You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by ol...@apache.org on 2013/01/16 15:51:55 UTC
svn commit: r1433965 - /archiva/site-content/redback/configuration.html
Author: olamy
Date: Wed Jan 16 14:51:55 2013
New Revision: 1433965
URL: http://svn.apache.org/viewvc?rev=1433965&view=rev
Log:
Apache Redback Main site deployment
Modified:
archiva/site-content/redback/configuration.html
Modified: archiva/site-content/redback/configuration.html
URL: http://svn.apache.org/viewvc/archiva/site-content/redback/configuration.html?rev=1433965&r1=1433964&r2=1433965&view=diff
==============================================================================
--- archiva/site-content/redback/configuration.html (original)
+++ archiva/site-content/redback/configuration.html Wed Jan 16 14:51:55 2013
@@ -211,7 +211,7 @@ pageTracker._trackPageview();</script>
<property name="registry" ref="registry#commons-configuration"/>
</bean>
-</pre></div></div><div class="section"><h3>Configuration Options<a name="Configuration_Options"></a></h3><div class="section"><h4>Application Configuration<a name="Application_Configuration"></a></h4><ul><li>application.timestamp=EEE d MMM yyyy HH:mm:ss Z</li><li>application.url=http://myurl.mycompany.com<ul><li>Set the application base URL. The default is to derive it from the HTTP request</li></ul></li></ul></div><div class="section"><h4>JDBC Setup<a name="JDBC_Setup"></a></h4><p>By default Redback uses Apache Derby for persistence of user and role information. This can be configured with the following options.</p><ul><li>jdbc.driver.name=org.apache.derby.jdbc.EmbeddedDriver</li><li>jdbc.url=jdbc:derby:$<a name="plexus.home">plexus.home</a>/database;create=true</li><li>jdbc.username=sa</li><li>jdbc.password=</li></ul><p>By default Redback uses Apache Derby for persistence of user and role information. This can be configured with the following options.</p><p><b>Note:</b> If
you are using MySQL as your database, the database will not be populated if the encoding is initially set to UTF-8. As a workaround, set the database to UTF-8 encoding after it has been populated. See <a class="externalLink" href="http://jira.codehaus.org/browse/REDBACK-267"> REDBACK-267</a> for more details.</p></div><div class="section"><h4>Email Settings<a name="Email_Settings"></a></h4><ul><li>email.jndiSessionName=java:comp/env/mail/Session</li><li>email.smtp.host=localhost</li><li>email.smtp.port=25</li><li>email.smtp.ssl.enabled=false</li><li>email.smtp.tls.enabled=false</li><li>email.smtp.username=</li><li>email.smtp.password=</li><li>email.from.address=$<a name="user.name">user.name</a>@localhost<ul><li>All emails sent by the system will be from the following address</li></ul></li><li>email.from.name=Unconfigured Username</li><li>email.validation.required=true<ul><li>If all email addresses (from new user registration) require an account validation email. </li></ul>
</li><li>email.validation.timeout=2880<ul><li>Timeout (in minutes) for the key generated for an email validation to remain valid.</li><li>2880 minutes = 48 hours</li></ul></li><li>email.validation.subject=Welcome</li><li>email.feedback.path=/feedback.action<ul><li>Get the Feedback to use for any outgoing emails.</li><li>Feedback path starts with a "/" it is appended to the end of the value provided in application.url. This value can be in the format/syntax of "/feedback.action" or even "mailto:feedback@application.com"</li></ul></li></ul></div><div class="section"><h4>Auto Login Settings<a name="Auto_Login_Settings"></a></h4><ul><li>security.rememberme.enabled=true</li><li>security.rememberme.timeout=525600<ul><li>Timeout in minutes ( 525600 minutes = 1 year )</li></ul></li><li>security.signon.timeout=30<ul><li>Single Sign On</li><li>Timeout is in minutes</li></ul></li></ul></div><div class="section"><h4>Default Username Values<a name="Default_U
