| <!DOCTYPE html> |
| <!-- |
| | Generated by Apache Maven Doxia |
| | Rendered using Apache Maven Fluido Skin 1.3.1 |
| --> |
| <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
| <head> |
| <meta charset="UTF-8" /> |
| <meta name="viewport" content="width=device-width, initial-scale=1.0" /> |
| <meta name="Date-Creation-yyyymmdd" content="20110916" /> |
| <meta name="Date-Revision-yyyymmdd" content="20200614" /> |
| <meta http-equiv="Content-Language" content="en" /> |
| <title>Archiva Documentation – Archiva Security Configuration</title> |
| <link rel="stylesheet" href="../css/apache-maven-fluido-1.3.1.min.css" /> |
| <link rel="stylesheet" href="../css/site.css" /> |
| <link rel="stylesheet" href="../css/print.css" media="print" /> |
| |
| |
| <script type="text/javascript" src="../js/apache-maven-fluido-1.3.1.min.js"></script> |
| |
| |
| <!-- Google Analytics --> |
| <script type="text/javascript"> |
| |
| var _gaq = _gaq || []; |
| _gaq.push(['_setAccount', 'UA-140879-5']); |
| _gaq.push(['_trackPageview']); |
| |
| (function() { |
| var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; |
| ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; |
| var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); |
| })(); |
| |
| </script> |
| </head> |
| <body class="topBarDisabled"> |
| |
| |
| |
| |
| <div class="container-fluid"> |
| <div id="banner"> |
| <div class="pull-left"> |
| <a href="../../../" id="bannerLeft"> |
| <img src="../../../images/archiva.png" alt="Apache Archiva"/> |
| </a> |
| </div> |
| <div class="pull-right"> <a href="http://www.apache.org/" id="bannerRight"> |
| <img src="https://www.apache.org/images/asf_logo_wide_2016.png" alt="Apache Software Foundation"/> |
| </a> |
| </div> |
| <div class="clear"><hr/></div> |
| </div> |
| |
| <div id="breadcrumbs"> |
| <ul class="breadcrumb"> |
| |
| |
| <li class=""> |
| <a href="http://www.apache.org/" class="externalLink" title="Apache"> |
| Apache</a> |
| <span class="divider">/</span> |
| </li> |
| <li class=""> |
| <a href="../" title="Apache Archiva"> |
| Apache Archiva</a> |
| <span class="divider">/</span> |
| </li> |
| <li class=""> |
| <a href="../../../index.html" title="Apache Archiva"> |
| Apache Archiva</a> |
| <span class="divider">/</span> |
| </li> |
| <li class="active ">Archiva Security Configuration</li> |
| |
| |
| |
| <li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2020-06-14</li> |
| <li id="projectVersion" class="pull-right"> |
| Version: 2.2.5 |
| </li> |
| |
| </ul> |
| </div> |
| |
| |
| <div class="row-fluid"> |
| <div id="leftColumn" class="span2"> |
| <div class="well sidebar-nav"> |
| |
| |
| <ul class="nav nav-list"> |
| <li class="nav-header">Introduction</li> |
| |
| <li> |
| |
| <a href="../quick-start.html" title="Quick Start"> |
| <i class="none"></i> |
| Quick Start</a> |
| </li> |
| |
| <li> |
| |
| <a href="../tour/index.html" title="Feature Tour"> |
| <i class="none"></i> |
| Feature Tour</a> |
| </li> |
| |
| <li> |
| |
| <a href="../release-notes.html" title="Release Notes"> |
| <i class="none"></i> |
| Release Notes</a> |
| </li> |
| |
| <li> |
| |
| <a href="../../../download.html" title="Downloads"> |
| <i class="none"></i> |
| Downloads</a> |
| </li> |
| <li class="nav-header">Users Guide</li> |
| |
| <li> |
| |
| <a href="../userguide/browsing.html" title="Browsing"> |
| <i class="none"></i> |
| Browsing</a> |
| </li> |
| |
| <li> |
| |
| <a href="../userguide/searching.html" title="Searching"> |
| <i class="none"></i> |
| Searching</a> |
| </li> |
| |
| <li> |
| |
| <a href="../userguide/delete-artifact.html" title="Deleting an Artifact"> |
| <i class="none"></i> |
| Deleting an Artifact</a> |
| </li> |
| |
| <li> |
| |
| <a href="../userguide/using-repository.html" title="Using as a repository"> |
