| <?xml version="1.0" encoding="ISO-8859-1"?> |
| <!-- |
| ~ Licensed to the Apache Software Foundation (ASF) under one |
| ~ or more contributor license agreements. See the NOTICE file |
| ~ distributed with this work for additional information |
| ~ regarding copyright ownership. The ASF licenses this file |
| ~ to you under the Apache License, Version 2.0 (the |
| ~ "License"); you may not use this file except in compliance |
| ~ with the License. You may obtain a copy of the License at |
| ~ |
| ~ http://www.apache.org/licenses/LICENSE-2.0 |
| ~ |
| ~ Unless required by applicable law or agreed to in writing, |
| ~ software distributed under the License is distributed on an |
| ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| ~ KIND, either express or implied. See the License for the |
| ~ specific language governing permissions and limitations |
| ~ under the License. |
| --> |
| |
| <plexus> |
| <components> |
| <component> |
| <role>org.codehaus.plexus.registry.Registry</role> |
| <implementation>org.codehaus.plexus.registry.commons.CommonsConfigurationRegistry</implementation> |
| <role-hint>commons-configuration</role-hint> |
| <configuration> |
| <properties> |
| <system/> |
| <jndi prefix="java:comp/env" config-optional="true"/> |
| <xml fileName="${user.home}/.m2/archiva.xml" config-optional="true" |
| config-name="org.apache.maven.archiva.user" |
| config-at="org.apache.maven.archiva"/> |
| <xml fileName="${user.home}/.m2/shared.xml" config-optional="true" |
| config-name="org.apache.maven.shared.app.user" config-at="org.apache.maven.shared.app" |
| config-forceCreate="true"/> |
| <properties fileName="${user.home}/.m2/security.properties" config-optional="true" |
| config-at="org.codehaus.plexus.redback"/> |
| <properties fileName="${user.home}/.m2/archiva.properties" config-optional="true" |
| config-at="org.codehaus.plexus.redback"/> |
| <xml fileName="${appserver.base}/conf/archiva.xml" config-optional="true" |
| config-name="org.apache.maven.archiva.base" |
| config-at="org.apache.maven.archiva"/> |
| <xml fileName="${appserver.base}/conf/shared.xml" config-optional="true" |
| config-name="org.apache.maven.shared.app.base" config-at="org.apache.maven.shared.app"/> |
| <xml fileName="${appserver.base}/conf/common.xml" config-optional="true"/> |
| <properties fileName="${appserver.base}/conf/security.properties" config-optional="true" |
| config-at="org.codehaus.plexus.redback"/> |
| <xml fileName="${appserver.home}/conf/archiva.xml" config-optional="true" |
| config-at="org.apache.maven.archiva"/> |
| <xml fileName="${appserver.home}/conf/shared.xml" config-optional="true" |
| config-at="org.apache.maven.shared.app"/> |
| <xml fileName="${appserver.home}/conf/common.xml" config-optional="true"/> |
| <properties fileName="${appserver.home}/conf/security.properties" config-optional="true" |
| config-at="org.codehaus.plexus.redback"/> |
| <properties fileName="org/apache/maven/archiva/security.properties" config-at="org.codehaus.plexus.redback"/> |
| </properties> |
| </configuration> |
| </component> |
| |
| <component> |
| <role>org.codehaus.plexus.mailsender.MailSender</role> |
| <implementation>org.codehaus.plexus.mailsender.javamail.JndiJavamailMailSender</implementation> |
| <configuration> |
| <jndiSessionName>java:comp/env/mail/Session</jndiSessionName> |
| </configuration> |
| </component> |
| |
| <component> |
| <role>org.codehaus.plexus.jdo.JdoFactory</role> |
| <role-hint>archiva</role-hint> |
| <implementation>org.codehaus.plexus.jdo.DataSourceConfigurableJdoFactory</implementation> |
| <configuration> |
| |
| <connectionFactoryName>java:comp/env/jdbc/archiva</connectionFactoryName> |
| <shutdownConnectionFactoryName>java:comp/env/jdbc/archivaShutdown</shutdownConnectionFactoryName> |
| |
| <!-- JPOX and JDO configuration --> |
| <persistenceManagerFactoryClass>org.jpox.PersistenceManagerFactoryImpl</persistenceManagerFactoryClass> |
| <otherProperties> |
| <property> |
| <name>org.jpox.autoCreateSchema</name> |
| <value>true</value> |
| </property> |
| <property> |
| <name>org.jpox.autoCreateColumns</name> |
| <value>true</value> |
| </property> |