sername_Values"></a></h4><ul><li>redback.default.admin=admin<ul><li>name for the admin user, by default this is 'admin' and can not easily be changed after the fact at this point. However any number of people may be assigned full administrator roles.</li></ul></li><li>redback.default.guest=guest (currently guest is an hardcoded value so not possible to configure it)<ul><li>name of the guest user</li></ul></li></ul></div><div class="section"><h4>Security Policies<a name="Security_Policies"></a></h4><ul><li>security.policy.password.encoder=</li><li>security.policy.password.previous.count=6</li><li>security.policy.password.expiration.enabled=true</li><li>security.policy.password.expiration.days=90</li><li>security.policy.password.expiration.notify.days=10</li><li>security.policy.allowed.login.attempt=10</li><li>security.policy.strict.enforcement.enabled=true<ul><li>turn off the perclick enforcement of various security policies, slightly more heavyweight since it will ensure tha
t the User object on each click is up to date</li></ul></li><li>security.policy.strict.force.password.change.enabled=true<ul><li>forces the user to change their password immediately should their account be flagged for a password change.</li></ul></li><li>security.policy.unlockable.accounts<ul><li>can be specified multiple times to ensure that password policies never lock the specified account(s) (eg. security.policy.unlockable.accounts=guest )</li></ul></li></ul></div><div class="section"><h4>Password Rules<a name="Password_Rules"></a></h4><ul><li>security.policy.password.rule.alphanumeric.enabled=false</li><li>security.policy.password.rule.alphacount.enabled=true</li><li>security.policy.password.rule.alphacount.minimum=1</li><li>security.policy.password.rule.characterlength.enabled=true</li><li>security.policy.password.rule.characterlength.minimum=1</li><li>security.policy.password.rule.characterlength.maximum=24</li><li>security.policy.password.rule.musthave.enabled=true</
li><li>security.policy.password.rule.numericalcount.enabled=true</li><li>security.policy.password.rule.numericalcount.minimum=1</li><li>security.policy.password.rule.reuse.enabled=true</li><li>security.policy.password.rule.nowhitespace.enabled=true</li></ul></div><div class="section"><h4>LDAP settings<a name="LDAP_settings"></a></h4><p>Ldap can be used as a readonly user manager, however the role assignment is still managed entirely within the given database store. This should be fixed in the future sometime but likely not before ldap is switched over as the default user and role store entirely.</p><ul><li>ldap.user.store.enabled=false</li><li>ldap.bind.authenticator.enabled=false</li></ul><div class="section"><h5>ldap options for configuration via properties file<a name="ldap_options_for_configuration_via_properties_file"></a></h5><ul><li>ldap.config.hostname=</li><li>ldap.config.port=</li><li>ldap.config.base.dn=</li><li>ldap.config.context.factory=</li><li>ldap.config.bin
d.dn=</li><li>ldap.config.password=</li><li>ldap.config.authentication.method=</li><li>ldap.config.groups.class= object class for groups (default: groupOfUniqueNames)</li><li>ldap.config.groups.base.dn= basedn for groups</li><li>ldap.config.groups.base.dn= dn with list of groups dc=archiva,dc=apache,dc=org</li><li>ldap.config.groups.role.*(ldap group)=*(role) (mapping ldap group <i>-</i> redback role) (example: ldap.config.groups.role.archiva-admin=Archiva System Administrator)</li><li>ldap.config.writable=true/false will write datas to ldap (default false)</li><li>ldap.config.groups.use.rolename=true/false will create groups in ldap with default role if no group<i>-</i>role mapping found (default false)</li></ul></div></div><div class="section"><h4>User Manager Implementation(s) to use<a name="User_Manager_Implementations_to_use"></a></h4><ul><li>user.manager.impl=cached (since 1.4-M4: Archiva support more than one value comma separated)<ul><li>valid values for realistic us
age are 'cached' and then further configuring the cached instance to use another underlying user manager like ldap or the jdo one which is used by default. Placing 'ldap' here will check with the ldap system for a fair amount of checks and would likely be a performance issue</li></ul></li></ul></div><div class="section"><h4>RBAC Manager Implementation(s) to use<a name="RBAC_Manager_Implementations_to_use"></a></h4><ul><li>rbac.manager.impl=cached (since 1.4-M4: Archiva support more than one value comma separated)</li></ul></div></div></div>
+</pre></div></div><div class="section"><h3>Configuration Options<a name="Configuration_Options"></a></h3><div class="section"><h4>Application Configuration<a name="Application_Configuration"></a></h4><ul><li>application.timestamp=EEE d MMM yyyy HH:mm:ss Z</li><li>application.url=http://myurl.mycompany.com<ul><li>Set the application base URL. The default is to derive it from the HTTP request</li></ul></li></ul></div><div class="section"><h4>JDBC Setup<a name="JDBC_Setup"></a></h4><p>By default Redback uses Apache Derby for persistence of user and role information. This can be configured with the following options.</p><ul><li>jdbc.driver.name=org.apache.derby.jdbc.EmbeddedDriver</li><li>jdbc.url=jdbc:derby:$<a name="plexus.home">plexus.home</a>/database;create=true</li><li>jdbc.username=sa</li><li>jdbc.password=</li></ul><p>By default Redback uses Apache Derby for persistence of user and role information. This can be configured with the following options.</p><p><b>Note:</b> If
you are using MySQL as your database, the database will not be populated if the encoding is initially set to UTF-8. As a workaround, set the database to UTF-8 encoding after it has been populated. See <a class="externalLink" href="http://jira.codehaus.org/browse/REDBACK-267"> REDBACK-267</a> for more details.</p></div><div class="section"><h4>Email Settings<a name="Email_Settings"></a></h4><ul><li>email.jndiSessionName=java:comp/env/mail/Session</li><li>email.smtp.host=localhost</li><li>email.smtp.port=25</li><li>email.smtp.ssl.enabled=false</li><li>email.smtp.tls.enabled=false</li><li>email.smtp.username=</li><li>email.smtp.password=</li><li>email.from.address=$<a name="user.name">user.name</a>@localhost<ul><li>All emails sent by the system will be from the following address</li></ul></li><li>email.from.name=Unconfigured Username</li><li>email.validation.required=true<ul><li>If all email addresses (from new user registration) require an account validation email. </li></ul>
</li><li>email.validation.timeout=2880<ul><li>Timeout (in minutes) for the key generated for an email validation to remain valid.</li><li>2880 minutes = 48 hours</li></ul></li><li>email.validation.subject=Welcome</li><li>email.feedback.path=/feedback.action<ul><li>Get the Feedback to use for any outgoing emails.</li><li>Feedback path starts with a "/" it is appended to the end of the value provided in application.url. This value can be in the format/syntax of "/feedback.action" or even "mailto:feedback@application.com"</li></ul></li></ul></div><div class="section"><h4>Auto Login Settings<a name="Auto_Login_Settings"></a></h4><ul><li>security.rememberme.enabled=true</li><li>security.rememberme.timeout=525600<ul><li>Timeout in minutes ( 525600 minutes = 1 year )</li></ul></li><li>security.signon.timeout=30<ul><li>Single Sign On</li><li>Timeout is in minutes</li></ul></li></ul></div><div class="section"><h4>Default Username Values<a name="Default_U
sername_Values"></a></h4><ul><li>redback.default.admin=admin<ul><li>name for the admin user, by default this is 'admin' and can not easily be changed after the fact at this point. However any number of people may be assigned full administrator roles.</li></ul></li><li>redback.default.guest=guest (currently guest is an hardcoded value so not possible to configure it)<ul><li>name of the guest user</li></ul></li></ul></div><div class="section"><h4>Security Policies<a name="Security_Policies"></a></h4><ul><li>security.policy.password.encoder=</li><li>security.policy.password.previous.count=6</li><li>security.policy.password.expiration.enabled=true</li><li>security.policy.password.expiration.days=90</li><li>security.policy.password.expiration.notify.days=10</li><li>security.policy.allowed.login.attempt=10</li><li>security.policy.strict.enforcement.enabled=true<ul><li>turn off the perclick enforcement of various security policies, slightly more heavyweight since it will ensure tha
