva is installed,
such as <<</opt/archiva-1.0-SNAPSHOT>>>.)
~~ TODO: Link to plexus-redback documentation when available
Following are some of the properties you can modify. For a complete list,
consult the default properties file in Redback's svn repo:
{{{http://svn.codehaus.org/redback/redback/trunk/redback-configuration/src/main/resources/org/codehaus/plexus/redback/config-defaults.properties}
config-defaults.properties}}
+-----+
# Security Policies
#security.policy.password.encoder=
security.policy.password.previous.count=6
security.policy.password.expiration.days=90
security.policy.allowed.login.attempt=3
# Password Rules
security.policy.password.rule.alphanumeric.enabled=false
security.policy.password.rule.alphacount.enabled=true
security.policy.password.rule.alphacount.minimum=1
security.policy.password.rule.characterlength.enabled=true
security.policy.password.rule.characterlength.minimum=1
security.policy.password.rule.characterlength.maximum=8
security.policy.password.rule.musthave.enabled=true
security.policy.password.rule.numericalcount.enabled=true
security.policy.password.rule.numericalcount.minimum=1
security.policy.password.rule.reuse.enabled=true
security.policy.password.rule.nowhitespace.enabled=true
+-----+
<<Note:>> Archiva's list of configuration files is <itself> configurable, and
can be found in:
<<<$ARCHIVA_HOME/apps/archiva/webapp/WEB-INF/classes/META-INF/plexus/application.xml>>>
* Database
By default, Archiva uses embedded {{{http://db.apache.org/derby}Apache Derby}}
to store the user information. It can be configured to use an external database
by providing a JDBC driver and editing the <<<plexus.xml>>> file.
[[1]] Place the jar containing the JDBC driver in <<<$ARCHIVA_HOME/core>>>.
[[2]] Edit <<<$ARCHIVA_HOME/conf/plexus.xml>>>, providing the JDBC driver class
name, and the database url, username, and password.
[]
For example:
+------+
<!--
Datasources
-->
<resource>
<name>jdbc/users</name>
<type>javax.sql.DataSource</type>
<properties>
<property>
<name>driverClassName</name>
<value>org.apache.derby.jdbc.ClientDriver</value>
</property>
<property>
<name>url</name>
<value>jdbc:derby://localhost:1527/archiva-users;create=true</value>
</property>
<property>
<name>username</name>
<value>user1</value>
</property>
<property>
<name>password</name>
<value>user1</value>
</property>
</properties>
</resource>
+------+
More information about using Derby Network Server as an external user database
for Archiva can be found on the wiki:
{{{http://docs.codehaus.org/display/MAVENUSER/Archiva+User+DB+on+Derby+Network+Server}
Archiva User DB on Derby Network Server}}
|