| <property> |
| <name>org.jpox.validateTables</name> |
| <value>false</value> |
| </property> |
| <property> |
| <name>org.jpox.validateConstraints</name> |
| <value>false</value> |
| </property> |
| <property> |
| <name>org.jpox.validateColumns</name> |
| <value>false</value> |
| </property> |
| <property> |
| <name>org.jpox.autoStartMechanism</name> |
| <value>None</value> |
| </property> |
| <property> |
| <name>org.jpox.transactionIsolation</name> |
| <value>READ_COMMITTED</value> |
| </property> |
| <property> |
| <name>org.jpox.poid.transactionIsolation</name> |
| <value>READ_COMMITTED</value> |
| </property> |
| <property> |
| <name>org.jpox.rdbms.dateTimezone</name> |
| <value>JDK_DEFAULT_TIMEZONE</value> |
| </property> |
| <!-- NEEDED FOR POSTGRES, But causes problems in other JDBC implementations. |
| <property> |
| <name>org.jpox.identifier.case</name> |
| <value>PreserveCase</value> |
| </property> |
| --> |
| </otherProperties> |
| </configuration> |
| </component> |
| |
| <component> |
| <role>org.codehaus.plexus.jdo.JdoFactory</role> |
| <role-hint>users</role-hint> |
| <implementation>org.codehaus.plexus.jdo.DataSourceConfigurableJdoFactory</implementation> |
| <configuration> |
| |
| <connectionFactoryName>java:comp/env/jdbc/users</connectionFactoryName> |
| <shutdownConnectionFactoryName>java:comp/env/jdbc/usersShutdown</shutdownConnectionFactoryName> |
| |
| <!-- JPOX and JDO configuration --> |
| <persistenceManagerFactoryClass>org.jpox.PersistenceManagerFactoryImpl</persistenceManagerFactoryClass> |
| <otherProperties> |
| <property> |
| <name>org.jpox.autoCreateSchema</name> |
| <value>true</value> |
| </property> |
| <property> |
| <name>org.jpox.validateTables</name> |
| <value>false</value> |
| </property> |
| <property> |
| <name>org.jpox.validateConstraints</name> |
| <value>false</value> |
| </property> |
| <property> |
| <name>org.jpox.validateColumns</name> |
| <value>false</value> |
| </property> |
| <property> |
| <name>org.jpox.autoStartMechanism</name> |
| <value>None</value> |
| </property> |
| <property> |
| <name>org.jpox.transactionIsolation</name> |
| <value>READ_COMMITTED</value> |
| </property> |
| <property> |
| <name>org.jpox.poid.transactionIsolation</name> |
| <value>READ_COMMITTED</value> |
| </property> |
| <property> |
| <name>org.jpox.rdbms.dateTimezone</name> |
| <value>JDK_DEFAULT_TIMEZONE</value> |
| </property> |
| <!-- NEEDED FOR POSTGRES, But causes problems in other JDBC implementations. |
| <property> |
| <name>org.jpox.identifier.case</name> |
| <value>PreserveCase</value> |
| </property> |
| --> |
| </otherProperties> |
| </configuration> |
| </component> |
| |
| <!-- <component> |
| <role>org.apache.maven.archiva.webdav.util.MimeTypes</role> |
| <implementation>org.apache.maven.archiva.webdav.util.MimeTypes</implementation> |
| <description>MimeTypes</description> |
| <configuration> |
| <resource>archiva-mime-types.txt</resource> |
| </configuration> |
| </component> --> |
| |
| <!-- |
| | Logger manager |
| --> |
| <component> |
| <role>org.codehaus.plexus.logging.LoggerManager</role> |
| <implementation>org.codehaus.plexus.logging.slf4j.Slf4jLoggerManager</implementation> |
| <lifecycle-handler>basic</lifecycle-handler> |
| </component> |
| |
| <!-- |
| PLXREDBACK-81 bad role hint, redefining here until redback alpha-2 is released. |
| --> |
| <component> |
| <role>org.codehaus.plexus.redback.system.check.EnvironmentCheck</role> |
| <role-hint>locked-admin-check</role-hint> |
| <implementation>org.codehaus.plexus.redback.struts2.checks.security.LockedAdminEnvironmentCheck</implementation> |
| <description>LockedAdminEnvironmentCheck: checks if accounts marked as system administrator are locked |
| and unlocks them on startup. |
| </description> |
| <requirements> |
| <requirement> |
| <role>org.codehaus.plexus.redback.users.UserManager</role> |
| <role-hint>cached</role-hint> |
| <field-name>userManager</field-name> |
| </requirement> |
| <requirement> |
| <role>org.codehaus.plexus.redback.rbac.RBACManager</role> |
| <role-hint>cached</role-hint> |
| <field-name>rbacManager</field-name> |
| </requirement> |
