mirror of https://github.com/apache/archiva.git
Changing some docs for archiva 2.2.3
This commit is contained in:
parent
a43d980be3
commit
1d3714453a
|
@ -31,7 +31,9 @@ Configuration Files of Apache Archiva
|
|||
|
||||
* <<<archiva.xml>>> - this is the primary Archiva configuration file
|
||||
|
||||
* <<<security.properties>>> - this configures the security as described in the {{{./security.html} security configuration documentation}}
|
||||
* <<<security.properties>>> - This file, if it exists, is only read once to populate the
|
||||
Redback Runtime Configuration properties (see {{{./redback-runtime-configuration.html#Runtime_Properties}Redback Runtime Configuration}},
|
||||
stored in <<<archiva.xml>>>. The file will be ignored after this.
|
||||
|
||||
This section will focus on the <<<archiva.xml>>> file.
|
||||
|
||||
|
|
|
@ -27,66 +27,24 @@
|
|||
|
||||
Archiva Security Configuration
|
||||
|
||||
Security properties and password rules can be configured in the
|
||||
<<<security.properties>>> file, which by default is searched for in:
|
||||
Security properties and password rules are configured now in the Redback Runtime Configuration
|
||||
properties (see {{{./redback-runtime-configuration.html#Runtime_properties}Redback Runtime Configuration}}).
|
||||
|
||||
* <<<~/.m2/security.properties>>>
|
||||
|
||||
* <<<conf/security.properties>>> in the Archiva installation
|
||||
The Redback Runtime Configuration properties are stored in <<<archiva.xml>>>.
|
||||
The former <<<security.properties>>> file, if it exists, is only used once for populating the
|
||||
Runtime Configuration settings. After that, this file will be ignored.
|
||||
|
||||
[]
|
||||
|
||||
(In the above list, <<<~>>> is the home directory of the user who is running
|
||||
Archiva.)
|
||||
|
||||
~~TODO: Link to plexus-redback documentation when available
|
||||
|
||||
Following are some of the properties you can modify. For a complete list,
|
||||
consult the default properties file in Redback's svn repo:
|
||||
These are the default properties. The file can be found in in Redback's svn repo:
|
||||
{{{http://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties}
|
||||
config-defaults.properties}}
|
||||
|
||||
+-----+
|
||||
# Security Policies
|
||||
# -----------------
|
||||
#security.policy.password.encoder=
|
||||
security.policy.password.previous.count=6
|
||||
security.policy.password.expiration.days=90
|
||||
security.policy.password.expiration.enabled=true
|
||||
security.policy.allowed.login.attempt=3
|
||||
%{snippet|ignoreDownloadError=true|url=https://raw.githubusercontent.com/apache/archiva-redback-core/master/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties}
