From 1d3714453a5bec5c0a68e6ab1bc724f31445f265 Mon Sep 17 00:00:00 2001 From: Martin Stockhammer Date: Sat, 13 May 2017 17:56:31 +0200 Subject: [PATCH] Changing some docs for archiva 2.2.3 --- .../apt/adminguide/configuration-files.apt.vm | 4 +- .../apt/adminguide/customising-security.apt | 56 +---- .../redback-runtime-configuration.apt | 4 +- .../src/site/apt/adminguide/repositories.apt | 193 ++++++++++-------- .../src/site/apt/release-notes.apt.vm | 11 +- archiva-docs/src/site/resources/css/site.css | 9 + 6 files changed, 132 insertions(+), 145 deletions(-) diff --git a/archiva-docs/src/site/apt/adminguide/configuration-files.apt.vm b/archiva-docs/src/site/apt/adminguide/configuration-files.apt.vm index 7b7fe8e55..22f17dc16 100644 --- a/archiva-docs/src/site/apt/adminguide/configuration-files.apt.vm +++ b/archiva-docs/src/site/apt/adminguide/configuration-files.apt.vm @@ -31,7 +31,9 @@ Configuration Files of Apache Archiva * <<>> - this is the primary Archiva configuration file - * <<>> - this configures the security as described in the {{{./security.html} security configuration documentation}} + * <<>> - This file, if it exists, is only read once to populate the + Redback Runtime Configuration properties (see {{{./redback-runtime-configuration.html#Runtime_Properties}Redback Runtime Configuration}}, + stored in <<>>. The file will be ignored after this. This section will focus on the <<>> file. diff --git a/archiva-docs/src/site/apt/adminguide/customising-security.apt b/archiva-docs/src/site/apt/adminguide/customising-security.apt index d42c2275c..797b2f309 100644 --- a/archiva-docs/src/site/apt/adminguide/customising-security.apt +++ b/archiva-docs/src/site/apt/adminguide/customising-security.apt @@ -27,66 +27,24 @@ Archiva Security Configuration - Security properties and password rules can be configured in the - <<>> file, which by default is searched for in: + Security properties and password rules are configured now in the Redback Runtime Configuration + properties (see {{{./redback-runtime-configuration.html#Runtime_properties}Redback Runtime Configuration}}). - * <<<~/.m2/security.properties>>> - - * <<>> in the Archiva installation + The Redback Runtime Configuration properties are stored in <<>>. + The former <<>> file, if it exists, is only used once for populating the + Runtime Configuration settings. After that, this file will be ignored. [] - (In the above list, <<<~>>> is the home directory of the user who is running - Archiva.) ~~TODO: Link to plexus-redback documentation when available - Following are some of the properties you can modify. For a complete list, - consult the default properties file in Redback's svn repo: + These are the default properties. The file can be found in in Redback's svn repo: {{{http://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties} config-defaults.properties}} -+-----+ -# Security Policies -# ----------------- -#security.policy.password.encoder= -security.policy.password.previous.count=6 -security.policy.password.expiration.days=90 -security.policy.password.expiration.enabled=true -security.policy.allowed.login.attempt=3 +%{snippet|ignoreDownloadError=true|url=https://raw.githubusercontent.com/apache/archiva-redback-core/master/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties} -# Password Rules -# -------------- -security.policy.password.rule.alphanumeric.enabled=false -security.policy.password.rule.alphacount.enabled=true -security.policy.password.rule.alphacount.minimum=1 -security.policy.password.rule.characterlength.enabled=true -security.policy.password.rule.characterlength.minimum=1 -security.policy.password.rule.characterlength.maximum=8 -security.policy.password.rule.musthave.enabled=true -security.policy.password.rule.numericalcount.enabled=true -security.policy.password.rule.numericalcount.minimum=1 -security.policy.password.rule.reuse.enabled=true -security.policy.password.rule.nowhitespace.enabled=true - -# Cross Site Request Forgery (CSRF) Prevention -# -------------------------------------------- -# Enable/Disable CSRF filtering. -# Possible values: true, false -rest.csrffilter.enabled=true -# Base URL used to verify the origin headers of the requests. If not set or empty -# it tries to determine the base url automatically -rest.baseUrl= -# What to do, if the request contains no Origin or Referer header. -# If true, requests without Origin or Referer Header are denied, otherwise accepted. -# Possible values: true, false -rest.csrffilter.absentorigin.deny=true -# Enable/Disable the token validation only. -# If true, the validation of the CSRF tokens will be disabled. -# Possible values: true, false -rest.csrffilter.disableTokenValidation=false -+-----+ - <> If installed standalone, Archiva's list of configuration files is configurable, and can be found in: <<>> diff --git a/archiva-docs/src/site/apt/adminguide/redback-runtime-configuration.apt b/archiva-docs/src/site/apt/adminguide/redback-runtime-configuration.apt index 143589a34..7e000aa7e 100644 --- a/archiva-docs/src/site/apt/adminguide/redback-runtime-configuration.apt +++ b/archiva-docs/src/site/apt/adminguide/redback-runtime-configuration.apt @@ -29,7 +29,7 @@ Apache Archiva Redback Runtime Configuration * Apache Redback User Manager/RbacManager Implementations - Since 1.4-M4, you can choose to switch dynamically + You can choose to switch dynamically * User Manager Implementations (from Database and/or LDAP). @@ -49,7 +49,7 @@ Apache Archiva Redback Runtime Configuration * LDAP Group-Roles mapping - Since 1.4-M4, you can map dynamically LDAP Group to Archiva Roles + You can map dynamically LDAP Group to Archiva Roles [../images/ldap-group-roles-mapping.png] diff --git a/archiva-docs/src/site/apt/adminguide/repositories.apt b/archiva-docs/src/site/apt/adminguide/repositories.apt index 850b30a3d..7ec7753af 100644 --- a/archiva-docs/src/site/apt/adminguide/repositories.apt +++ b/archiva-docs/src/site/apt/adminguide/repositories.apt @@ -42,56 +42,58 @@ Understanding Repository Configuration of Apache Archiva Managed repository fields: - * <> - the id of the repository. This must be unique. - - * <> - the name of the repository. - - * <> - the location of the repository. If the path specified does not - exist, Archiva will create the missing directories. - - * <> - the location of the index files generated by Archiva. If - no location is specified, then the index directory (named <<<.indexer>>>) - will be created at the root of the repository directory. - This directory contains the packaged/bundled index which is consumed by different consumers of the index such as M2Eclipse. - - * <> - the repository layout (maven 2 or maven 1) - - * <> - the - {{{http://quartz-scheduler.org/api/2.1.5/org/quartz/CronTrigger.html}cron schedule}} when - repository scanning will be executed. - - * <> - the first option for repository purge. - Archiva will check how old the artifact is and if it is older than the set - number of days in this field, then the artifact will be deleted respecting - the retention count of course. In order to disable the purge by - number of days old and set Archiva to purge by retention count, just set the - repository purge field to 0. The maximum number of days which can be set - here is 1000. See the Repository Purge section below for more details. -~~ above was:the retention count (see #7) of course no idea what is was linkeed to - - * <> - the second option for repository - purge. When running the repository purge, Archiva will retain only the - number of artifacts set for this field for a specific snapshot version. See - the Repository Purge section below for more details. - - * <> - specifies whether there are released artifacts in the - repository. - - * <> - specifies whether released - artifacts that are already existing in the repository can be overwritten. - Note that this only take effects for non-snapshot deployments. - - * <> - specifies whether there are snapshot artifacts in the - repository. - - * <> - specifies whether the repository can be scanned, meaning it is - a local repository which can be indexed, browsed, purged, etc. - - * <> - specifies whether to remove those snapshot - artifacts which already has release versions of it in the repository during - repository purge. - - * << Skip Packed Index creation >> - avoid creation of compressed index for IDE usage. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The identifier of the repository. This must be unique. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The name of the repository. This is the display name. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The location of the repository. If the path specified does not +| | exist, Archiva will create the missing directories. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The location of the index files generated by Archiva. If +| | no location is specified, then the index directory (named <<<.indexer>>>) +| | will be created at the root of the repository directory. +| | This directory contains the packaged/bundled index which is consumed by different +| | consumers of the index such as M2Eclipse. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The repository layout (maven 2 or maven 1) +*----------------------+----------------------------------------------------------------------------------+ +| <> | The +| | {{{http://www.quartz-scheduler.org/documentation/quartz-2.x/tutorials/crontrigger.html}cron schedule}} +| | when repository scanning will be executed. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The first option for repository purge. +| | Archiva will check how old the artifact is and if it is older than the set +| | number of days in this field, then the artifact will be deleted respecting +| | the retention count of course. In order to disable the purge by +| | number of days old and set Archiva to purge by retention count, just set the +| | repository purge field to 0. The maximum number of days which can be set +| | here is 1000. See the Repository Purge section below for more details. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The second option for repository purge. When running the repository purge, +| | Archiva will retain only the number of artifacts set for this field for a +| | specific snapshot version. See the Repository Purge section below for more details. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Additional information about the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Specifies whether there are released artifacts in the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Specifies whether there are snapshot artifacts in the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Specifies whether released artifacts that are already existing in the +| | repository can be overwritten. Note that this only take effects for non-snapshot +| | deployments. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Specifies whether the repository can be scanned, meaning it is a local repository +| | which should be indexed, purged, etc. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Specifies whether to remove those snapshot artifacts which already has +| | release versions of it in the repository during repository purge. +*----------------------+----------------------------------------------------------------------------------+ +| <>| Automatic creation of a stage repository for this local repository. +*----------------------+----------------------------------------------------------------------------------+ +|<< Skip Packed Index Creation>> | Avoid creation of compressed index for IDE usage. +*----------------------+----------------------------------------------------------------------------------+ [] @@ -119,46 +121,57 @@ http://[URL TO ARCHIVA]/repository/[REPOSITORY ID] (e.g. http://localhost:8080/r Remote repository fields: - * <> - the id of the remote repository. - - * <> - the name of the remote repository. - - * <> - the url of the remote repository. It is also possible to use a - 'file://' url to proxy a local repository. Be careful that if this local - repository is a managed repository of archiva which has some proxies - connectors, those ones won't be triggered. - - * <> - the username (if authentication is needed) to be used to access - the repository. - - * <> - the password (if authentication is needed) to be used to access - the repository. - - * <> - the layout (maven 2 or maven 1) of the remote repository. - - * <> - to activate downloading remote index to - add available remote artifacts in search queries. - - * <> - path of the remote index - directory. - - * <> - cron expression for downloading remote index (default - weekly on sunday) - - * <> - path to store index directory, default will be - $\{appserver.base\}/data/remotes/$\{repositoryId\}/.indexer - - * <> - read time out for downloading - remote index files (default 300) - - * <> - proxy to use for - downloading remote index files. - - * <> - will download remote index on Archiva startup. - - * <> - key/value pairs to add to url when querying remote repository. - - * <> - key/value pairs to add as http headers when querying remote repository. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The identifier of the remote repository. | +*----------------------+----------------------------------------------------------------------------------+ +| <> | The name of the remote repository. | +*----------------------+----------------------------------------------------------------------------------+ +| <> | The url of the remote repository. It is also possible to use a +| | 'file://' url to proxy a local repository. Be careful that if this local +| | repository is a managed repository of archiva which has some proxies +| | connectors, those ones won't be triggered. | +*----------------------+----------------------------------------------------------------------------------+ +| <> | The username (if authentication is needed) to be used to access +| | the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The password (if authentication is needed) to be used to access +| | the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The time in seconds after which a download from the remote repository is stopped. +*----------------------+----------------------------------------------------------------------------------+ +| <> | The layout (maven 2 or maven 1) of the remote repository. +*----------------------+----------------------------------------------------------------------------------+ +| <> | To activate downloading remote index to +| | add available remote artifacts in search queries. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Can be relative to Url - path of the remote index +| | directory. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Cron expression for downloading remote index (default +| | weekly on sunday) +*----------------------+----------------------------------------------------------------------------------+ +| <> | Path to store index directory, default will be +| | $\{appserver.base\}/data/remotes/$\{repositoryId\}/.indexer +*----------------------+----------------------------------------------------------------------------------+ +| <> | Time in seconds, after which download of remote index files will be +| | stopped (default 300). +*----------------------+----------------------------------------------------------------------------------+ +| <> | Proxy to use for downloading remote index files. +*----------------------+----------------------------------------------------------------------------------+ +| <> | If selected, the remote index will be downloaded on Archiva +| | startup. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Can be used to store additional information about the repository. +*----------------------+----------------------------------------------------------------------------------+ +| <> | If set, the connection to the remote repository is checked by validating the +| | existence of the given file / artifact. Some repositories do not allow to browse +| | the base directory and the standard check may fail. The path is relative to the +| | repository Url. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Key/Value pairs to add to url when querying remote repository. +*----------------------+----------------------------------------------------------------------------------+ +| <> | Key/Value pairs to add as http headers when querying remote repository. +*----------------------+----------------------------------------------------------------------------------+ [] diff --git a/archiva-docs/src/site/apt/release-notes.apt.vm b/archiva-docs/src/site/apt/release-notes.apt.vm index c41871813..c650c146a 100644 --- a/archiva-docs/src/site/apt/release-notes.apt.vm +++ b/archiva-docs/src/site/apt/release-notes.apt.vm @@ -48,11 +48,16 @@ Release Notes for Archiva ${project.version} and Referer header of the HTTP requests and adding an validation token to the Header. This prevents requests from malicious sites if they are open in the same browser. If you use the REST services from other clients you may change the behaviour with the new - configuration properties for the redback security (rest.csrffilter.*, rest.baseUrl). + configuration properties for the redback security (<<>>, <<>>). For more information see {{{./adminguide/customising-security.html}Archiva Security Configuration}} and - the {{{/redback/integration/rest.html}Redback REST documentation }} + the {{{/redback/integration/rest.html}Redback REST documentation }}. - * Archiva uses redback for authentication and authorization in version 2.5 + <> If your archiva installation is behind a reverse proxy or load balancer, it may be possible + that the Archiva Web UI does not load after the upgrade. If this is the case you may access the WebUI + via localhost or edit archiva.xml manually. In the "Redback Runtime Configuration" properties you have to + enter the base URLs of your archiva installation to the <<>> field. + + * Archiva uses redback for authentication and authorization in version 2.6 * Release Notes diff --git a/archiva-docs/src/site/resources/css/site.css b/archiva-docs/src/site/resources/css/site.css index 0a3ebda64..11f870b91 100755 --- a/archiva-docs/src/site/resources/css/site.css +++ b/archiva-docs/src/site/resources/css/site.css @@ -70,6 +70,15 @@ pre.commandline { color: gray; } +img { + border-style: solid ; + border-width: 1px; + border-color: #ddd; + padding: 5px; + margin-top: 10px; + border-radius: 5px; +} + pre.commandline .input { color: #55f; }