| <i class="none"></i> |
| Using as a repository</a> |
| </li> |
| |
| <li> |
| |
| <a href="../userguide/deploy.html" title="Deploying to repository"> |
| <i class="none"></i> |
| Deploying to repository</a> |
| </li> |
| |
| <li> |
| |
| <a href="../userguide/virtual-repositories.html" title="Configuring Virtual Repositories"> |
| <i class="none"></i> |
| Configuring Virtual Repositories</a> |
| </li> |
| |
| <li> |
| |
| <a href="../userguide/rss.html" title="Rss Feeds in Archiva"> |
| <i class="none"></i> |
| Rss Feeds in Archiva</a> |
| </li> |
| |
| <li> |
| |
| <a href="../userguide/querying-artifacts.html" title="Querying Artifacts"> |
| <i class="none"></i> |
| Querying Artifacts</a> |
| </li> |
| <li class="nav-header">Administrators Guide</li> |
| |
| <li> |
| |
| <a href="../adminguide/installing.html" title="Installing Archiva"> |
| <i class="icon-chevron-right"></i> |
| Installing Archiva</a> |
| </li> |
| |
| <li> |
| |
| <a href="../adminguide/databases.html" title="Databases"> |
| <i class="none"></i> |
| Databases</a> |
| </li> |
| |
| <li> |
| |
| <a href="../adminguide/repositories-content-storage.html" title="Repositories Content Storage"> |
| <i class="none"></i> |
| Repositories Content Storage</a> |
| </li> |
| |
| <li> |
| |
| <a href="../adminguide/security.html" title="Security"> |
| <i class="icon-chevron-down"></i> |
| Security</a> |
| <ul class="nav nav-list"> |
| |
| <li> |
| |
| <a href="../adminguide/users.html" title="Users"> |
| <i class="none"></i> |
| Users</a> |
| </li> |
| |
| <li> |
| |
| <a href="../adminguide/roles.html" title="Roles"> |
| <i class="none"></i> |
| Roles</a> |
| </li> |
| |
| <li class="active"> |
| |
| <a href="#"><i class="none"></i>Customising</a> |
| </li> |
| </ul> |
| </li> |
| |
| <li> |
| |
| <a href="../adminguide/configuration.html" title="Archiva Configuration"> |
| <i class="icon-chevron-right"></i> |
| Archiva Configuration</a> |
| </li> |
| |
| <li> |
| |
| <a href="../adminguide/webservices/rest.html" title="REST Apis"> |
| <i class="none"></i> |
| REST Apis</a> |
| </li> |
| |
| <li> |
| |
| <a href="../adminguide/configuration-files.html" title="Configuration Files"> |
| <i class="none"></i> |
| Configuration Files</a> |
| </li> |
| |
| <li> |
| |
| <a href="../adminguide/system-status.html" title="System Status"> |
| <i class="none"></i> |
| System Status</a> |
| </li> |
| |
| <li> |
| |
| <a href="../adminguide/logging.html" title="Log Files"> |
| <i class="icon-chevron-right"></i> |
| Log Files</a> |
| </li> |
| |
| <li> |
| |
| <a href="../adminguide/reports.html" title="Reports"> |
| <i class="none"></i> |
| Reports</a> |
| </li> |
| <li class="nav-header">Customising Archiva</li> |
| |
| <li> |
| |
| <a href="../customising/writing-consumer.html" title="Writing a Consumer Plugin"> |
| <i class="none"></i> |
| Writing a Consumer Plugin</a> |
| </li> |
| <li class="nav-header">More Information</li> |
| |
| <li> |
| |
| <a href="http://cwiki.apache.org/confluence/display/ARCHIVA/Index" class="externalLink" title="Archiva Wiki"> |
| <i class="none"></i> |
| Archiva Wiki</a> |
| </li> |
| <li class="nav-header">ASF</li> |
| |
| <li> |
| |
| <a href="http://www.apache.org/foundation/how-it-works.html" class="externalLink" title="How Apache Works"> |
| <i class="none"></i> |
| How Apache Works</a> |
| </li> |
| |
| <li> |
| |
| <a href="http://www.apache.org/foundation/" class="externalLink" title="Foundation"> |
| <i class="none"></i> |
| Foundation</a> |
| </li> |
| |
| <li> |
| |
| <a href="http://www.apache.org/foundation/sponsorship.html" class="externalLink" title="Sponsoring Apache"> |
| <i class="none"></i> |
| Sponsoring Apache</a> |
| </li> |
| |
| <li> |
| |
| <a href="http://www.apache.org/foundation/thanks.html" class="externalLink" title="Thanks"> |