|
||||
|
||||
# Password Rules
|
||||
# --------------
|
||||
security.policy.password.rule.alphanumeric.enabled=false
|
||||
security.policy.password.rule.alphacount.enabled=true
|
||||
security.policy.password.rule.alphacount.minimum=1
|
||||
security.policy.password.rule.characterlength.enabled=true
|
||||
security.policy.password.rule.characterlength.minimum=1
|
||||
security.policy.password.rule.characterlength.maximum=8
|
||||
security.policy.password.rule.musthave.enabled=true
|
||||
security.policy.password.rule.numericalcount.enabled=true
|
||||
security.policy.password.rule.numericalcount.minimum=1
|
||||
security.policy.password.rule.reuse.enabled=true
|
||||
security.policy.password.rule.nowhitespace.enabled=true
|
||||
|
||||
# Cross Site Request Forgery (CSRF) Prevention
|
||||
# --------------------------------------------
|
||||
# Enable/Disable CSRF filtering.
|
||||
# Possible values: true, false
|
||||
rest.csrffilter.enabled=true
|
||||
# Base URL used to verify the origin headers of the requests. If not set or empty
|
||||
# it tries to determine the base url automatically
|
||||
rest.baseUrl=
|
||||
# What to do, if the request contains no Origin or Referer header.
|
||||
# If true, requests without Origin or Referer Header are denied, otherwise accepted.
|
||||
# Possible values: true, false
|
||||
rest.csrffilter.absentorigin.deny=true
|
||||
# Enable/Disable the token validation only.
|
||||
# If true, the validation of the CSRF tokens will be disabled.
|
||||
# Possible values: true, false
|
||||
rest.csrffilter.disableTokenValidation=false
|
||||
+-----+
|
||||
|
||||
<<Note:>> If installed standalone, Archiva's list of configuration files is <itself> configurable, and
|
||||
can be found in:
|
||||
<<<apps/archiva/WEB-INF/applicationContext.xml>>>
|
||||
|
|
|
@ -29,7 +29,7 @@ Apache Archiva Redback Runtime Configuration
|
|||
|
||||
* Apache Redback User Manager/RbacManager Implementations
|
||||
|
||||
Since 1.4-M4, you can choose to switch dynamically
|
||||
You can choose to switch dynamically
|
||||
|
||||
* User Manager Implementations (from Database and/or LDAP).
|
||||
|
||||
|
@ -49,7 +49,7 @@ Apache Archiva Redback Runtime Configuration
|
|||
|
||||
* LDAP Group-Roles mapping
|
||||
|
||||
Since 1.4-M4, you can map dynamically LDAP Group to Archiva Roles
|
||||
You can map dynamically LDAP Group to Archiva Roles
|
||||
|
||||
[../images/ldap-group-roles-mapping.png]
|
||||
|
||||
|
|
|
@ -42,56 +42,58 @@ Understanding Repository Configuration of Apache Archiva
|
|||
|
||||
Managed repository fields:
|
||||
|
||||
* <<identifier>> - the id of the repository. This must be unique.
|
||||
|
||||
* <<name>> - the name of the repository.
|
||||
|
||||
* <<directory>> - the location of the repository. If the path specified does not
|
||||
exist, Archiva will create the missing directories.
|
||||
|
||||
* <<index directory>> - the location of the index files generated by Archiva. If
|
||||
no location is specified, then the index directory (named <<<.indexer>>>)
|
||||
will be created at the root of the repository directory.
|
||||
This directory contains the packaged/bundled index which is consumed by different consumers of the index such as M2Eclipse.
|
||||
|
||||
* <<type>> - the repository layout (maven 2 or maven 1)
|
||||
|
||||
* <<cron>> - the
|
||||
{{{http://quartz-scheduler.org/api/2.1.5/org/quartz/CronTrigger.html}cron schedule}} when
|
||||
repository scanning will be executed.
|
||||
|
||||
* <<repository purge by days older>> - the first option for repository purge.
|
||||
Archiva will check how old the artifact is and if it is older than the set
|
||||
number of days in this field, then the artifact will be deleted respecting
|
||||
the retention count of course. In order to disable the purge by
|
||||
number of days old and set Archiva to purge by retention count, just set the
|
||||
repository purge field to 0. The maximum number of days which can be set
|
||||
here is 1000. See the Repository Purge section below for more details.
|
||||
~~ above was:the retention count (see #7) of course no idea what is was linkeed to
|
||||
|
||||
* <<repository purge by retention count>> - the second option for repository
|
||||
purge. When running the repository purge, Archiva will retain only the
|
||||
number of artifacts set for this field for a specific snapshot version. See
|
||||
the Repository Purge section below for more details.
|
||||
|
||||
* <<releases included>> - specifies whether there are released artifacts in the
|
||||
repository.
|
||||
|
||||
* <<block re-deployment of released artifacts>> - specifies whether released
|
||||
artifacts that are already existing in the repository can be overwritten.
|
||||
Note that this only take effects for non-snapshot deployments.
|
||||
|
||||
* <<snapshots included>> - specifies whether there are snapshot artifacts in the
|
||||
repository.
|
||||
|
||||
* <<scannable>> - specifies whether the repository can be scanned, meaning it is
|
||||
a local repository which can be indexed, browsed, purged, etc.
|
||||
|
||||
* <<delete released snapshots>> - specifies whether to remove those snapshot
|
||||
artifacts which already has release versions of it in the repository during
|
||||
repository purge.
