Google Git
Sign in
apache / james-site / a92fa6ef34b4ad4bdd3caff9c602c28281ff6677 / . / content / server / 3 / config-users.html
blob: 3724420041966bdfaf294b6ad3baaacf76b4a3ca [file] [log] [blame]
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Generated by Apache Maven Doxia at 2016-10-20 -->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Apache James Server 3.0 -
Apache James Server 3 - Users Configuration</title>
<style type="text/css" media="all">
@import url("./css/james.css");
@import url("./css/maven-base.css");
@import url("./css/maven-theme.css");
@import url("./css/site.css");
@import url("./js/jquery/css/custom-theme/jquery-ui-1.8.5.custom.css");
@import url("./js/jquery/css/print.css");
@import url("./js/fancybox/jquery.fancybox-1.3.4.css");
</style>
<script type="text/javascript" src="./js/jquery/js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="./js/jquery/js/jquery-ui-1.8.5.custom.min.js"></script>
<script type="text/javascript" src="./js/fancybox/jquery.fancybox-1.3.4.js"></script>
<link rel="stylesheet" href="./css/print.css" type="text/css" media="print" />
<meta name="Date-Revision-yyyymmdd" content="20161020" />
<meta http-equiv="Content-Language" content="en" />
<link title="DOAP" rel="meta" type="application/rdf+xml" href="http://james.apache.org//doap_james-project.rdf"/>
<!-- Google Analytics -->
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-1384591-1']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script').item(0); s.parentNode.insertBefore(ga, s);
})();
</script>
</head>
<body class="composite">
<div id="banner">
<a href="../index.html" id="bannerLeft" title="james-logo.png">
<img src="images/logos/james-logo.png" alt="Apache James Server 3.0" />
</a>
<a href="http://www.apache.org/index.html" id="bannerRight">
<img src="images/logos/asf_logo_small.png" alt="The Apache Software Foundation" />
</a>
<div class="clear">
<hr/>
</div>
</div>
<div id="breadcrumbs">
<div class="xleft">
<span id="publishDate">Last Published: 2016-10-20</span>
</div>
<div class="xright"> <a href="../../index.html" title="Home">Home</a>
|
<a href="../index.html" title="Server">Server</a>
|
<a href="../../hupa/index.html" title="Hupa">Hupa</a>
|
<a href="../../protocols/index.html" title="Protocols">Protocols</a>
|
<a href="../../mailet/index.html" title="Mailets">Mailets</a>
|
<a href="../../mailbox/index.html" title="Mailbox">Mailbox</a>
|
<a href="../../mime4j/index.html" title="Mime4J">Mime4J</a>
|
<a href="../../jsieve/index.html" title="jSieve">jSieve</a>
|
<a href="../../jspf/index.html" title="jSPF">jSPF</a>
|
<a href="../../jdkim/index.html" title="jDKIM">jDKIM</a>
|
<a href="../../mpt/index.html" title="MPT">MPT</a>
|
<a href="../../postage/index.html" title="Postage">Postage</a>
</div>
<div class="clear">
<hr/>
</div>
</div>
<div id="leftColumn">
<div id="navcolumn">
<h5>Overview</h5>
<ul>
<li class="none">
<a href="index.html" title="Introduction">Introduction</a>
</li>
<li class="none">
<a href="release-notes.html" title="Release Notes">Release Notes</a>
</li>
</ul>
<h5>Features</h5>
<ul>
<li class="none">
<a href="feature-mailetcontainer.html" title="Mailet Container">Mailet Container</a>
</li>
<li class="none">
<a href="feature-queue-priority.html" title="Queue Priority">Queue Priority</a>
</li>
<li class="none">
<a href="feature-persistence.html" title="Persistence">Persistence</a>
</li>
<li class="none">
<a href="feature-protocols.html" title="Protocols">Protocols</a>
</li>
<li class="none">
<a href="feature-smtp-hooks.html" title="SMTP Hooks">SMTP Hooks</a>
</li>
<li class="none">
<a href="feature-performance.html" title="Performance">Performance</a>
</li>
<li class="none">
<a href="feature-security.html" title="Security">Security</a>
</li>
</ul>
<h5>User Manual</h5>
<ul>
<li class="none">
<a href="quick-start.html" title="1. Quick Start">1. Quick Start</a>
</li>
<li class="none">
<a href="install.html" title="2. Install James">2. Install James</a>
</li>
<li class="expanded">
<a href="config.html" title="3. Configure James">3. Configure James</a>
<ul>
<li class="none">
<a href="config-system.html" title="System">System</a>
</li>
<li class="none">
<a href="config-domainlist.html" title="Domain List">Domain List</a>
</li>
<li class="none">
<strong>Users</strong>
</li>
<li class="none">
<a href="config-recipientrewritetable.html" title="Recipient Rewrite">Recipient Rewrite</a>
</li>
<li class="none">
<a href="config-mailbox.html" title="Mailbox">Mailbox</a>
</li>
<li class="none">
<a href="config-mailrepositorystore.html" title="Mail Repository Stores">Mail Repository Stores</a>
</li>
<li class="none">
<a href="config-dnsservice.html" title="DNS Service">DNS Service</a>
</li>
<li class="none">
<a href="config-smtp-lmtp.html" title="SMTP LMTP">SMTP LMTP</a>
</li>
<li class="none">
<a href="config-pop3.html" title="POP3">POP3</a>
</li>
<li class="none">
<a href="config-imap4.html" title="IMAP4">IMAP4</a>
</li>
<li class="none">
<a href="config-mailetcontainer.html" title="Mailet Container">Mailet Container</a>
</li>
<li class="none">
<a href="config-fetchmail.html" title="FetchMail">FetchMail</a>
</li>
<li class="none">
<a href="config-ssl-tls.html" title="SSL/TLS">SSL/TLS</a>
</li>
<li class="none">
<a href="config-sieve.html" title="Sieve">Sieve</a>
</li>
<li class="none">
<a href="config-antispam.html" title="Anti Spam">Anti Spam</a>
</li>
</ul>
</li>
<li class="collapsed">
<a href="manage.html" title="4. Manage">4. Manage</a>
</li>
<li class="collapsed">
<a href="monitor.html" title="5. Monitor">5. Monitor</a>
</li>
<li class="collapsed">
<a href="upgrade.html" title="6. Upgrade">6. Upgrade</a>
</li>
</ul>
<h5>Developers Corner</h5>
<ul>
<li class="none">
<a href="dev.html" title="Architecture">Architecture</a>
</li>
<li class="none">
<a href="dev-build.html" title="Build from source">Build from source</a>
</li>
<li class="none">
<a href="dev-database-schema.html" title="Database Schema">Database Schema</a>
</li>
<li class="collapsed">
<a href="dev-extend.html" title="Develop Extensions">Develop Extensions</a>
</li>
<li class="collapsed">
<a href="dev-provided.html" title="Provided Extensions">Provided Extensions</a>
</li>
</ul>
<h5>References</h5>
<ul>
<li class="none">
<a href="apidocs/index.html" title="Javadoc">Javadoc</a>
</li>
<li class="none">
<a href="https://issues.apache.org/jira/browse/JAMES" title="Issue Tracker">Issue Tracker</a>
</li>
</ul>
<h5>About James</h5>
<ul>
<li class="none">
<a href="../../index.html" title="Overview">Overview</a>
</li>
<li class="none">
<a href="../../newsarchive.html" title="News">News</a>
</li>
<li class="none">
<a href="../../mail.html" title="Mailing Lists">Mailing Lists</a>
</li>
<li class="none">
<a href="../../contribute.html" title="Contributing">Contributing</a>
</li>
<li class="none">
<a href="../../guidelines.html" title="Guidelines">Guidelines</a>
</li>
<li class="none">
<a href="http://wiki.apache.org/james" title="Wiki">Wiki</a>
</li>
<li class="none">
<a href="../../team-list.html" title="Who We Are">Who We Are</a>
</li>
<li class="none">
<a href="../../license.html" title="License">License</a>
</li>
<li class="none">
<a href="../../thanks.html" title="Thanks">Thanks</a>
</li>
<li class="none">
<a href="../../support.html" title="Professional support">Professional support</a>
</li>
</ul>
<h5>Download</h5>
<ul>
<li class="none">
<a href="../../download.cgi" title="Releases">Releases</a>
</li>
</ul>
<h5>Apache Software Foundation</h5>
<ul>
<li>
<strong>
<a title="ASF" href="http://www.apache.org/">ASF</a>
</strong>
</li>
<li>
<a title="Get Involved" href="http://www.apache.org/foundation/getinvolved.html">Get Involved</a>
</li>
<li>
<a title="FAQ" href="http://www.apache.org/foundation/faq.html">FAQ</a>
</li>
<li>
<a title="License" href="http://www.apache.org/licenses/" >License</a>
</li>
<li>
<a title="Sponsorship" href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a>
</li>
<li>
<a title="Thanks" href="http://www.apache.org/foundation/thanks.html">Thanks</a>
</li>
<li>
<a title="Security" href="http://www.apache.org/security/">Security</a>
</li>
</ul>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="poweredBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
</a>
</div>
</div>
<div id="bodyColumn">
<div id="contentBox">
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License. -->
<div class="section">
<h2>Users Repositories<a name="Users_Repositories"></a></h2>
<div class="section">
<h3>Introduction<a name="Introduction"></a></h3>
<p>User repositories are required to store James user information and authentication data</p>
<p>Consult <a class="externalLink" href="https://github.com/apache/james-project/tree/master/server/app/src/main/resources/usersrepository-template.xml">usersrepository.xml</a> in GIT to get some examples and hints.</p>
</div>
<div class="section">
<h3>JPA Users Repository<a name="JPA_Users_Repository"></a></h3>
<p>JPA (database via OpenJPA) based user repository. This is the default implementation.</p>
<p>The usersrepository tag as 2 attributes: name=&quot;LocalUsers&quot; and class=&quot;org.apache.james.user.file.UsersFileRepository&quot;&gt;</p>
<dl>
<dt><b>algorithm</b></dt>
<dd>Algorithm to has passwords. Supported password algorithm are: MD5, SHA-256, SHA-512, NONE</dd>
<dt><b>enableVirtualHosting</b></dt>
<dd>true (default) or false. Defines if the usernames must (true) or may not contain (false) a domain part (user@domain.tld).</dd>
</dl>
</div>
<div class="section">
<h3>File Users Repository<a name="File_Users_Repository"></a></h3>
<p>The File UsersRepository implementations below are DEPRECATED and will get removed in the next release</p>
<p>It just listed here for backward-compatibility</p>
<p>File-based user repositories Use these configurations to store user info in the filesystem.</p>
<p>The usersrepository tag as 2 attributes:name=&quot;LocalUsers&quot; class=&quot;org.apache.james.user.file.UsersFileRepository&quot;&gt;</p>
<dl>
<dt><b>destination</b></dt>
<dd>Example: file://var/users/.</dd>
<dt><b>ignoreCase</b></dt>
<dd>true or false.</dd>
<dt><b>enableAliases</b></dt>
<dd>true or false.</dd>
<dt><b>enableForwarding</b></dt>
<dd>true or false.</dd>
<dt><b>enableVirtualHosting</b></dt>
<dd>true (default) or false. Defines if the usernames must (true) or may not contain (false) a domain part (user@domain.tld).</dd>
</dl>
</div>
<div class="section">
<h3>JDBC Users Repository<a name="JDBC_Users_Repository"></a></h3>
<p>The JDBC UsersRepository implementations below are DEPRECATED and will get removed in the next release.</p>
<p>It just listed here for backward-compatibility.</p>
</div>
<div class="section">
<h3>LDAP Users Repository<a name="LDAP_Users_Repository"></a></h3>
<p>Read-Only LDAP based UsersRepository</p>
<p>Example:</p>
<div class="source">
<pre>
&lt;repository name=&quot;LocalUsers&quot; class=&quot;org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository&quot; ldapHost=&quot;ldap://myldapserver:389&quot;
principal=&quot;uid=ldapUser,ou=system&quot; credentials=&quot;password&quot; userBase=&quot;ou=People,o=myorg.com,ou=system&quot; userIdAttribute=&quot;uid&quot;/&gt;</pre></div>
<!-- <p>This section explains how to enable Apache James Server to use an LDAP directory as a
Users Repository.</p>
<p>We have tried to make the LDAP implementation of UsersRepository as
flexible a possible, recognising that each installation will have a unique
directory schema.</p>
<p>We assume that all users that a James Mailserver will handle fall
within one single-rooted tree. The root of this tree, ie the lowest node
in the directory which is an ancestor for all users served by this
mailserver and the mailserver, is called the LDAPRoot. (See diagram)</p>
<p>It is entirely possible that an organization may have more than one
mail server. Consequently, the fact that a user is in the Directory does
not imply that this mailserver should handle mail for them.</p>
<p>This implementation of UsersRepository creates one node (object) for
each set of mail users. The set called 'LocalUsers' is the set of users
whose mail is handled by this server. Other sets include any mail-lists
handled by the server. Each member of a set is recorded as an attribute
of these objects. These nodes are child nodes of the mailserver.</p>
<p>The mailserver will accept mail for local delivery if the user part of
the email address matches a member of LocalUsers and if the domain/host
part of the email address matches the first servername .
(Set servernames autodetect to false and enter the domain served as the
first servername, e.g. apache.org).</p>
<p>For POP3 authentication, the mailserver first finds the user entry in
the directory, underLDAPRoot, whose attribute, specified as
MailAttribute in conf, matches user@domain. The mailserver authenticates
the POP3 user if it can bind to the directory as that user entry with
the offered password.</p>
<p>This implementation does not set passwords in the directory. Use a dummy
password when invoking adduser in RemoteManger.</p>
<p>If ManageGroupAttribute is set to TRUE (as it is by default), then the
RemoteManger will add/remove the full DN of the email group to/from the
user entry. This facilty allows users to ask the directory what is my
mailserver and what email lists am I subscribed to?</p>
<table cellspacing="0">
<tr>
<td> </td>
<td align="center">Root of Directory
<br>Example: dc=org</br>
<br>May not be referenced in conf.xml</br>
<br>|</br>
<br>|</br>
</td>
<td> </td>
</tr>
<tr>
<td colspan="3" align="center"> - - - - - - - - - - -</td>
</tr>
<tr>
<td align="center" valign="top">|
<br>Subtree not served by James</br>
<br> e.g.: dc=w3c, dc=org</br>
</td>
<td align="center" valign="top">|
<br>Subtree served by James</br>
<br> e.g.: dc=apache, dc=org </br>
<br>"LDAPRoot"</br>
<br>|</br>
</td>
<td align="center" valign="top">|
<br>Subtree not served by James</br>
<br> e.g.: dc=xml, dc=org</br>
</td>
</tr>
<tr>
<td> </td>
<td>
<table cellspace="0">
<tr>
<td colspan="4" align="center"> - - - - - - - - - - - - - - - - - - - - - - - - - -</td>
</tr>
<tr>
<td align="center" valign="top">|
<br>This mailserver </br>
<br>cn=mailserver.apache.org</br>
<br>|</br>
<br> - - - - - - - -</br>
</td>
<td align="center" valign="top">|
<br>A user </br>
<br>cn=King Arthur</br>
<br> memberOfGroup=</br>
<br>cn=LocalUsers etc</br>
</td>
<td align="center" valign="top">|
<br>A user </br>
<br>cn=Morgan LeFay </br>
</td>
<td align="center" valign="top">|
<br>Another mailserver </br>
<br>cn=oldmail.apache.org</br>
</td>
</tr>
<tr>
<td>
<table cellspace="0">
<tr>
<td align="center" valign="top"> |
<br>LocalUsers</br>
<br>member=Arthur</br>
</td>
<td align="center" valign="top"> |
<br>list-james</br>
<br>member=Arthur</br>
</td>
</tr>
</table>
</td>
<td> </td>
<td> </td>
<td> </td>
</tr>
</table>
</td>
<td> </td>
</tr>
</table> -->
<!-- <p>Six entries in JAMES.xml.xml must be set for this to work:
<ul>
<li>change usersManager - type to ldap.</li>
<li>Set the ldapServer element to point to the correct host and port</li>
<li>Set LDAPRoot and ThsServerRDN.</li>
<li>Set the direcory FDN and password that should be used to write to the directory.</li>
<li>Unless all your users have email addresses of the form, name@the-machine-running-James, set servernames-autodetect to false and apecify the your email domain as the first servername.</li>
</ul>
</p> -->
</div>
</div>
</div>
</div>
<div class="clear">
<hr/>
</div>
<div id="footer">
<div class="xright">Copyright &#169; 2002-2016
<a href="http://www.apache.org/">The Apache Software Foundation</a>.
All Rights Reserved.
</div>
<div class="clear">
<hr/>
</div>
</div>
</body>
</html>