| <i class="none"></i> |
| Thanks</a> |
| </li> |
| <li class="nav-header">Project Documentation</li> |
| |
| <li> |
| |
| <a href="../project-info.html" title="Project Information"> |
| <i class="icon-chevron-right"></i> |
| Project Information</a> |
| </li> |
| </ul> |
| |
| |
| <form id="search-form" action="http://www.google.com/search" method="get" > |
| |
| <input value="http://archiva.apache.org/docs/2.2.5/" name="sitesearch" type="hidden"/> |
| <input class="search-query" name="q" id="query" type="text" /> |
| </form> |
| <script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=search-form"></script> |
| |
| <hr /> |
| |
| <div id="poweredBy"> |
| <div class="clear"></div> |
| <div class="clear"></div> |
| |
| |
| |
| <div id="twitter"> |
| |
| <a href="https://twitter.com/archiva" class="twitter-follow-button" data-show-count="false" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow archiva</a> |
| <script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script> |
| |
| </div> |
| <div class="clear"></div> |
| <div class="clear"></div> |
| <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"> |
| <img class="builtBy" alt="Built by Maven" src="../images/logos/maven-feather.png" /> |
| </a> |
| </div> |
| </div> |
| </div> |
| |
| |
| <div id="bodyColumn" class="span10" > |
| |
| <!-- Licensed to the Apache Software Foundation (ASF) under one --><!-- or more contributor license agreements. See the NOTICE file --><!-- distributed with this work for additional information --><!-- regarding copyright ownership. The ASF licenses this file --><!-- to you under the Apache License, Version 2.0 (the --><!-- "License"); you may not use this file except in compliance --><!-- with the License. You may obtain a copy of the License at --><!-- --><!-- http://www.apache.org/licenses/LICENSE-2.0 --><!-- --><!-- Unless required by applicable law or agreed to in writing, --><!-- software distributed under the License is distributed on an --><!-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY --><!-- KIND, either express or implied. See the License for the --><!-- specific language governing permissions and limitations --><!-- under the License. --><!-- NOTE: For help with the syntax of this file, see: --><!-- http://maven.apache.org/guides/mini/guide-apt-format.html --><div class="section"> |
| <h2><a name="Archiva_Security_Configuration"></a>Archiva Security Configuration</h2> |
| <p>Security properties and password rules are configured now in the Redback Runtime Configuration properties (see <a href="./redback-runtime-configuration.html#Runtime_properties">Redback Runtime Configuration</a>).</p> |
| <p>The Redback Runtime Configuration properties are stored in <tt>archiva.xml</tt>. The former <tt>security.properties</tt> file, if it exists, is only used once for populating the Runtime Configuration settings. After that, this file will be ignored.</p><!-- TODO: Link to plexus-redback documentation when available --> |
| <p>These are the default properties. The file can be found in in Redback's svn repo: <a class="externalLink" href="http://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties"> config-defaults.properties</a></p> |
| <div class="source"> |
| <pre># Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| |
| # -------------------------------------------------------------------- |
| # Application Configuration |
| |
| application.timestamp=EEE d MMM yyyy HH:mm:ss Z |
| |
| # -------------------------------------------------------------------- |
| # JDBC Setup |
| |
| #jdbc.driver.name=org.apache.derby.jdbc.EmbeddedDriver |
| #jdbc.url=jdbc:derby:memory:users-tests;create=true |
| |
| jdbc.driver.name=org.hsqldb.jdbcDriver |
| jdbc.url=jdbc:hsqldb:mem:redback-test |
| |
| jdbc.username=sa |