|
||||
|
||||
* << Skip Packed Index creation >> - avoid creation of compressed index for IDE usage.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Id>> | The identifier of the repository. This must be unique.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Name>> | The name of the repository. This is the display name.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Directory>> | The location of the repository. If the path specified does not
|
||||
| | exist, Archiva will create the missing directories.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Index Directory>> | The location of the index files generated by Archiva. If
|
||||
| | no location is specified, then the index directory (named <<<.indexer>>>)
|
||||
| | will be created at the root of the repository directory.
|
||||
| | This directory contains the packaged/bundled index which is consumed by different
|
||||
| | consumers of the index such as M2Eclipse.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Type>> | The repository layout (maven 2 or maven 1)
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Cron Expression>> | The
|
||||
| | {{{http://www.quartz-scheduler.org/documentation/quartz-2.x/tutorials/crontrigger.html}cron schedule}}
|
||||
| | when repository scanning will be executed.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Days Older>> | The first option for repository purge.
|
||||
| | Archiva will check how old the artifact is and if it is older than the set
|
||||
| | number of days in this field, then the artifact will be deleted respecting
|
||||
| | the retention count of course. In order to disable the purge by
|
||||
| | number of days old and set Archiva to purge by retention count, just set the
|
||||
| | repository purge field to 0. The maximum number of days which can be set
|
||||
| | here is 1000. See the Repository Purge section below for more details.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Retention Count>> | The second option for repository purge. When running the repository purge,
|
||||
| | Archiva will retain only the number of artifacts set for this field for a
|
||||
| | specific snapshot version. See the Repository Purge section below for more details.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Description>> | Additional information about the repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Releases>> | Specifies whether there are released artifacts in the repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Snapshots>> | Specifies whether there are snapshot artifacts in the repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Block Redeployments>> | Specifies whether released artifacts that are already existing in the
|
||||
| | repository can be overwritten. Note that this only take effects for non-snapshot
|
||||
| | deployments.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Scanned>> | Specifies whether the repository can be scanned, meaning it is a local repository
|
||||
| | which should be indexed, purged, etc.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Delete Released Snapshots>> | Specifies whether to remove those snapshot artifacts which already has
|
||||
| | release versions of it in the repository during repository purge.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Staging Repository>>| Automatic creation of a stage repository for this local repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
|<< Skip Packed Index Creation>> | Avoid creation of compressed index for IDE usage.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
|
||||
[]
|
||||
|
||||
|
@ -119,46 +121,57 @@ http://[URL TO ARCHIVA]/repository/[REPOSITORY ID] (e.g. http://localhost:8080/r
|
|||
|
||||
Remote repository fields:
|
||||
|
||||
* <<identifier>> - the id of the remote repository.
|
||||
|
||||
* <<name>> - the name of the remote repository.
|
||||
|
||||
* <<url>> - the url of the remote repository. It is also possible to use a
|
||||
'file://' url to proxy a local repository. Be careful that if this local
|
||||
repository is a managed repository of archiva which has some proxies
|
||||
connectors, those ones won't be triggered.
|
||||
|
||||
* <<username>> - the username (if authentication is needed) to be used to access
|
||||
the repository.
|
||||
|
||||
* <<password>> - the password (if authentication is needed) to be used to access
|
||||
the repository.
|
||||
|
||||
* <<type>> - the layout (maven 2 or maven 1) of the remote repository.
|
||||
|
||||
* <<Activate download remote index>> - to activate downloading remote index to
|
||||
add available remote artifacts in search queries.
|
||||
|
||||
* <<Remote index url, can be relative to url>> - path of the remote index
|
||||
directory.
|
||||
|
||||
* <<Cron expression>> - cron expression for downloading remote index (default
|
||||
weekly on sunday)
|
||||
|
||||
* <<Directory index storage>> - path to store index directory, default will be
|
||||
$\{appserver.base\}/data/remotes/$\{repositoryId\}/.indexer
|
||||
|
||||
* <<Download Remote Index Timeout in seconds>> - read time out for downloading
|
||||
remote index files (default 300)
|
||||
|
||||
* <<Network Proxy to Use for download Remote Index>> - proxy to use for
|
||||
downloading remote index files.
|
||||
|
||||
* <<Download Remote Index on Startup>> - will download remote index on Archiva startup.