| </requirements> |
| </component> |
| |
| <!-- START SNIPPET: ldap --> |
| <!-- |
| Ldap Authentication can be enabled by setting enabling these components and setting the following configuration options in your security.properties file |
| |
| ============================================================ |
| user.manager.impl=ldap |
| ldap.bind.authenticator.enabled=true |
| redback.default.admin=admin |
| redback.default.guest=guest |
| security.policy.password.expiration.enabled=false |
| |
| ldap.config.hostname=ldap.hostname |
| ldap.config.port=389 |
| ldap.config.base.dn=o=com |
| ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory |
| ldap.config.bind.dn=uid=myusername,o=com |
| ldap.config.password=s3cr3t |
| #ldap.config.authentication.method= |
| ============================================================ |
| |
| * ldap.config.hostname - The hostname of the ldap server |
| * ldap.config.port - The port of the ldap server |
| * ldap.config.base.dn - The baseDn of the ldap system |
| * ldap.config.context.factory - context factory for ldap connections |
| * ldap.config.bind.dn - the core user used for authentication the ldap server, must be able to perform the necessary searches, etc. |
| * ldap.config.password - password for the bindDn for the root ldap connection |
| |
| until this process is better documented, the following is the document for configuration ldap with redback |
| |
| http://redback.codehaus.org/integration/ldap.html |
| --> |
| |
| <!-- |
| |
| this component manages the connection to the ldap server |
| --> |
| |
| <!-- component> |
| <role>org.codehaus.plexus.redback.common.ldap.connection.LdapConnectionFactory</role> |
| <role-hint>configurable</role-hint> |
| <implementation>org.codehaus.plexus.redback.common.ldap.connection.ConfigurableLdapConnectionFactory</implementation> |
| <requirements> |
| <requirement> |
| <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role> |
| </requirement> |
| </requirements> |
| </component--> |
| |
| <!-- |
| |
| this component manages the mapping of attributes in ldap to user information in redback. To configure the mapping, you can add the following properties in your security.properties |
| |
| ============================================================ |
| ldap.config.mapper.attribute.email=mail |
| ldap.config.mapper.attribute.fullname=givenName |
| ldap.config.mapper.attribute.password=userPassword |
| ldap.config.mapper.attribute.user.id=cn |
| ldap.config.mapper.attribute.user.base.dn= |
| ldap.config.mapper.attribute.user.object.class=inetOrgPerson |
| ldap.config.mapper.attribute.user.filter=(attributeName=value) |
| ============================================================ |
| |
| |
| * email-attribute - The name of the attribute on a user that contains the email address |
| * full-name-attribute - The name of the attribute on a user that contains the users fullName |
| * password-attribute - The name of the attribute containing the users password, used for the authentiction using the user manager and not the ldap bind authenticator |
| * user-id-attribute - The name of the attribute containing the users userId, most commonly cn or sn. |
| * user-base-dn - The base dn that will be subtree searched for users. |
| * user-object-class - the objectClass used in the ldap server for indentifying users, most commonly inetOrgPerson. |
| --> |
| |
| <!-- component> |
| <role>org.codehaus.plexus.redback.common.ldap.UserMapper</role> |
| <role-hint>ldap</role-hint> |
| <implementation>org.codehaus.plexus.redback.common.ldap.LdapUserMapper</implementation> |
| <configuration> |
| <email-attribute>email</email-attribute> |
| <full-name-attribute>givenName</full-name-attribute> |
| <password-attribute>userPassword</password-attribute> |
| <user-id-attribute>cn</user-id-attribute> |
| <user-base-dn>o=com</user-base-dn> |
| <user-object-class>inetOrgPerson</user-object-class> |
| </configuration> |
| <requirements> |
| <requirement> |
| <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role> |
| </requirement> |
| </requirements> |
| </component--> |
| |
| <!-- |
| |
