Archiva ignoring Security.properties

2019-07-02 20:22发布

站内问答 / 后端开发
1807 2 5

Seems like archiva 2.2 is completely ignoring Security properties
I am following this document: I have set up the security.properties file under 

D:\Apache\Archiva-2.2.0\conf

When I am setting a new password for a user in Archiva UI I am still getting:

     You must provide a password containing at least 1 numeric character(s).

security.properties content:

# Security Policies
#security.policy.password.encoder=
security.policy.password.previous.count=9999
security.policy.password.expiration.days=99999
security.policy.password.expiration.enabled=false
security.policy.allowed.login.attempt=3

# Password Rules
security.policy.password.rule.alphanumeric.enabled=false
security.policy.password.rule.alphacount.enabled=false
security.policy.password.rule.alphacount.minimum=0
security.policy.password.rule.characterlength.enabled=true
security.policy.password.rule.characterlength.minimum=3
security.policy.password.rule.characterlength.maximum=0
security.policy.password.rule.musthave.enabled=false
security.policy.password.rule.numericalcount.enabled=false
security.policy.password.rule.numericalcount.minimum=0
security.policy.password.rule.reuse.enabled=false
security.policy.password.rule.nowhitespace.enabled=true

2条回答
叼着烟拽天下
2楼-- · 2019-07-02 20:30

Stop her running and make a backup of your conf/archiva.xml file.

example:

service archiva stop
cp archiva.xml archiva.xml.orig

Edit the config values you want to modify within the main XML configuration file: conf/archiva.xml

Changing the numeric character count:

<numericalcount>
    <minimum>0</minimum>
    <enabled>false</enabled>
</numericalcount>

Changing the password expiration limit:

<expiration>
    <enabled>false</enabled>
    <days>999999</days>
</expiration>

These values should already be in your config file (they were in mine). Perhaps they were copied there after my unsuccessful attempts to configure them through the web UI.

Additionally, prevent any user caching behaviour while you're making changes:

<useUsersCache>false</useUsersCache>

Start her up again:

service archiva start
查看更多
0人赞 添加讨论(0) 举报
趁早两清
3楼-- · 2019-07-02 20:57

I found a workaround...

  • stop Archiva
  • Open the Archiva DB using squirrel sql
  • Go to SA/JDOUSER table
  • Column LAST_PASSWORD_CHANGE
  • Right click to make editable
  • Modify the value to 10 years from now...
  • Restart Archiva
  • Get your 10 years of quiet....
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)