t the User object on each click is up to date</li></ul></li><li>security.policy.strict.force.password.change.enabled=true<ul><li>forces the user to change their password immediately should their account be flagged for a password change.</li></ul></li><li>security.policy.unlockable.accounts<ul><li>can be specified multiple times to ensure that password policies never lock the specified account(s) (eg. security.policy.unlockable.accounts=guest )</li></ul></li></ul></div><div class="section"><h4>Password Rules<a name="Password_Rules"></a></h4><ul><li>security.policy.password.rule.alphanumeric.enabled=false</li><li>security.policy.password.rule.alphacount.enabled=true</li><li>security.policy.password.rule.alphacount.minimum=1</li><li>security.policy.password.rule.characterlength.enabled=true</li><li>security.policy.password.rule.characterlength.minimum=1</li><li>security.policy.password.rule.characterlength.maximum=24</li><li>security.policy.password.rule.musthave.enabled=true</
li><li>security.policy.password.rule.numericalcount.enabled=true</li><li>security.policy.password.rule.numericalcount.minimum=1</li><li>security.policy.password.rule.reuse.enabled=true</li><li>security.policy.password.rule.nowhitespace.enabled=true</li></ul></div><div class="section"><h4>LDAP settings<a name="LDAP_settings"></a></h4><p>Ldap can be used as a readonly user manager, however the role assignment is still managed entirely within the given database store. This should be fixed in the future sometime but likely not before ldap is switched over as the default user and role store entirely.</p><ul><li>ldap.user.store.enabled=false</li><li>ldap.bind.authenticator.enabled=false</li></ul><div class="section"><h5>ldap options for configuration via properties file<a name="ldap_options_for_configuration_via_properties_file"></a></h5><ul><li>ldap.config.hostname=</li><li>ldap.config.port=</li><li>ldap.config.base.dn=</li><li>ldap.config.context.factory=</li><li>ldap.config.bin
d.dn=</li><li>ldap.config.password=</li><li>ldap.config.authentication.method=</li><li>ldap.config.groups.class= object class for groups (default: groupOfUniqueNames)</li><li>ldap.config.groups.base.dn= basedn for groups</li><li>ldap.config.groups.base.dn= dn with list of groups dc=archiva,dc=apache,dc=org</li><li>ldap.config.groups.role.*(ldap group)=*(roles) (mapping ldap group <i>-</i> redback roles comma separated) (example: ldap.config.groups.role.archiva-admin=Archiva System Administrator, Foo)</li><li>ldap.config.writable=true/false will write datas to ldap (default false)</li><li>ldap.config.groups.use.rolename=true/false will create groups in ldap with default role if no group<i>-</i>role mapping found (default false)</li></ul></div></div><div class="section"><h4>User Manager Implementation(s) to use<a name="User_Manager_Implementations_to_use"></a></h4><ul><li>user.manager.impl=cached (since 1.4-M4: Archiva support more than one value comma separated)<ul><li>valid
values for realistic usage are 'cached' and then further configuring the cached instance to use another underlying user manager like ldap or the jdo one which is used by default. Placing 'ldap' here will check with the ldap system for a fair amount of checks and would likely be a performance issue</li></ul></li></ul></div><div class="section"><h4>RBAC Manager Implementation(s) to use<a name="RBAC_Manager_Implementations_to_use"></a></h4><ul><li>rbac.manager.impl=cached (since 1.4-M4: Archiva support more than one value comma separated)</li></ul></div></div></div>
</div>
</div>