| If caching is desired to improve performance then make uncomment this and make sure the following configuration parameter is in the security.properties |
| |
| user.manager.impl=cached |
| --> |
| |
| <!-- component> |
| <role>org.codehaus.plexus.redback.users.UserManager</role> |
| <role-hint>cached</role-hint> |
| <implementation>org.codehaus.plexus.redback.users.cached.CachedUserManager</implementation> |
| <description>CachedUserManager</description> |
| <requirements> |
| <requirement> |
| <role>org.codehaus.plexus.redback.users.UserManager</role> |
| <role-hint>ldap</role-hint> |
| <field-name>userImpl</field-name> |
| </requirement> |
| <requirement> |
| <role>org.codehaus.plexus.ehcache.EhcacheComponent</role> |
| <role-hint>users</role-hint> |
| <field-name>usersCache</field-name> |
| </requirement> |
| </requirements> |
| </component--> |
| |
| <!-- |
| |
| if using the user manager authenticator to authenticate the user and not the ldap bind authenticator make sure |
| this definition has the correct password encoder |
| |
| Note: you should probably just use the ldap bind authenticator which is enabled by putting |
| |
| ldap.bind.authenticator.enabled=true |
| |
| in the security.properties |
| --> |
| |
| <!-- component> |
| <role>org.codehaus.plexus.redback.policy.UserSecurityPolicy</role> |
| <role-hint>default</role-hint> |
| <implementation>org.codehaus.plexus.redback.policy.DefaultUserSecurityPolicy</implementation> |
| <description>User Security Policy.</description> |
| <requirements> |
| <requirement> |
| <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role> |
| <field-name>config</field-name> |
| </requirement> |
| <requirement> |
| <role>org.codehaus.plexus.redback.policy.PasswordEncoder</role> |
| <role-hint>sha1</role-hint> |
| <field-name>passwordEncoder</field-name> |
| </requirement> |
| <requirement> |
| <role>org.codehaus.plexus.redback.policy.UserValidationSettings</role> |
| <field-name>userValidationSettings</field-name> |
| </requirement> |
| <requirement> |
| <role>org.codehaus.plexus.redback.policy.CookieSettings</role> |
| <role-hint>rememberMe</role-hint> |
| <field-name>rememberMeCookieSettings</field-name> |
| </requirement> |
| <requirement> |
| <role>org.codehaus.plexus.redback.policy.CookieSettings</role> |
| <role-hint>signon</role-hint> |
| <field-name>signonCookieSettings</field-name> |
| </requirement> |
| <requirement> |
| <role>org.codehaus.plexus.redback.policy.PasswordRule</role> |
| <field-name>rules</field-name> |
| </requirement> |
| </requirements> |
| </component--> |
| <!-- END SNIPPET: ldap --> |
| </components> |
| |
| <lifecycle-handler-manager implementation="org.codehaus.plexus.lifecycle.DefaultLifecycleHandlerManager"> |
| <default-lifecycle-handler-id>plexus</default-lifecycle-handler-id> |
| <lifecycle-handlers> |
| <lifecycle-handler implementation="org.codehaus.plexus.personality.plexus.PlexusLifecycleHandler"> |
| <id>plexus</id> |
| <name>Plexus Lifecycle Handler</name> |
| <begin-segment> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.LogEnablePhase"/> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.CompositionPhase"/> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.ContextualizePhase"/> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.AutoConfigurePhase"/> |
| <phase implementation="org.codehaus.plexus.registry.RegistryConfigurePhase"/> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.ServiceablePhase"/> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializePhase"/> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.StartPhase"/> |
| </begin-segment> |
| <suspend-segment> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.SuspendPhase"/> |
| </suspend-segment> |
| <resume-segment> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.ResumePhase"/> |
| </resume-segment> |
| <end-segment> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.StopPhase"/> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.DisposePhase"/> |
| <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.LogDisablePhase"/> |
| </end-segment> |
| </lifecycle-handler> |
| </lifecycle-handlers> |
| </lifecycle-handler-manager> |
| </plexus> |