archiva-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff <predato...@gmail.com>
Subject Re: 1.4-M3 -- YAY!!!
Date Tue, 09 Oct 2012 05:04:47 GMT
Okay, I copied the database to my system (host is headless Linux),
installed latest SquirrelSQL client copied the password field from another
user that I remembered and was able to log in.

THANK YOU!

However, when I attempt to change the password, it tells me:

Password provided does not match existing.

I can log out and log in still using the password I copied but all attempts
to change it result in this error...unless I pick a password I've used
previously.

Also, I don't want service accounts (users) that are used specifically for
our deployment scripts to have to change the password.

My archiva installation/configuration is at /archiva/conf.  I created a
security.properties file there and have the following settings but it still
says the user requires a password change if I attempt to log in or if I
"Manage" the users, the 3 service account users show that the "Force
password change" is enabled but the setting won't stick if I change it.

 Security Policies
security.policy.password.previous.count=0
security.policy.password.expiration.days=90
security.policy.password.expiration.enabled=false
security.policy.allowed.login.attempt=6
security.policy.strict.force.password.change.enabled=false

# Password Rules
security.policy.password.rule.alphanumeric.enabled=false
security.policy.password.rule.alphacount.enabled=false
security.policy.password.rule.alphacount.minimum=1
security.policy.password.rule.characterlength.enabled=false
security.policy.password.rule.characterlength.minimum=1
security.policy.password.rule.characterlength.maximum=8
security.policy.password.rule.musthave.enabled=true
security.policy.password.rule.numericalcount.enabled=false
security.policy.password.rule.numericalcount.minimum=0
security.policy.password.rule.reuse.enabled=true
security.policy.password.rule.nowhitespace.enabled=true
security.policy.unlockable.accounts=admin




On Mon, Oct 8, 2012 at 9:37 PM, Brett Porter <brett@apache.org> wrote:

>
> On 09/10/2012, at 1:31 PM, Jeff <predatorvi@gmail.com> wrote:
>
> > I'm apparently running on too little sleep.  When I click on the reset
> > password link, it returns to the main page with a banner at the top
> saying
> > "Password reset"...but to what?   Should it e-mail me?  If so, maybe I
> > didn't really reset it before since I haven't yet received an e-mail.  I
> > thought it prompted me at one time to enter my existing password (that I
> > finally found), then the new one (with confirmation), but it isn't
> > prompting me now and it isn't accepting neither password.  Is there a way
> > to load up the derby db and clear it that way?
>
> It should be possible to reset it, but if you'd like to dig in to more
> information, you can point a tool such as SquirrelSQL at the Derby database
> (the JDBC URL to use is in jetty.xml). the JDOUSER table contains the
> information (which could also be reset if needed).
>
> - Brett
>
> --
> Brett Porter
> brett@apache.org
> http://brettporter.wordpress.com/
> http://au.linkedin.com/in/brettporter
> http://twitter.com/brettporter
>
>
>
>
>
>


-- 
Jeff Vincent
predatorvi@gmail.com
See my LinkedIn profile at:
http://www.linkedin.com/in/rjeffreyvincent
I ♥ DropBox <http://db.tt/9O6LfBX> !!

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message