|
||||
|
||||
* <<Additionnal url parameters>> - key/value pairs to add to url when querying remote repository.
|
||||
|
||||
* <<Additionnal Http Headers>> - key/value pairs to add as http headers when querying remote repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Id>> | The identifier of the remote repository. |
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Name>> | The name of the remote repository. |
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Url>> | The url of the remote repository. It is also possible to use a
|
||||
| | 'file://' url to proxy a local repository. Be careful that if this local
|
||||
| | repository is a managed repository of archiva which has some proxies
|
||||
| | connectors, those ones won't be triggered. |
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Username>> | The username (if authentication is needed) to be used to access
|
||||
| | the repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Password>> | The password (if authentication is needed) to be used to access
|
||||
| | the repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Download Timeout>> | The time in seconds after which a download from the remote repository is stopped.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Type>> | The layout (maven 2 or maven 1) of the remote repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Download Remote Index>> | To activate downloading remote index to
|
||||
| | add available remote artifacts in search queries.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Remote Index Url>> | Can be relative to Url - path of the remote index
|
||||
| | directory.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Cron expression>> | Cron expression for downloading remote index (default
|
||||
| | weekly on sunday)
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Index Directory>> | Path to store index directory, default will be
|
||||
| | $\{appserver.base\}/data/remotes/$\{repositoryId\}/.indexer
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Download Remote Index Timeout>> | Time in seconds, after which download of remote index files will be
|
||||
| | stopped (default 300).
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Proxy for Remote Download Index>> | Proxy to use for downloading remote index files.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Download Remote Index on Startup>> | If selected, the remote index will be downloaded on Archiva
|
||||
| | startup.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Description>> | Can be used to store additional information about the repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Connection Check Path>> | If set, the connection to the remote repository is checked by validating the
|
||||
| | existence of the given file / artifact. Some repositories do not allow to browse
|
||||
| | the base directory and the standard check may fail. The path is relative to the
|
||||
| | repository Url.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Additionnal Url Parameters>> | Key/Value pairs to add to url when querying remote repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
| <<Additionnal Http Headers>> | Key/Value pairs to add as http headers when querying remote repository.
|
||||
*----------------------+----------------------------------------------------------------------------------+
|
||||
|
||||
[]
|
||||
|
||||
|
|
|
@ -48,11 +48,16 @@ Release Notes for Archiva ${project.version}
|
|||
and Referer header of the HTTP requests and adding an validation token to the Header.
|
||||
This prevents requests from malicious sites if they are open in the same browser. If you use
|
||||
the REST services from other clients you may change the behaviour with the new
|
||||
configuration properties for the redback security (rest.csrffilter.*, rest.baseUrl).
|
||||
configuration properties for the redback security (<<<rest.csrffilter.*>>>, <<<rest.baseUrl>>>).
|
||||
For more information see {{{./adminguide/customising-security.html}Archiva Security Configuration}} and
|
||||
the {{{/redback/integration/rest.html}Redback REST documentation }}
|
||||
the {{{/redback/integration/rest.html}Redback REST documentation }}.
|
||||
|
||||
* Archiva uses redback for authentication and authorization in version 2.5
|
||||
<<Note:>> If your archiva installation is behind a reverse proxy or load balancer, it may be possible
|
||||
that the Archiva Web UI does not load after the upgrade. If this is the case you may access the WebUI
|
||||
via localhost or edit archiva.xml manually. In the "Redback Runtime Configuration" properties you have to
|
||||
enter the base URLs of your archiva installation to the <<<rest.baseUrl>>> field.
|
||||
|
||||
* Archiva uses redback for authentication and authorization in version 2.6
|
||||
|
||||
* Release Notes
|
||||
|
||||
|
|
|
@ -70,6 +70,15 @@ pre.commandline {
|
|||
color: gray;
|
||||
}
|
||||
|
||||
img {
|
||||
border-style: solid ;
|
||||
border-width: 1px;
|
||||
border-color: #ddd;
|
||||
padding: 5px;
|
||||
margin-top: 10px;
|
||||
border-radius: 5px;
|
||||
}
|
||||
|
||||
pre.commandline .input {
|
||||
color: #55f;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue