You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@archiva.apache.org by javaman501 <ja...@gmail.com> on 2011/02/14 17:25:00 UTC
Is Archiva compatible with Maven 3?
I have been using Archiva with Maven 2.2.1. We wanted to upgrade to Maven 3.
I noticed on Archiva that when I add a managed repository, I have a choice
between "Maven 1.x Repository" and "Maven 2.x Repository". Is there
supposed to be a "Maven 3.x Repository" in a later version of Archiva? Or
is it the case that a Maven 2.x Repository is simply the same thing as a
Maven 3.x repository?
--
View this message in context: http://old.nabble.com/Is-Archiva-compatible-with-Maven-3--tp30923282p30923282.html
Sent from the archiva-users mailing list archive at Nabble.com.
Re: authentication against LDAP
Posted by Brent Atkinson <ba...@apache.org>.
Are you deploying archiva stand-alone (jetty bundle) or using Tomcat? Also,
can you describe the settings in security.properties and in the plexus
descriptors? Are there any details in the log files?
Brent
batkinson@apache.org
On Mon, Feb 14, 2011 at 6:10 PM, Qian, Yi <yq...@ku.edu> wrote:
> Hello, experts
>
> I am trying to set up archiva 1.3.3 to authenticate against LDAP server. I
> followed the instrution of LDAP Integration on Redback website.
> Uncommented components element of LDAP connection factory and user mapper
> in application.xml located in /WEB-INF/classes/META-INF/plexus. Added
> connection information and attributes mapping in security.properties
> located in /WEB-INF/classes/org/apache/maven/archiva. I started archiva,
> accessing http://localhost:8080/archiva brings me to
> security/addadmin.action page. Could you tell me what I missed?
>
> Thanks,
>
> Yi
>
>
Re: authentication against LDAP
Posted by "Qian, Yi" <yq...@ku.edu>.
Hello, Wendy
Yes, you are right, we are using maven to pull the artifacts from our
local archiva repository. But most of developers are using eclipse maven
plugin, not the command, is there a way to force them login first time
when they run maven task in eclipse? Or this is the question for eclipse
maven plugin?
Regards,
Yi
On 2/15/11 1:37 PM, "Wendy Smoak" <ws...@gmail.com> wrote:
>On Tue, Feb 15, 2011 at 2:28 PM, Qian, Yi <yq...@ku.edu> wrote:
>> 3. Following is my settings.xml in ~/.m2/ folder, which has my login
>> credential in it, my question is I would like to avoid put even
>>encrypted
>> credential in a file, there is a way to force user login when using
>> archiva, but also keep the login alive for some time period?
>
>I'm guessing, but it sounds like you'd want it to work like sudo,
>where it prompts for your password the first time you do something,
>and then 'remembers' for a while.
>
>So:
>$mvn install
>... prompt for repository password...
>...build continues...
>$mvn install
>... build runs without prompting...
>
>Nothing to do with the web interface, just Maven connecting to
>retrieve artifacts, right?
>
>If that's not it, please explain what you mean by "using Archiva".
>
>--
>Wendy
Re: authentication against LDAP
Posted by Wendy Smoak <ws...@gmail.com>.
On Tue, Feb 15, 2011 at 2:28 PM, Qian, Yi <yq...@ku.edu> wrote:
> 3. Following is my settings.xml in ~/.m2/ folder, which has my login
> credential in it, my question is I would like to avoid put even encrypted
> credential in a file, there is a way to force user login when using
> archiva, but also keep the login alive for some time period?
I'm guessing, but it sounds like you'd want it to work like sudo,
where it prompts for your password the first time you do something,
and then 'remembers' for a while.
So:
$mvn install
... prompt for repository password...
...build continues...
$mvn install
... build runs without prompting...
Nothing to do with the web interface, just Maven connecting to
retrieve artifacts, right?
If that's not it, please explain what you mean by "using Archiva".
--
Wendy
Re: build archiva from source code
Posted by "Qian, Yi" <yq...@ku.edu>.
Hello, Brent
I only applied patch to archiva. So I applied the patch to redback-1.2.5
tag version which is used by archiva-1.3.3.
Other patches were fine, but AssignmentsAction and AssignmentsActionTest
in redback-integrations/redback-struts2 were already in updated status and
I had to remove them from patch. Maven build failed due to the test fail.
I checked out redback-1.2.4 tag version, applied patch without any problem
and build successfully.
I attached test output file
Regards,
Yi
On 2/18/11 12:11 PM, "Brent Atkinson" <ba...@apache.org> wrote:
>I can't help you with MyEclipse, but to use the patch you have to apply
>the
>redback patch (to the right version of redback - the one used by your
>version of archiva), build it. Then you need to apply the archiva patch
>and
>build archiva. The archiva patch actually includes a small bit of spring
>configuration needed to pass certain tests.
>
>Could you could send the test output from those test failures? It should
>be
>available in the target/surefire-reports directory.
>
>Brent
>
>On Fri, Feb 18, 2011 at 12:28 PM, Qian, Yi <yq...@ku.edu> wrote:
>
>> Hello, Brent
>>
>> Per you suggestion, I applied REDBACK-266 patch onto archiva source code
>> checked out from svn repository and imported to my eclipse as existing
>> maven project, and run maven packaging inside MyEclipse, I got following
>> error
>>
>> Compilation failure
>> /home/yqian/Workspaces/MyEclipse
>>
>>8.6/archiva-all/archiva/archiva-modules/archiva-base/archiva-configuratio
>>n/
>>
>>target/generated-sources/modello/org/apache/maven/archiva/configuration/C
>>on
>> figuration.java:[713,33] cannot access ProxyConnectorConfiguration
>> class file for ProxyConnectorConfiguration not found
>> java.util.Collections.sort( connectors,
>>
>>
>>
>> I also tried to check out archiva 1.3.3 tag version and manually applied
>> patch, but maven packaging got me unit test failure
>>
>> Tests in error:
>>
>>
>>testCloneProjectModelWithParent(org.apache.maven.archiva.model.ArchivaMod
>>el
>> ClonerTest)
>>
>>
>>testArtifactModelProcessed(org.apache.maven.archiva.model.ArchivaArtifact
>>Te
>> st)
>>
>> Tests run: 11, Failures: 0, Errors: 2, Skipped: 0
>>
>> [INFO]
>> ------------------------------------------------------------------------
>> [ERROR] BUILD FAILURE
>> [INFO]
>> ------------------------------------------------------------------------
>> [INFO] There are test failures.
>>
>>
>>
>> Regards,
>>
>> Yi
>>
>> On 2/15/11 11:07 AM, "Brent Atkinson" <ba...@apache.org> wrote:
>>
>> >An admin user is required to exist in whatever authentication source
>> >you've
>> >configured. If there isn't such a user, archiva will ask you to create
>> >one.
>> >Setting it to your account satisfies this admin user check. I
>>developed a
>> >patch for redback that allows you to create hardwired utility accounts
>> >when
>> >you can't or don't want to pollute the LDAP tree. It hasn't been
>> >integrated
>> >yet, mostly because I wanted to get feedback on it and because it
>>affects
>> >both archiva and continuum configurations. The issue is REDBACK-266 if
>> >you're interested in trying it out. Any feedback you can give will be
>> >appreciated. Just comment on the issue.
>>
>>
Re: build archiva from source code
Posted by Brent Atkinson <ba...@apache.org>.
I can't help you with MyEclipse, but to use the patch you have to apply the
redback patch (to the right version of redback - the one used by your
version of archiva), build it. Then you need to apply the archiva patch and
build archiva. The archiva patch actually includes a small bit of spring
configuration needed to pass certain tests.
Could you could send the test output from those test failures? It should be
available in the target/surefire-reports directory.
Brent
On Fri, Feb 18, 2011 at 12:28 PM, Qian, Yi <yq...@ku.edu> wrote:
> Hello, Brent
>
> Per you suggestion, I applied REDBACK-266 patch onto archiva source code
> checked out from svn repository and imported to my eclipse as existing
> maven project, and run maven packaging inside MyEclipse, I got following
> error
>
> Compilation failure
> /home/yqian/Workspaces/MyEclipse
> 8.6/archiva-all/archiva/archiva-modules/archiva-base/archiva-configuration/
> target/generated-sources/modello/org/apache/maven/archiva/configuration/Con
> figuration.java:[713,33] cannot access ProxyConnectorConfiguration
> class file for ProxyConnectorConfiguration not found
> java.util.Collections.sort( connectors,
>
>
>
> I also tried to check out archiva 1.3.3 tag version and manually applied
> patch, but maven packaging got me unit test failure
>
> Tests in error:
>
> testCloneProjectModelWithParent(org.apache.maven.archiva.model.ArchivaModel
> ClonerTest)
>
> testArtifactModelProcessed(org.apache.maven.archiva.model.ArchivaArtifactTe
> st)
>
> Tests run: 11, Failures: 0, Errors: 2, Skipped: 0
>
> [INFO]
> ------------------------------------------------------------------------
> [ERROR] BUILD FAILURE
> [INFO]
> ------------------------------------------------------------------------
> [INFO] There are test failures.
>
>
>
> Regards,
>
> Yi
>
> On 2/15/11 11:07 AM, "Brent Atkinson" <ba...@apache.org> wrote:
>
> >An admin user is required to exist in whatever authentication source
> >you've
> >configured. If there isn't such a user, archiva will ask you to create
> >one.
> >Setting it to your account satisfies this admin user check. I developed a
> >patch for redback that allows you to create hardwired utility accounts
> >when
> >you can't or don't want to pollute the LDAP tree. It hasn't been
> >integrated
> >yet, mostly because I wanted to get feedback on it and because it affects
> >both archiva and continuum configurations. The issue is REDBACK-266 if
> >you're interested in trying it out. Any feedback you can give will be
> >appreciated. Just comment on the issue.
>
>
Re: authentication against LDAP
Posted by "Qian, Yi" <yq...@ku.edu>.
Hello, Brent
Thanks for the help, I was dragged by something else yesterday, will take
a look on the filter.
Regards,
Yi
On 2/15/11 3:02 PM, "Brent Atkinson" <ba...@apache.org> wrote:
>I believe the ldap configuration allows for a configurable user filter.
>You
>may be able to filter based on membership to a particular group.
>
>Check out the user-filter attribute at
>http://redback.codehaus.org/integration/ldap.html
>
>Brent
>
>On Tue, Feb 15, 2011 at 3:16 PM, Qian, Yi <yq...@ku.edu> wrote:
>
>> Hello, Brent
>>
>> For question 2, I just need to limit the access. There is no necessary
>>to
>> set different level of permission since archiva is used only by our team
>> and it only contains the artifacts. It is good to hear that this can be
>> archived by configuration. Could you please refer me to some resources
>>on
>> how to set up access limits?
>>
>> Regards,
>>
>> Yi
>>
>> On 2/15/11 1:48 PM, "Brent Atkinson" <ba...@apache.org> wrote:
>>
>> >Responses in-line.
>> >
>> >On Tue, Feb 15, 2011 at 2:28 PM, Qian, Yi <yq...@ku.edu> wrote:
>> >
>> >> Hello, Brent
>> >>
>> >> 1. I will try the patch
>> >> 2. I am not going to mess with the LDAP entries, my intention is to
>> >>query
>> >> the isMemberOf attribute, so the redback authentication can redirect
>> >>user
>> >> based on query result.
>> >>
>> >
>> >Depending on how much control you want over the permissions granted to
>> >archiva users with the LDAP groups, this could obviate the need for a
>> >moderately complex mapping tool so you can say LDAP group X grants
>> >permissions A, B and C. Redback assumes management of permissions at
>>the
>> >application level, not the directory level. Trying to invert that may
>>be
>> >more tricky than you might expect. Are you trying to actually manage
>> >permissions in Archiva using LDAP membership, or are you just looking
>>to
>> >limit the users allowed to access archiva? You may be able to do the
>> >latter
>> >with configuration.
>> >
>> >
>> >> 3. Following is my settings.xml in ~/.m2/ folder, which has my login
>> >> credential in it, my question is I would like to avoid put even
>> >>encrypted
>> >> credential in a file, there is a way to force user login when using
>> >> archiva, but also keep the login alive for some time period?
>> >>
>> >> <settings>
>> >> <mirrors>
>> >> <mirror>
>> >> <id>internal</id>
>> >> <name>Team maven repository</name>
>> >>
>><url>http://host:8080/archiva/repository/internal/</url>
>> >> <mirrorOf>*</mirrorOf>
>> >> </mirror>
>> >> </mirrors>
>> >>
>> >>
>> >> <servers>
>> >> <server>
>> >> <id>internal</id>
>> >> <username>name</username>
>> >> <password>password</password>
>> >> </server>
>> >> <server>
>> >> <id>release</id>
>> >> <username>name</username>
>> >> <password>password</password>
>> >> </server>
>> >> <server>
>> >> <id>snapshots</id>
>> >> <username>name</username>
>> >> <password>password</password>
>> >> </server>
>> >> </servers>
>> >> </settings>
>> >>
>> >>
>> >> Regards,
>> >>
>> >> Yi
>> >>
>> >> On 2/15/11 11:07 AM, "Brent Atkinson" <ba...@apache.org> wrote:
>> >>
>> >> >Comments are in-line.
>> >> >
>> >> >On Tue, Feb 15, 2011 at 11:03 AM, Qian, Yi <yq...@ku.edu> wrote:
>> >> >
>> >> >> Hello, Brett and Brent
>> >> >>
>> >> >> Thanks for your reply. I deployed archiva as stand-alone with
>>jetty
>> >> >> bundle. I do not have admin user configured in LDAP. So I changed
>> >> >> redback.default.admin to my ID and it works.
>> >> >
>> >> >
>> >> >
>> >> >> I still have some questions about the authentication
>> >> >> 1. Do I have to set up redback.default.admin property? Seems to me
>> >>the
>> >> >> answer is yes because even after I commented out this property in
>> >> >> security.properties file, archiva still redirected me to addadmin
>> >>page.
>> >> >> But If this is true, we have to create an admin account in LDAP
>>only
>> >>for
>> >> >> archiva.
>> >> >>
>> >> >
>> >> >An admin user is required to exist in whatever authentication source
>> >> >you've
>> >> >configured. If there isn't such a user, archiva will ask you to
>>create
>> >> >one.
>> >> >Setting it to your account satisfies this admin user check. I
>> >>developed a
>> >> >patch for redback that allows you to create hardwired utility
>>accounts
>> >> >when
>> >> >you can't or don't want to pollute the LDAP tree. It hasn't been
>> >> >integrated
>> >> >yet, mostly because I wanted to get feedback on it and because it
>> >>affects
>> >> >both archiva and continuum configurations. The issue is REDBACK-266
>>if
>> >> >you're interested in trying it out. Any feedback you can give will
>>be
>> >> >appreciated. Just comment on the issue.
>> >> >
>> >> >
>> >> >> 2. In our LDAP, user entry has multi-valued attributes isMemberOf,
>> >>can
>> >> >>we
>> >> >> set up redback to check this attribute, so if user is not belong
>>to
>> >> >> certain group, archiva will redirect the user to unauthorized
>>page.
>> >>If
>> >> >> this feature does not exist yet, please point me the direction
>>and I
>> >>am
>> >> >> willing to do the customized code change.
>> >> >>
>> >> >
>> >> >AFAIK, redback doesn't use membership attributes in LDAP for
>> >> >authorization.
>> >> >One reason is that there are multiple ways that membership is
>>handled
>> >>in
>> >> >various LDAP implementations/schemas. Due to the complexity of
>>trying
>> >>to
>> >> >safely manage LDAP directories, redback doesn't manipulate the
>> >>directory.
>> >> >It
>> >> >only reads from them. This allows users to authenticate with
>>consistent
>> >> >logins, and management of permissions happens at the application
>>level
>> >> >(not
>> >> >the directory level).
>> >> >
>> >> >
>> >> >> 3. There is settings.xml file in my local ~/.m2/ folder, this
>> >> >>settings.xml
>> >> >> include my login credential, can we skip the credential and force
>> >>user
>> >> >>to
>> >> >> login when he trying to use archiva and keep a session so he can
>>use
>> >>the
>> >> >> archiva without login again if the session is alive?
>> >> >>
>> >> >> And again, if any above feature does not exist, I am willing to
>>add
>> >>it.
>> >> >>
>> >> >
>> >> >Not sure what you're asking about here. The settings.xml file is
>> >>primarily
>> >> >used by maven plugins to authenticate. Are you suggesting that the
>>http
>> >> >session be shared across your maven builds and your web browser?
>> >> >
>> >> >
>> >> >> Regards,
>> >> >>
>> >> >> Yi
>> >> >>
>> >> >>
>> >> >> On 2/14/11 11:34 PM, "Brett Porter" <br...@apache.org> wrote:
>> >> >>
>> >> >> >Did you go ahead with that screen and then check what "User
>> >>Management"
>> >> >> >showed for available users?
>> >> >> >
>> >> >> >Did you configure a linked admin account in LDAP in
>> >> >>security.properties?
>> >> >> >
>> >> >> >- Brett
>> >> >> >
>> >> >> >On 15/02/2011, at 10:10 AM, Qian, Yi wrote:
>> >> >> >
>> >> >> >> Hello, experts
>> >> >> >>
>> >> >> >> I am trying to set up archiva 1.3.3 to authenticate against
>>LDAP
>> >> >> >>server. I
>> >> >> >> followed the instrution of LDAP Integration on Redback website.
>> >> >> >> Uncommented components element of LDAP connection factory and
>> >>user
>> >> >> >>mapper
>> >> >> >> in application.xml located in /WEB-INF/classes/META-INF/plexus.
>> >>Added
>> >> >> >> connection information and attributes mapping in
>> >>security.properties
>> >> >> >> located in /WEB-INF/classes/org/apache/maven/archiva. I started
>> >> >>archiva,
>> >> >> >> accessing http://localhost:8080/archiva brings me to
>> >> >> >> security/addadmin.action page. Could you tell me what I missed?
>> >> >> >>
>> >> >> >> Thanks,
>> >> >> >>
>> >> >> >> Yi
>> >> >> >>
>> >> >> >
>> >> >> >--
>> >> >> >Brett Porter
>> >> >> >brett@apache.org
>> >> >> >http://brettporter.wordpress.com/
>> >> >> >http://au.linkedin.com/in/brettporter
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >>
>> >> >>
>> >>
>> >>
>>
>>
Re: authentication against LDAP
Posted by Brent Atkinson <ba...@apache.org>.
I believe the ldap configuration allows for a configurable user filter. You
may be able to filter based on membership to a particular group.
Check out the user-filter attribute at
http://redback.codehaus.org/integration/ldap.html
Brent
On Tue, Feb 15, 2011 at 3:16 PM, Qian, Yi <yq...@ku.edu> wrote:
> Hello, Brent
>
> For question 2, I just need to limit the access. There is no necessary to
> set different level of permission since archiva is used only by our team
> and it only contains the artifacts. It is good to hear that this can be
> archived by configuration. Could you please refer me to some resources on
> how to set up access limits?
>
> Regards,
>
> Yi
>
> On 2/15/11 1:48 PM, "Brent Atkinson" <ba...@apache.org> wrote:
>
> >Responses in-line.
> >
> >On Tue, Feb 15, 2011 at 2:28 PM, Qian, Yi <yq...@ku.edu> wrote:
> >
> >> Hello, Brent
> >>
> >> 1. I will try the patch
> >> 2. I am not going to mess with the LDAP entries, my intention is to
> >>query
> >> the isMemberOf attribute, so the redback authentication can redirect
> >>user
> >> based on query result.
> >>
> >
> >Depending on how much control you want over the permissions granted to
> >archiva users with the LDAP groups, this could obviate the need for a
> >moderately complex mapping tool so you can say LDAP group X grants
> >permissions A, B and C. Redback assumes management of permissions at the
> >application level, not the directory level. Trying to invert that may be
> >more tricky than you might expect. Are you trying to actually manage
> >permissions in Archiva using LDAP membership, or are you just looking to
> >limit the users allowed to access archiva? You may be able to do the
> >latter
> >with configuration.
> >
> >
> >> 3. Following is my settings.xml in ~/.m2/ folder, which has my login
> >> credential in it, my question is I would like to avoid put even
> >>encrypted
> >> credential in a file, there is a way to force user login when using
> >> archiva, but also keep the login alive for some time period?
> >>
> >> <settings>
> >> <mirrors>
> >> <mirror>
> >> <id>internal</id>
> >> <name>Team maven repository</name>
> >> <url>http://host:8080/archiva/repository/internal/</url>
> >> <mirrorOf>*</mirrorOf>
> >> </mirror>
> >> </mirrors>
> >>
> >>
> >> <servers>
> >> <server>
> >> <id>internal</id>
> >> <username>name</username>
> >> <password>password</password>
> >> </server>
> >> <server>
> >> <id>release</id>
> >> <username>name</username>
> >> <password>password</password>
> >> </server>
> >> <server>
> >> <id>snapshots</id>
> >> <username>name</username>
> >> <password>password</password>
> >> </server>
> >> </servers>
> >> </settings>
> >>
> >>
> >> Regards,
> >>
> >> Yi
> >>
> >> On 2/15/11 11:07 AM, "Brent Atkinson" <ba...@apache.org> wrote:
> >>
> >> >Comments are in-line.
> >> >
> >> >On Tue, Feb 15, 2011 at 11:03 AM, Qian, Yi <yq...@ku.edu> wrote:
> >> >
> >> >> Hello, Brett and Brent
> >> >>
> >> >> Thanks for your reply. I deployed archiva as stand-alone with jetty
> >> >> bundle. I do not have admin user configured in LDAP. So I changed
> >> >> redback.default.admin to my ID and it works.
> >> >
> >> >
> >> >
> >> >> I still have some questions about the authentication
> >> >> 1. Do I have to set up redback.default.admin property? Seems to me
> >>the
> >> >> answer is yes because even after I commented out this property in
> >> >> security.properties file, archiva still redirected me to addadmin
> >>page.
> >> >> But If this is true, we have to create an admin account in LDAP only
> >>for
> >> >> archiva.
> >> >>
> >> >
> >> >An admin user is required to exist in whatever authentication source
> >> >you've
> >> >configured. If there isn't such a user, archiva will ask you to create
> >> >one.
> >> >Setting it to your account satisfies this admin user check. I
> >>developed a
> >> >patch for redback that allows you to create hardwired utility accounts
> >> >when
> >> >you can't or don't want to pollute the LDAP tree. It hasn't been
> >> >integrated
> >> >yet, mostly because I wanted to get feedback on it and because it
> >>affects
> >> >both archiva and continuum configurations. The issue is REDBACK-266 if
> >> >you're interested in trying it out. Any feedback you can give will be
> >> >appreciated. Just comment on the issue.
> >> >
> >> >
> >> >> 2. In our LDAP, user entry has multi-valued attributes isMemberOf,
> >>can
> >> >>we
> >> >> set up redback to check this attribute, so if user is not belong to
> >> >> certain group, archiva will redirect the user to unauthorized page.
> >>If
> >> >> this feature does not exist yet, please point me the direction and I
> >>am
> >> >> willing to do the customized code change.
> >> >>
> >> >
> >> >AFAIK, redback doesn't use membership attributes in LDAP for
> >> >authorization.
> >> >One reason is that there are multiple ways that membership is handled
> >>in
> >> >various LDAP implementations/schemas. Due to the complexity of trying
> >>to
> >> >safely manage LDAP directories, redback doesn't manipulate the
> >>directory.
> >> >It
> >> >only reads from them. This allows users to authenticate with consistent
> >> >logins, and management of permissions happens at the application level
> >> >(not
> >> >the directory level).
> >> >
> >> >
> >> >> 3. There is settings.xml file in my local ~/.m2/ folder, this
> >> >>settings.xml
> >> >> include my login credential, can we skip the credential and force
> >>user
> >> >>to
> >> >> login when he trying to use archiva and keep a session so he can use
> >>the
> >> >> archiva without login again if the session is alive?
> >> >>
> >> >> And again, if any above feature does not exist, I am willing to add
> >>it.
> >> >>
> >> >
> >> >Not sure what you're asking about here. The settings.xml file is
> >>primarily
> >> >used by maven plugins to authenticate. Are you suggesting that the http
> >> >session be shared across your maven builds and your web browser?
> >> >
> >> >
> >> >> Regards,
> >> >>
> >> >> Yi
> >> >>
> >> >>
> >> >> On 2/14/11 11:34 PM, "Brett Porter" <br...@apache.org> wrote:
> >> >>
> >> >> >Did you go ahead with that screen and then check what "User
> >>Management"
> >> >> >showed for available users?
> >> >> >
> >> >> >Did you configure a linked admin account in LDAP in
> >> >>security.properties?
> >> >> >
> >> >> >- Brett
> >> >> >
> >> >> >On 15/02/2011, at 10:10 AM, Qian, Yi wrote:
> >> >> >
> >> >> >> Hello, experts
> >> >> >>
> >> >> >> I am trying to set up archiva 1.3.3 to authenticate against LDAP
> >> >> >>server. I
> >> >> >> followed the instrution of LDAP Integration on Redback website.
> >> >> >> Uncommented components element of LDAP connection factory and
> >>user
> >> >> >>mapper
> >> >> >> in application.xml located in /WEB-INF/classes/META-INF/plexus.
> >>Added
> >> >> >> connection information and attributes mapping in
> >>security.properties
> >> >> >> located in /WEB-INF/classes/org/apache/maven/archiva. I started
> >> >>archiva,
> >> >> >> accessing http://localhost:8080/archiva brings me to
> >> >> >> security/addadmin.action page. Could you tell me what I missed?
> >> >> >>
> >> >> >> Thanks,
> >> >> >>
> >> >> >> Yi
> >> >> >>
> >> >> >
> >> >> >--
> >> >> >Brett Porter
> >> >> >brett@apache.org
> >> >> >http://brettporter.wordpress.com/
> >> >> >http://au.linkedin.com/in/brettporter
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >>
> >> >>
> >>
> >>
>
>
Re: authentication against LDAP
Posted by "Qian, Yi" <yq...@ku.edu>.
Hello, Brent
For question 2, I just need to limit the access. There is no necessary to
set different level of permission since archiva is used only by our team
and it only contains the artifacts. It is good to hear that this can be
archived by configuration. Could you please refer me to some resources on
how to set up access limits?
Regards,
Yi
On 2/15/11 1:48 PM, "Brent Atkinson" <ba...@apache.org> wrote:
>Responses in-line.
>
>On Tue, Feb 15, 2011 at 2:28 PM, Qian, Yi <yq...@ku.edu> wrote:
>
>> Hello, Brent
>>
>> 1. I will try the patch
>> 2. I am not going to mess with the LDAP entries, my intention is to
>>query
>> the isMemberOf attribute, so the redback authentication can redirect
>>user
>> based on query result.
>>
>
>Depending on how much control you want over the permissions granted to
>archiva users with the LDAP groups, this could obviate the need for a
>moderately complex mapping tool so you can say LDAP group X grants
>permissions A, B and C. Redback assumes management of permissions at the
>application level, not the directory level. Trying to invert that may be
>more tricky than you might expect. Are you trying to actually manage
>permissions in Archiva using LDAP membership, or are you just looking to
>limit the users allowed to access archiva? You may be able to do the
>latter
>with configuration.
>
>
>> 3. Following is my settings.xml in ~/.m2/ folder, which has my login
>> credential in it, my question is I would like to avoid put even
>>encrypted
>> credential in a file, there is a way to force user login when using
>> archiva, but also keep the login alive for some time period?
>>
>> <settings>
>> <mirrors>
>> <mirror>
>> <id>internal</id>
>> <name>Team maven repository</name>
>> <url>http://host:8080/archiva/repository/internal/</url>
>> <mirrorOf>*</mirrorOf>
>> </mirror>
>> </mirrors>
>>
>>
>> <servers>
>> <server>
>> <id>internal</id>
>> <username>name</username>
>> <password>password</password>
>> </server>
>> <server>
>> <id>release</id>
>> <username>name</username>
>> <password>password</password>
>> </server>
>> <server>
>> <id>snapshots</id>
>> <username>name</username>
>> <password>password</password>
>> </server>
>> </servers>
>> </settings>
>>
>>
>> Regards,
>>
>> Yi
>>
>> On 2/15/11 11:07 AM, "Brent Atkinson" <ba...@apache.org> wrote:
>>
>> >Comments are in-line.
>> >
>> >On Tue, Feb 15, 2011 at 11:03 AM, Qian, Yi <yq...@ku.edu> wrote:
>> >
>> >> Hello, Brett and Brent
>> >>
>> >> Thanks for your reply. I deployed archiva as stand-alone with jetty
>> >> bundle. I do not have admin user configured in LDAP. So I changed
>> >> redback.default.admin to my ID and it works.
>> >
>> >
>> >
>> >> I still have some questions about the authentication
>> >> 1. Do I have to set up redback.default.admin property? Seems to me
>>the
>> >> answer is yes because even after I commented out this property in
>> >> security.properties file, archiva still redirected me to addadmin
>>page.
>> >> But If this is true, we have to create an admin account in LDAP only
>>for
>> >> archiva.
>> >>
>> >
>> >An admin user is required to exist in whatever authentication source
>> >you've
>> >configured. If there isn't such a user, archiva will ask you to create
>> >one.
>> >Setting it to your account satisfies this admin user check. I
>>developed a
>> >patch for redback that allows you to create hardwired utility accounts
>> >when
>> >you can't or don't want to pollute the LDAP tree. It hasn't been
>> >integrated
>> >yet, mostly because I wanted to get feedback on it and because it
>>affects
>> >both archiva and continuum configurations. The issue is REDBACK-266 if
>> >you're interested in trying it out. Any feedback you can give will be
>> >appreciated. Just comment on the issue.
>> >
>> >
>> >> 2. In our LDAP, user entry has multi-valued attributes isMemberOf,
>>can
>> >>we
>> >> set up redback to check this attribute, so if user is not belong to
>> >> certain group, archiva will redirect the user to unauthorized page.
>>If
>> >> this feature does not exist yet, please point me the direction and I
>>am
>> >> willing to do the customized code change.
>> >>
>> >
>> >AFAIK, redback doesn't use membership attributes in LDAP for
>> >authorization.
>> >One reason is that there are multiple ways that membership is handled
>>in
>> >various LDAP implementations/schemas. Due to the complexity of trying
>>to
>> >safely manage LDAP directories, redback doesn't manipulate the
>>directory.
>> >It
>> >only reads from them. This allows users to authenticate with consistent
>> >logins, and management of permissions happens at the application level
>> >(not
>> >the directory level).
>> >
>> >
>> >> 3. There is settings.xml file in my local ~/.m2/ folder, this
>> >>settings.xml
>> >> include my login credential, can we skip the credential and force
>>user
>> >>to
>> >> login when he trying to use archiva and keep a session so he can use
>>the
>> >> archiva without login again if the session is alive?
>> >>
>> >> And again, if any above feature does not exist, I am willing to add
>>it.
>> >>
>> >
>> >Not sure what you're asking about here. The settings.xml file is
>>primarily
>> >used by maven plugins to authenticate. Are you suggesting that the http
>> >session be shared across your maven builds and your web browser?
>> >
>> >
>> >> Regards,
>> >>
>> >> Yi
>> >>
>> >>
>> >> On 2/14/11 11:34 PM, "Brett Porter" <br...@apache.org> wrote:
>> >>
>> >> >Did you go ahead with that screen and then check what "User
>>Management"
>> >> >showed for available users?
>> >> >
>> >> >Did you configure a linked admin account in LDAP in
>> >>security.properties?
>> >> >
>> >> >- Brett
>> >> >
>> >> >On 15/02/2011, at 10:10 AM, Qian, Yi wrote:
>> >> >
>> >> >> Hello, experts
>> >> >>
>> >> >> I am trying to set up archiva 1.3.3 to authenticate against LDAP
>> >> >>server. I
>> >> >> followed the instrution of LDAP Integration on Redback website.
>> >> >> Uncommented components element of LDAP connection factory and
>>user
>> >> >>mapper
>> >> >> in application.xml located in /WEB-INF/classes/META-INF/plexus.
>>Added
>> >> >> connection information and attributes mapping in
>>security.properties
>> >> >> located in /WEB-INF/classes/org/apache/maven/archiva. I started
>> >>archiva,
>> >> >> accessing http://localhost:8080/archiva brings me to
>> >> >> security/addadmin.action page. Could you tell me what I missed?
>> >> >>
>> >> >> Thanks,
>> >> >>
>> >> >> Yi
>> >> >>
>> >> >
>> >> >--
>> >> >Brett Porter
>> >> >brett@apache.org
>> >> >http://brettporter.wordpress.com/
>> >> >http://au.linkedin.com/in/brettporter
>> >> >
>> >> >
>> >> >
>> >> >
>> >>
>> >>
>>
>>
Re: authentication against LDAP
Posted by Brent Atkinson <ba...@apache.org>.
Responses in-line.
On Tue, Feb 15, 2011 at 2:28 PM, Qian, Yi <yq...@ku.edu> wrote:
> Hello, Brent
>
> 1. I will try the patch
> 2. I am not going to mess with the LDAP entries, my intention is to query
> the isMemberOf attribute, so the redback authentication can redirect user
> based on query result.
>
Depending on how much control you want over the permissions granted to
archiva users with the LDAP groups, this could obviate the need for a
moderately complex mapping tool so you can say LDAP group X grants
permissions A, B and C. Redback assumes management of permissions at the
application level, not the directory level. Trying to invert that may be
more tricky than you might expect. Are you trying to actually manage
permissions in Archiva using LDAP membership, or are you just looking to
limit the users allowed to access archiva? You may be able to do the latter
with configuration.
> 3. Following is my settings.xml in ~/.m2/ folder, which has my login
> credential in it, my question is I would like to avoid put even encrypted
> credential in a file, there is a way to force user login when using
> archiva, but also keep the login alive for some time period?
>
> <settings>
> <mirrors>
> <mirror>
> <id>internal</id>
> <name>Team maven repository</name>
> <url>http://host:8080/archiva/repository/internal/</url>
> <mirrorOf>*</mirrorOf>
> </mirror>
> </mirrors>
>
>
> <servers>
> <server>
> <id>internal</id>
> <username>name</username>
> <password>password</password>
> </server>
> <server>
> <id>release</id>
> <username>name</username>
> <password>password</password>
> </server>
> <server>
> <id>snapshots</id>
> <username>name</username>
> <password>password</password>
> </server>
> </servers>
> </settings>
>
>
> Regards,
>
> Yi
>
> On 2/15/11 11:07 AM, "Brent Atkinson" <ba...@apache.org> wrote:
>
> >Comments are in-line.
> >
> >On Tue, Feb 15, 2011 at 11:03 AM, Qian, Yi <yq...@ku.edu> wrote:
> >
> >> Hello, Brett and Brent
> >>
> >> Thanks for your reply. I deployed archiva as stand-alone with jetty
> >> bundle. I do not have admin user configured in LDAP. So I changed
> >> redback.default.admin to my ID and it works.
> >
> >
> >
> >> I still have some questions about the authentication
> >> 1. Do I have to set up redback.default.admin property? Seems to me the
> >> answer is yes because even after I commented out this property in
> >> security.properties file, archiva still redirected me to addadmin page.
> >> But If this is true, we have to create an admin account in LDAP only for
> >> archiva.
> >>
> >
> >An admin user is required to exist in whatever authentication source
> >you've
> >configured. If there isn't such a user, archiva will ask you to create
> >one.
> >Setting it to your account satisfies this admin user check. I developed a
> >patch for redback that allows you to create hardwired utility accounts
> >when
> >you can't or don't want to pollute the LDAP tree. It hasn't been
> >integrated
> >yet, mostly because I wanted to get feedback on it and because it affects
> >both archiva and continuum configurations. The issue is REDBACK-266 if
> >you're interested in trying it out. Any feedback you can give will be
> >appreciated. Just comment on the issue.
> >
> >
> >> 2. In our LDAP, user entry has multi-valued attributes isMemberOf, can
> >>we
> >> set up redback to check this attribute, so if user is not belong to
> >> certain group, archiva will redirect the user to unauthorized page. If
> >> this feature does not exist yet, please point me the direction and I am
> >> willing to do the customized code change.
> >>
> >
> >AFAIK, redback doesn't use membership attributes in LDAP for
> >authorization.
> >One reason is that there are multiple ways that membership is handled in
> >various LDAP implementations/schemas. Due to the complexity of trying to
> >safely manage LDAP directories, redback doesn't manipulate the directory.
> >It
> >only reads from them. This allows users to authenticate with consistent
> >logins, and management of permissions happens at the application level
> >(not
> >the directory level).
> >
> >
> >> 3. There is settings.xml file in my local ~/.m2/ folder, this
> >>settings.xml
> >> include my login credential, can we skip the credential and force user
> >>to
> >> login when he trying to use archiva and keep a session so he can use the
> >> archiva without login again if the session is alive?
> >>
> >> And again, if any above feature does not exist, I am willing to add it.
> >>
> >
> >Not sure what you're asking about here. The settings.xml file is primarily
> >used by maven plugins to authenticate. Are you suggesting that the http
> >session be shared across your maven builds and your web browser?
> >
> >
> >> Regards,
> >>
> >> Yi
> >>
> >>
> >> On 2/14/11 11:34 PM, "Brett Porter" <br...@apache.org> wrote:
> >>
> >> >Did you go ahead with that screen and then check what "User Management"
> >> >showed for available users?
> >> >
> >> >Did you configure a linked admin account in LDAP in
> >>security.properties?
> >> >
> >> >- Brett
> >> >
> >> >On 15/02/2011, at 10:10 AM, Qian, Yi wrote:
> >> >
> >> >> Hello, experts
> >> >>
> >> >> I am trying to set up archiva 1.3.3 to authenticate against LDAP
> >> >>server. I
> >> >> followed the instrution of LDAP Integration on Redback website.
> >> >> Uncommented components element of LDAP connection factory and user
> >> >>mapper
> >> >> in application.xml located in /WEB-INF/classes/META-INF/plexus. Added
> >> >> connection information and attributes mapping in security.properties
> >> >> located in /WEB-INF/classes/org/apache/maven/archiva. I started
> >>archiva,
> >> >> accessing http://localhost:8080/archiva brings me to
> >> >> security/addadmin.action page. Could you tell me what I missed?
> >> >>
> >> >> Thanks,
> >> >>
> >> >> Yi
> >> >>
> >> >
> >> >--
> >> >Brett Porter
> >> >brett@apache.org
> >> >http://brettporter.wordpress.com/
> >> >http://au.linkedin.com/in/brettporter
> >> >
> >> >
> >> >
> >> >
> >>
> >>
>
>
build archiva from source code
Posted by "Qian, Yi" <yq...@ku.edu>.
Hello, Brent
Per you suggestion, I applied REDBACK-266 patch onto archiva source code
checked out from svn repository and imported to my eclipse as existing
maven project, and run maven packaging inside MyEclipse, I got following
error
Compilation failure
/home/yqian/Workspaces/MyEclipse
8.6/archiva-all/archiva/archiva-modules/archiva-base/archiva-configuration/
target/generated-sources/modello/org/apache/maven/archiva/configuration/Con
figuration.java:[713,33] cannot access ProxyConnectorConfiguration
class file for ProxyConnectorConfiguration not found
java.util.Collections.sort( connectors,
I also tried to check out archiva 1.3.3 tag version and manually applied
patch, but maven packaging got me unit test failure
Tests in error:
testCloneProjectModelWithParent(org.apache.maven.archiva.model.ArchivaModel
ClonerTest)
testArtifactModelProcessed(org.apache.maven.archiva.model.ArchivaArtifactTe
st)
Tests run: 11, Failures: 0, Errors: 2, Skipped: 0
[INFO]
------------------------------------------------------------------------
[ERROR] BUILD FAILURE
[INFO]
------------------------------------------------------------------------
[INFO] There are test failures.
Regards,
Yi
On 2/15/11 11:07 AM, "Brent Atkinson" <ba...@apache.org> wrote:
>An admin user is required to exist in whatever authentication source
>you've
>configured. If there isn't such a user, archiva will ask you to create
>one.