| jdbc.password= |
| |
| # -------------------------------------------------------------------- |
| # Email Settings |
| |
| email.jndiSessionName=java:comp/env/mail/Session |
| email.smtp.host=localhost |
| email.smtp.port=25 |
| email.smtp.ssl.enabled=false |
| email.smtp.tls.enabled=false |
| email.smtp.username= |
| email.smtp.password= |
| |
| #TODO: move description elsewhere, remove bad default |
| # All emails sent by the system will be from the following address |
| #email.from.address=${user.name}@localhost |
| # All emails sent by the system will be from the following user name (used in conjunction with address) |
| #email.from.name=Unconfigured Username |
| |
| # If all email addresses (from new user registration) require an account validation email. |
| email.validation.required=true |
| # Timeout (in minutes) for the key generated for an email validation to remain valid. |
| # 2880 minutes = 48 hours |
| email.validation.timeout=2880 |
| # The subject line for the email message. |
| email.validation.subject=Welcome |
| |
| #TODO: move description elsewhere, remove bad default |
| # Get the Feedback to use for any outgoing emails. |
| # NOTE: if feedback.path starts with a "/" it is appended to the end of the value provided in application.url |
| # This value can be in the format/syntax of "/feedback.action" or even "mailto:feedback@application.com" |
| #email.feedback.path=/feedback.action |
| |
| #Set the application base URL. The default is to derive it from the HTTP request |
| #application.url=http://myurl.mycompany.com |
| |
| # -------------------------------------------------------------------- |
| # Auto Login Settings |
| |
| security.rememberme.enabled=true |
| # Timeout in days ( 365 days = 1 year ) |
| security.rememberme.timeout=365 |
| security.rememberme.path=/ |
| security.rememberme.domain= |
| security.rememberme.secure=false |
| |
| # Single Sign On |
| # Timeout in minutes |
| security.signon.timeout=30 |
| |
| # -------------------------------------------------------------------- |
| # Default Username Values |
| redback.default.admin=admin |
| redback.default.guest=guest |
| |
| # -------------------------------------------------------------------- |
| # Security Policies |
| |
| #security.policy.password.encoder= |
| security.policy.password.previous.count=6 |
| security.policy.password.expiration.enabled=true |
| security.policy.password.expiration.days=90 |
| security.policy.password.expiration.notify.days=10 |
| security.policy.allowed.login.attempt=10 |
| |
| # turn off the perclick enforcement of various security policies, slightly |
| # more heavyweight since it will ensure that the User object on each click |
| # is up to date |
| security.policy.strict.enforcement.enabled=true |
| security.policy.strict.force.password.change.enabled=true |
| |
| # -------------------------------------------------------------------- |
| # Password Rules |
| security.policy.password.rule.alphanumeric.enabled=false |
| security.policy.password.rule.alphacount.enabled=true |
| security.policy.password.rule.alphacount.minimum=1 |
| security.policy.password.rule.characterlength.enabled=true |
| security.policy.password.rule.characterlength.minimum=1 |
| security.policy.password.rule.characterlength.maximum=24 |
| security.policy.password.rule.musthave.enabled=true |
| security.policy.password.rule.numericalcount.enabled=true |
| security.policy.password.rule.numericalcount.minimum=1 |
| security.policy.password.rule.reuse.enabled=true |
| security.policy.password.rule.nowhitespace.enabled=true |
| |
| # -------------------------------------------------------------------- |
| # ldap settings |
| # |
| ldap.bind.authenticator.enabled=false |
| |
| # ldap options for configuration via properties file |
| #ldap.config.hostname= |
| #ldap.config.port= |
| #ldap.config.base.dn= |
| #ldap.config.context.factory= |
| #ldap.config.bind.dn= |
| #ldap.config.password= |
| #ldap.config.authentication.method= |
| |
| # config parameter for the ConfigurableUserManager |
| user.manager.impl=jpa |
| |
| |
| # REST security settings |
| |
| # Cross Site Request Forgery (CSRF) Prevention |
| # -------------------------------------------- |
| # Enable/Disable CSRF filtering. |
| # Possible values: true, false |
| rest.csrffilter.enabled=true |
| # Base URL used to verify the origin headers of the requests. If not set or empty |
| # it tries to determine the base url automatically |
| rest.baseUrl= |
| # What to do, if the request contains no Origin or Referer header. |
| # If true, requests without Origin or Referer Header are denied, otherwise accepted. |
| # Possible values: true, false |
| rest.csrffilter.absentorigin.deny=true |
| # Enable/Disable the token validation only. |
| # If true, the validation of the CSRF tokens will be disabled. |
| # Possible values: true, false |
| rest.csrffilter.disableTokenValidation=false |
| </pre></div> |
| <p><b>Note:</b> If installed standalone, Archiva's list of configuration files is <i>itself</i> configurable, and can be found in: <tt>apps/archiva/WEB-INF/applicationContext.xml</tt></p> |
| <p>Values from sources</p> |
| <div class="source"> |
| <pre><bean name="commons-configuration" class="org.apache.archiva.components.registry.commons.CommonsConfigurationRegistry" |
| init-method="initialize"> |
| <property name="initialConfiguration"> |
| <value> |
| <![CDATA[ |
| <configuration> |
| <system/> |
| <jndi prefix="java:comp/env" config-optional="true"/> |
| <xml fileName="${appserver.base}/conf/archiva.xml" config-optional="true" |
| config-name="org.apache.archiva.base" |
| config-at="org.apache.archiva"/> |
| <xml fileName="${appserver.base}/conf/shared.xml" config-optional="true" |
| config-name="org.apache.maven.shared.app.base" config-at="org.apache.maven.shared.app"/> |
| <xml fileName="${appserver.base}/conf/common.xml" config-optional="true"/> |
| <properties fileName="${appserver.base}/conf/security.properties" config-optional="true" |
| config-at="org.apache.archiva.redback"/> |
| <xml fileName="${appserver.home}/conf/archiva.xml" config-optional="true" |
| config-at="org.apache.archiva"/> |
| <xml fileName="${appserver.home}/conf/shared.xml" config-optional="true" |
| config-at="org.apache.maven.shared.app"/> |
| <xml fileName="${appserver.home}/conf/common.xml" config-optional="true"/> |
| <properties fileName="${appserver.home}/conf/security.properties" config-optional="true" |
| config-at="org.apache.archiva.redback"/> |
| <properties fileName="org/apache/archiva/redback-security.properties" config-at="org.apache.archiva.redback"/> |
| </configuration> |
| ]]> |
| </value> |
| </property> |
| </bean> |
| </pre></div></div> |
| </div> |
| </div> |
| </div> |
| |
| <hr/> |
| |
| <footer> |
| <div class="container-fluid"> |
| <div class="row-fluid"> |
| <p >Copyright © 2006–2020 |
| <a href="http://www.apache.org/">The Apache Software Foundation</a>. |
| All rights reserved. |
| |
| </p> |
| </div> |
| |
| |
| <div class="row span12">Apache Archiva :: Documentation, Archiva :: Documentation, Apache, the Apache feather logo, and the Apache Archiva :: Documentation project logos are trademarks of The Apache Software Foundation.</div> |
| |
| <div class="row span12"> |
| <a href="http://archiva.apache.org/docs/2.2.5/privacy-policy.html">Privacy Policy</a> |
| </div> |
| |
| |
| |
| |
| |
| |
| <div id="ohloh" class="pull-right"> |
| <script type="text/javascript" src="http://www.ohloh.net/p/6670/widgets/project_basic_stats.js"></script> |
| </div> |
| </div> |
| </footer> |
| </body> |
| </html> |
