You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@archiva.apache.org by Thad Humphries <th...@gmail.com> on 2016/08/16 17:25:41 UTC
Archiva 2.2.x, resetting password
Despite earlier efforts to get Archiva to stop requiring password reset,
it's done it again. Now neither user nor admin can get in and the "Reset
Password" button seems to do nothing.
How can I clear the old passwords and reset the admin and users? Or (as
done at least once before) must I blow it all away an reinstall?
Can't this "feature" be disable? There is *at most* only two of using this.
--
"Hell hath no limits, nor is circumscrib'd In one self-place; but where we
are is hell, And where hell is, there must we ever be" --Christopher
Marlowe, *Doctor Faustus* (v. 121-24)
Re: Archiva 2.2.x, resetting password
Posted by Jörg Schaible <jo...@gmx.de>.
Hi Thad,
Thad Humphries wrote:
> Okay, I finally found the reset messages and I'm back with new passwords.
> I've also changed security.policy.password.previous.count to 0 and
> restarted. We'll see in another 90 or 180 days.
It seems that the setting in the security.properties will have no effect on
already existing passwords. It is a flag in the JDOUSER table. However, you
cannot manually change this flag (I've tried), because it has influence on
the password's hash value. You can inspect the data record now, if tghe
value is 0, your password should not expire.
> Very odd, though: When I login as admin, the login dialog does not
> disappear. I have reload the page before I see my admin menu options.
>
> On Tue, Aug 16, 2016 at 7:08 PM, Thad Humphries <th...@gmail.com>
> wrote:
>
>> Thanks. I tried something similar before (see http://www.mail-archive.
>> com/users@archiva.apache.org/msg02910.html) by creating a
>> ~/.m2/security.properties file, but I set
>> security.policy.password.previous.count to -1. Maybe zero will work for
>> me this time.
>>
>> Frankly, I'm not familiar enough with the nits of Archiva administration
>> to follow you on your fix. I am not running Archiva under Tomcat but
>> simply starting it on port 8080:
>>
>> $ cd /opt/apache-archiva-2.2.0
>> $ nohup bin/archiva console start &
>>
>> I may be stuck rebuilding it (or switching to Nexus).
Actually I was tempted to switch to Nexus also.
Cheers,
J�rg
Re: Archiva 2.2.x, resetting password
Posted by Thad Humphries <th...@gmail.com>.
Okay, I finally found the reset messages and I'm back with new passwords.
I've also changed security.policy.password.previous.count to 0 and
restarted. We'll see in another 90 or 180 days.
Very odd, though: When I login as admin, the login dialog does not
disappear. I have reload the page before I see my admin menu options.
On Tue, Aug 16, 2016 at 7:08 PM, Thad Humphries <th...@gmail.com>
wrote:
> Thanks. I tried something similar before (see http://www.mail-archive.
> com/users@archiva.apache.org/msg02910.html) by creating a
> ~/.m2/security.properties file, but I set security.policy.password.previous.count
> to -1. Maybe zero will work for me this time.
>
> Frankly, I'm not familiar enough with the nits of Archiva administration
> to follow you on your fix. I am not running Archiva under Tomcat but
> simply starting it on port 8080:
>
> $ cd /opt/apache-archiva-2.2.0
> $ nohup bin/archiva console start &
>
> I may be stuck rebuilding it (or switching to Nexus).
>
> On Tue, Aug 16, 2016 at 6:32 PM, Jörg Schaible <jo...@gmx.de>
> wrote:
>
>> Hi Thad,
>>
>> Thad Humphries wrote:
>>
>> > Despite earlier efforts to get Archiva to stop requiring password reset,
>> > it's done it again. Now neither user nor admin can get in and the "Reset
>> > Password" button seems to do nothing.
>> >
>> > How can I clear the old passwords and reset the admin and users? Or (as
>> > done at least once before) must I blow it all away an reinstall?
>> >
>> > Can't this "feature" be disable? There is *at most* only two of using
>> > this.
>>
>> I had also a very annoying fight with this and I am only one. I found
>> finally a location to turn the expiration off (at least I hope so):
>>
>> ================ %< ===============
>> $ sudo cat /var/lib/archiva/security.properties
>> security.policy.password.previous.count=0
>> security.policy.password.expiration.enabled=false
>> ================ %< ===============
>>
>> However, I was in the same situation as you and I finally created a new DB
>> for the Archiva users, configured Archiva to use that one instead and let
>> it
>> recreate an admin and guest user (note, you have to turn off password
>> expiration before). Then I exported the two JDOUSER* tables, dropped
>> anything in these tables of the original DB and imported the data. After
>> that I configured Archiva to use the original User DB again. Now I could
>> login as admin again and was able to recreated my user.
>>
>> Note: Always shut down Tomcat before you change something in the DB.
>>
>> Hope this works for you also.
>>
>> Cheers,
>> Jörg
>>
>>
>
>
> --
> "Hell hath no limits, nor is circumscrib'd In one self-place; but where we
> are is hell, And where hell is, there must we ever be" --Christopher
> Marlowe, *Doctor Faustus* (v. 121-24)
>
--
"Hell hath no limits, nor is circumscrib'd In one self-place; but where we
are is hell, And where hell is, there must we ever be" --Christopher
Marlowe, *Doctor Faustus* (v. 121-24)
Re: Archiva 2.2.x, resetting password
Posted by Olivier Lamy <ol...@apache.org>.
On 17 August 2016 at 09:08, Thad Humphries <th...@gmail.com> wrote:
> Thanks. I tried something similar before (see
> http://www.mail-archive.com/users@archiva.apache.org/msg02910.html) by
> creating a ~/.m2/security.properties file, but I set
> security.policy.password.previous.count to -1. Maybe zero will work for me
> this time.
>
> Frankly, I'm not familiar enough with the nits of Archiva administration to
> follow you on your fix. I am not running Archiva under Tomcat but simply
> starting it on port 8080:
>
> $ cd /opt/apache-archiva-2.2.0
> $ nohup bin/archiva console start &
>
> I may be stuck rebuilding it (or switching to Nexus).
>
mvn clean install -DskipTests
This doesn't work?
We will be definitely very happy to have more people to help (fixing issues
etc...)
Yup that's an open source project which doesn't any company supporting it
so it relies on contributor spare time.
Personally I have a very limited one ATM.
I'm pretty sure if you provide patches or pull request you will quickly
gain commit karma.
Cheers
Olivier
>
> On Tue, Aug 16, 2016 at 6:32 PM, Jörg Schaible <jo...@gmx.de>
> wrote:
>
> > Hi Thad,
> >
> > Thad Humphries wrote:
> >
> > > Despite earlier efforts to get Archiva to stop requiring password
> reset,
> > > it's done it again. Now neither user nor admin can get in and the
> "Reset
> > > Password" button seems to do nothing.
> > >
> > > How can I clear the old passwords and reset the admin and users? Or (as
> > > done at least once before) must I blow it all away an reinstall?
> > >
> > > Can't this "feature" be disable? There is *at most* only two of using
> > > this.
> >
> > I had also a very annoying fight with this and I am only one. I found
> > finally a location to turn the expiration off (at least I hope so):
> >
> > ================ %< ===============
> > $ sudo cat /var/lib/archiva/security.properties
> > security.policy.password.previous.count=0
> > security.policy.password.expiration.enabled=false
> > ================ %< ===============
> >
> > However, I was in the same situation as you and I finally created a new
> DB
> > for the Archiva users, configured Archiva to use that one instead and let
> > it
> > recreate an admin and guest user (note, you have to turn off password
> > expiration before). Then I exported the two JDOUSER* tables, dropped
> > anything in these tables of the original DB and imported the data. After
> > that I configured Archiva to use the original User DB again. Now I could
> > login as admin again and was able to recreated my user.
> >
> > Note: Always shut down Tomcat before you change something in the DB.
> >
> > Hope this works for you also.
> >
> > Cheers,
> > Jörg
> >
> >
>
>
> --
> "Hell hath no limits, nor is circumscrib'd In one self-place; but where we
> are is hell, And where hell is, there must we ever be" --Christopher
> Marlowe, *Doctor Faustus* (v. 121-24)
>
--
Olivier Lamy
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: Archiva 2.2.x, resetting password
Posted by Thad Humphries <th...@gmail.com>.
Thanks. I tried something similar before (see
http://www.mail-archive.com/users@archiva.apache.org/msg02910.html) by
creating a ~/.m2/security.properties file, but I set
security.policy.password.previous.count to -1. Maybe zero will work for me
this time.
Frankly, I'm not familiar enough with the nits of Archiva administration to
follow you on your fix. I am not running Archiva under Tomcat but simply
starting it on port 8080:
$ cd /opt/apache-archiva-2.2.0
$ nohup bin/archiva console start &
I may be stuck rebuilding it (or switching to Nexus).
On Tue, Aug 16, 2016 at 6:32 PM, Jörg Schaible <jo...@gmx.de>
wrote:
> Hi Thad,
>
> Thad Humphries wrote:
>
> > Despite earlier efforts to get Archiva to stop requiring password reset,
> > it's done it again. Now neither user nor admin can get in and the "Reset
> > Password" button seems to do nothing.
> >
> > How can I clear the old passwords and reset the admin and users? Or (as
> > done at least once before) must I blow it all away an reinstall?
> >
> > Can't this "feature" be disable? There is *at most* only two of using
> > this.
>
> I had also a very annoying fight with this and I am only one. I found
> finally a location to turn the expiration off (at least I hope so):
>
> ================ %< ===============
> $ sudo cat /var/lib/archiva/security.properties
> security.policy.password.previous.count=0
> security.policy.password.expiration.enabled=false
> ================ %< ===============
>
> However, I was in the same situation as you and I finally created a new DB
> for the Archiva users, configured Archiva to use that one instead and let
> it
> recreate an admin and guest user (note, you have to turn off password
> expiration before). Then I exported the two JDOUSER* tables, dropped
> anything in these tables of the original DB and imported the data. After
> that I configured Archiva to use the original User DB again. Now I could
> login as admin again and was able to recreated my user.
>
> Note: Always shut down Tomcat before you change something in the DB.
>
> Hope this works for you also.
>
> Cheers,
> Jörg
>
>
--
"Hell hath no limits, nor is circumscrib'd In one self-place; but where we
are is hell, And where hell is, there must we ever be" --Christopher
Marlowe, *Doctor Faustus* (v. 121-24)
Re: Archiva 2.2.x, resetting password
Posted by Jörg Schaible <jo...@gmx.de>.
Hi Thad,
Thad Humphries wrote:
> Despite earlier efforts to get Archiva to stop requiring password reset,
> it's done it again. Now neither user nor admin can get in and the "Reset
> Password" button seems to do nothing.
>
> How can I clear the old passwords and reset the admin and users? Or (as
> done at least once before) must I blow it all away an reinstall?
>
> Can't this "feature" be disable? There is *at most* only two of using
> this.
I had also a very annoying fight with this and I am only one. I found
finally a location to turn the expiration off (at least I hope so):
================ %< ===============
$ sudo cat /var/lib/archiva/security.properties
security.policy.password.previous.count=0
security.policy.password.expiration.enabled=false
================ %< ===============
However, I was in the same situation as you and I finally created a new DB
for the Archiva users, configured Archiva to use that one instead and let it
recreate an admin and guest user (note, you have to turn off password
expiration before). Then I exported the two JDOUSER* tables, dropped
anything in these tables of the original DB and imported the data. After
that I configured Archiva to use the original User DB again. Now I could
login as admin again and was able to recreated my user.
Note: Always shut down Tomcat before you change something in the DB.
Hope this works for you also.
Cheers,
J�rg