>Setting it to your account satisfies this admin user check. I developed a
>patch for redback that allows you to create hardwired utility accounts
>when
>you can't or don't want to pollute the LDAP tree. It hasn't been
>integrated
>yet, mostly because I wanted to get feedback on it and because it affects
>both archiva and continuum configurations. The issue is REDBACK-266 if
>you're interested in trying it out. Any feedback you can give will be
>appreciated. Just comment on the issue.
Re: authentication against LDAP
Posted by "Qian, Yi" <yq...@ku.edu>.
Hello, Brent
1. I will try the patch
2. I am not going to mess with the LDAP entries, my intention is to query
the isMemberOf attribute, so the redback authentication can redirect user
based on query result.
3. Following is my settings.xml in ~/.m2/ folder, which has my login
credential in it, my question is I would like to avoid put even encrypted
credential in a file, there is a way to force user login when using
archiva, but also keep the login alive for some time period?
<settings>
<mirrors>
<mirror>
<id>internal</id>
<name>Team maven repository</name>
<url>http://host:8080/archiva/repository/internal/</url>
<mirrorOf>*</mirrorOf>
</mirror>
</mirrors>
<servers>
<server>
<id>internal</id>
<username>name</username>
<password>password</password>
</server>
<server>
<id>release</id>
<username>name</username>
<password>password</password>
</server>
<server>
<id>snapshots</id>
<username>name</username>
<password>password</password>
</server>
</servers>
</settings>
Regards,
Yi
On 2/15/11 11:07 AM, "Brent Atkinson" <ba...@apache.org> wrote:
>Comments are in-line.
>
>On Tue, Feb 15, 2011 at 11:03 AM, Qian, Yi <yq...@ku.edu> wrote:
>
>> Hello, Brett and Brent
>>
>> Thanks for your reply. I deployed archiva as stand-alone with jetty
>> bundle. I do not have admin user configured in LDAP. So I changed
>> redback.default.admin to my ID and it works.
>
>
>
>> I still have some questions about the authentication
>> 1. Do I have to set up redback.default.admin property? Seems to me the
>> answer is yes because even after I commented out this property in
>> security.properties file, archiva still redirected me to addadmin page.
>> But If this is true, we have to create an admin account in LDAP only for
>> archiva.
>>
>
>An admin user is required to exist in whatever authentication source
>you've
>configured. If there isn't such a user, archiva will ask you to create
>one.
>Setting it to your account satisfies this admin user check. I developed a
>patch for redback that allows you to create hardwired utility accounts
>when
>you can't or don't want to pollute the LDAP tree. It hasn't been
>integrated
>yet, mostly because I wanted to get feedback on it and because it affects
>both archiva and continuum configurations. The issue is REDBACK-266 if
>you're interested in trying it out. Any feedback you can give will be
>appreciated. Just comment on the issue.
>
>
>> 2. In our LDAP, user entry has multi-valued attributes isMemberOf, can
>>we
>> set up redback to check this attribute, so if user is not belong to
>> certain group, archiva will redirect the user to unauthorized page. If
>> this feature does not exist yet, please point me the direction and I am
>> willing to do the customized code change.
>>
>
>AFAIK, redback doesn't use membership attributes in LDAP for
>authorization.
>One reason is that there are multiple ways that membership is handled in
>various LDAP implementations/schemas. Due to the complexity of trying to
>safely manage LDAP directories, redback doesn't manipulate the directory.
>It
>only reads from them. This allows users to authenticate with consistent
>logins, and management of permissions happens at the application level
>(not
>the directory level).
>
>
>> 3. There is settings.xml file in my local ~/.m2/ folder, this
>>settings.xml
>> include my login credential, can we skip the credential and force user
>>to
>> login when he trying to use archiva and keep a session so he can use the
>> archiva without login again if the session is alive?
>>
>> And again, if any above feature does not exist, I am willing to add it.
>>
>
>Not sure what you're asking about here. The settings.xml file is primarily
>used by maven plugins to authenticate. Are you suggesting that the http
>session be shared across your maven builds and your web browser?
>
>
>> Regards,
>>
>> Yi
>>
>>
>> On 2/14/11 11:34 PM, "Brett Porter" <br...@apache.org> wrote:
>>
>> >Did you go ahead with that screen and then check what "User Management"
>> >showed for available users?
>> >
>> >Did you configure a linked admin account in LDAP in
>>security.properties?
>> >
>> >- Brett
>> >
>> >On 15/02/2011, at 10:10 AM, Qian, Yi wrote:
>> >
>> >> Hello, experts
>> >>
>> >> I am trying to set up archiva 1.3.3 to authenticate against LDAP
>> >>server. I
>> >> followed the instrution of LDAP Integration on Redback website.
>> >> Uncommented components element of LDAP connection factory and user
>> >>mapper
>> >> in application.xml located in /WEB-INF/classes/META-INF/plexus. Added
>> >> connection information and attributes mapping in security.properties
>> >> located in /WEB-INF/classes/org/apache/maven/archiva. I started
>>archiva,
>> >> accessing http://localhost:8080/archiva brings me to
>> >> security/addadmin.action page. Could you tell me what I missed?
>> >>
>> >> Thanks,
>> >>
>> >> Yi
>> >>
>> >
>> >--
>> >Brett Porter
>> >brett@apache.org
>> >http://brettporter.wordpress.com/
>> >http://au.linkedin.com/in/brettporter
>> >
>> >
>> >
>> >
>>
>>
Re: authentication against LDAP
Posted by Brent Atkinson <ba...@apache.org>.
Comments are in-line.
On Tue, Feb 15, 2011 at 11:03 AM, Qian, Yi <yq...@ku.edu> wrote:
> Hello, Brett and Brent
>
> Thanks for your reply. I deployed archiva as stand-alone with jetty
> bundle. I do not have admin user configured in LDAP. So I changed
> redback.default.admin to my ID and it works.
> I still have some questions about the authentication
> 1. Do I have to set up redback.default.admin property? Seems to me the
> answer is yes because even after I commented out this property in
> security.properties file, archiva still redirected me to addadmin page.
> But If this is true, we have to create an admin account in LDAP only for
> archiva.
>
An admin user is required to exist in whatever authentication source you've
configured. If there isn't such a user, archiva will ask you to create one.
Setting it to your account satisfies this admin user check. I developed a
patch for redback that allows you to create hardwired utility accounts when
you can't or don't want to pollute the LDAP tree. It hasn't been integrated
yet, mostly because I wanted to get feedback on it and because it affects
both archiva and continuum configurations. The issue is REDBACK-266 if
you're interested in trying it out. Any feedback you can give will be
appreciated. Just comment on the issue.
> 2. In our LDAP, user entry has multi-valued attributes isMemberOf, can we
> set up redback to check this attribute, so if user is not belong to
> certain group, archiva will redirect the user to unauthorized page. If
> this feature does not exist yet, please point me the direction and I am
> willing to do the customized code change.
>
AFAIK, redback doesn't use membership attributes in LDAP for authorization.
One reason is that there are multiple ways that membership is handled in
various LDAP implementations/schemas. Due to the complexity of trying to
safely manage LDAP directories, redback doesn't manipulate the directory. It
only reads from them. This allows users to authenticate with consistent
logins, and management of permissions happens at the application level (not
the directory level).
> 3. There is settings.xml file in my local ~/.m2/ folder, this settings.xml
> include my login credential, can we skip the credential and force user to
> login when he trying to use archiva and keep a session so he can use the
> archiva without login again if the session is alive?
>
> And again, if any above feature does not exist, I am willing to add it.
>
Not sure what you're asking about here. The settings.xml file is primarily
used by maven plugins to authenticate. Are you suggesting that the http
session be shared across your maven builds and your web browser?
> Regards,
>
> Yi
>
>
> On 2/14/11 11:34 PM, "Brett Porter" <br...@apache.org> wrote:
>
> >Did you go ahead with that screen and then check what "User Management"
> >showed for available users?
> >
> >Did you configure a linked admin account in LDAP in security.properties?
> >
> >- Brett
> >
> >On 15/02/2011, at 10:10 AM, Qian, Yi wrote:
> >
> >> Hello, experts
> >>
> >> I am trying to set up archiva 1.3.3 to authenticate against LDAP
> >>server. I
> >> followed the instrution of LDAP Integration on Redback website.
> >> Uncommented components element of LDAP connection factory and user
> >>mapper
> >> in application.xml located in /WEB-INF/classes/META-INF/plexus. Added
> >> connection information and attributes mapping in security.properties
> >> located in /WEB-INF/classes/org/apache/maven/archiva. I started archiva,
> >> accessing http://localhost:8080/archiva brings me to
> >> security/addadmin.action page. Could you tell me what I missed?
> >>
> >> Thanks,
> >>
> >> Yi
> >>
> >
> >--
> >Brett Porter
> >brett@apache.org
> >http://brettporter.wordpress.com/
> >http://au.linkedin.com/in/brettporter
> >
> >
> >
> >
>
>
Re: authentication against LDAP
Posted by "Qian, Yi" <yq...@ku.edu>.
Hello, Brett and Brent
Thanks for your reply. I deployed archiva as stand-alone with jetty
bundle. I do not have admin user configured in LDAP. So I changed
redback.default.admin to my ID and it works.
I still have some questions about the authentication
1. Do I have to set up redback.default.admin property? Seems to me the
answer is yes because even after I commented out this property in
security.properties file, archiva still redirected me to addadmin page.
But If this is true, we have to create an admin account in LDAP only for
archiva.
2. In our LDAP, user entry has multi-valued attributes isMemberOf, can we
set up redback to check this attribute, so if user is not belong to
certain group, archiva will redirect the user to unauthorized page. If
this feature does not exist yet, please point me the direction and I am
willing to do the customized code change.
3. There is settings.xml file in my local ~/.m2/ folder, this settings.xml
include my login credential, can we skip the credential and force user to
login when he trying to use archiva and keep a session so he can use the
archiva without login again if the session is alive?
And again, if any above feature does not exist, I am willing to add it.
Regards,
Yi
On 2/14/11 11:34 PM, "Brett Porter" <br...@apache.org> wrote:
>Did you go ahead with that screen and then check what "User Management"
>showed for available users?
>
>Did you configure a linked admin account in LDAP in security.properties?
>
>- Brett
>
>On 15/02/2011, at 10:10 AM, Qian, Yi wrote:
>
>> Hello, experts
>>
>> I am trying to set up archiva 1.3.3 to authenticate against LDAP
>>server. I
>> followed the instrution of LDAP Integration on Redback website.
>> Uncommented components element of LDAP connection factory and user
>>mapper
>> in application.xml located in /WEB-INF/classes/META-INF/plexus. Added
>> connection information and attributes mapping in security.properties
>> located in /WEB-INF/classes/org/apache/maven/archiva. I started archiva,
>> accessing http://localhost:8080/archiva brings me to
>> security/addadmin.action page. Could you tell me what I missed?
>>
>> Thanks,
>>
>> Yi
>>
>
>--
>Brett Porter
>brett@apache.org
>http://brettporter.wordpress.com/
>http://au.linkedin.com/in/brettporter
>
>
>
>
Re: authentication against LDAP
Posted by Brett Porter <br...@apache.org>.
Did you go ahead with that screen and then check what "User Management" showed for available users?
Did you configure a linked admin account in LDAP in security.properties?
- Brett
On 15/02/2011, at 10:10 AM, Qian, Yi wrote:
> Hello, experts
>
> I am trying to set up archiva 1.3.3 to authenticate against LDAP server. I
> followed the instrution of LDAP Integration on Redback website.
> Uncommented components element of LDAP connection factory and user mapper
> in application.xml located in /WEB-INF/classes/META-INF/plexus. Added
> connection information and attributes mapping in security.properties
> located in /WEB-INF/classes/org/apache/maven/archiva. I started archiva,
> accessing http://localhost:8080/archiva brings me to
> security/addadmin.action page. Could you tell me what I missed?
>
> Thanks,
>
> Yi
>
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter
authentication against LDAP
Posted by "Qian, Yi" <yq...@ku.edu>.
Hello, experts
I am trying to set up archiva 1.3.3 to authenticate against LDAP server. I
followed the instrution of LDAP Integration on Redback website.
Uncommented components element of LDAP connection factory and user mapper
in application.xml located in /WEB-INF/classes/META-INF/plexus. Added
connection information and attributes mapping in security.properties
located in /WEB-INF/classes/org/apache/maven/archiva. I started archiva,
accessing http://localhost:8080/archiva brings me to
security/addadmin.action page. Could you tell me what I missed?
Thanks,
Yi
Re: Is Archiva compatible with Maven 3?
Posted by Brett Porter <br...@apache.org>.
Same thing - it is compatible.
That's a good point, we should change that to be clear.
On 15/02/2011, at 3:25 AM, javaman501 wrote:
>
> I have been using Archiva with Maven 2.2.1. We wanted to upgrade to Maven 3.
> I noticed on Archiva that when I add a managed repository, I have a choice
> between "Maven 1.x Repository" and "Maven 2.x Repository". Is there
> supposed to be a "Maven 3.x Repository" in a later version of Archiva? Or
> is it the case that a Maven 2.x Repository is simply the same thing as a
> Maven 3.x repository?
> --
> View this message in context: http://old.nabble.com/Is-Archiva-compatible-with-Maven-3--tp30923282p30923282.html
> Sent from the archiva-users mailing list archive at Nabble.com.
>
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter