Re: Setting "administratorid"?
Yes, I will definitely contribute to this. A whole section on how to use delegation will be very helpful to other users. On 11/4/2019 3:38 AM, Tellier Benoit wrote: I just created an issue regarding this. https://issues.apache.org/jira/browse/JAMES-2963 Jerry, would you have time to contribute this missing documentation? Regards, Benoit On 04/11/2019 16:27, Tellier Benoit wrote: Answers inlined, Regards, Benoit On 30/10/2019 11:37, Jerry Malcolm wrote: "enableVirtualHosting" is another config parameter that's set in this same method. So I decided to search around and see where that is set. I found it, and just taking a wild guess, is this correct? Maybe we need to further explain this. When virtual hosting is enabled, usernames are composed of a local part and a domain part. al...@domain.tld and al...@company.org are two distinct users, with different login and distinct mailboxes. Creating a user without domain part is forbidden. When virtual hosting is turned of, usernames are only composed of a local part. All domains handled by James (check domain list) can be used as domain part of their mail address. al...@domain.tld and al...@company.org are two mail address belonging to a same "alice" user, with same login and mailboxes. Creating users with domain parts is forbidden. I will add the following indication within the documentation as it might get really useful to understand this. Thanks for highlighting this weak point! MD5 Try more secure algorithms, you should give a go to SHA-512. We should update default configuration accordingly as MD5 hashing is not acceptable. true ad...@myhost.com This took a whole lot of digging to figure out. I really think the default usersrepository.xml should have at least commented-out lines defining where/how to set the administrator id. I would be glad to have you contribute this! I'll add it to my list if this is indeed the correct implementation. Jerry On 10/29/2019 11:27 PM, Jerry Malcolm wrote: I see in AbstractUsersRepository where "adminstratorid" is pulled from somewhere in the configuration: administratorId = Optional.ofNullable(configuration.getString("administratorId")); But I can't find any place to set it in the shipped configuration files. Where is the administrator id supposed to be defined, and what is the correct syntax to define it? Thx Jerry - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org
Re: Setting "administratorid"?
Hi Benoit, I wasn't actually questioning enableVirtualHosting. I was simply trying to figure out where to put the admin id. I noticed that the adminId was pulled from the configuration in the next line after the enableVirtualHosting flag was pulled. So I was just deducing that perhaps they should be side by side in the same config file. I tried that, and it worked. My only recommendation was that we add a 'dummy' commented-only line to the default config file, so others can easily find where to set it. Jerry On 11/4/2019 3:27 AM, Tellier Benoit wrote: Answers inlined, Regards, Benoit On 30/10/2019 11:37, Jerry Malcolm wrote: "enableVirtualHosting" is another config parameter that's set in this same method. So I decided to search around and see where that is set. I found it, and just taking a wild guess, is this correct? Maybe we need to further explain this. When virtual hosting is enabled, usernames are composed of a local part and a domain part. al...@domain.tld and al...@company.org are two distinct users, with different login and distinct mailboxes. Creating a user without domain part is forbidden. When virtual hosting is turned of, usernames are only composed of a local part. All domains handled by James (check domain list) can be used as domain part of their mail address. al...@domain.tld and al...@company.org are two mail address belonging to a same "alice" user, with same login and mailboxes. Creating users with domain parts is forbidden. I will add the following indication within the documentation as it might get really useful to understand this. Thanks for highlighting this weak point! MD5 Try more secure algorithms, you should give a go to SHA-512. We should update default configuration accordingly as MD5 hashing is not acceptable. true ad...@myhost.com This took a whole lot of digging to figure out. I really think the default usersrepository.xml should have at least commented-out lines defining where/how to set the administrator id. I would be glad to have you contribute this! I'll add it to my list if this is indeed the correct implementation. Jerry On 10/29/2019 11:27 PM, Jerry Malcolm wrote: I see in AbstractUsersRepository where "adminstratorid" is pulled from somewhere in the configuration: administratorId = Optional.ofNullable(configuration.getString("administratorId")); But I can't find any place to set it in the shipped configuration files. Where is the administrator id supposed to be defined, and what is the correct syntax to define it? Thx Jerry - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org
Re: Setting "administratorid"?
I just created an issue regarding this. https://issues.apache.org/jira/browse/JAMES-2963 Jerry, would you have time to contribute this missing documentation? Regards, Benoit On 04/11/2019 16:27, Tellier Benoit wrote: > Answers inlined, > > Regards, > > Benoit > > On 30/10/2019 11:37, Jerry Malcolm wrote: >> "enableVirtualHosting" is another config parameter that's set in this >> same method. So I decided to search around and see where that is set. >> I found it, and just taking a wild guess, is this correct? > > Maybe we need to further explain this. > > When virtual hosting is enabled, usernames are composed of a local part > and a domain part. al...@domain.tld and al...@company.org are two > distinct users, with different login and distinct mailboxes. Creating a > user without domain part is forbidden. > > > When virtual hosting is turned of, usernames are only composed of a > local part. All domains handled by James (check domain list) can be used > as domain part of their mail address. al...@domain.tld and > al...@company.org are two mail address belonging to a same "alice" user, > with same login and mailboxes. Creating users with domain parts is > forbidden. > > I will add the following indication within the documentation as it might > get really useful to understand this. Thanks for highlighting this weak > point! > >> >> > class="org.apache.james.user.jpa.JPAUsersRepository"> >> MD5 > > Try more secure algorithms, you should give a go to SHA-512. > > We should update default configuration accordingly as MD5 hashing is not > acceptable. > >> true >> ad...@myhost.com >> >> >> This took a whole lot of digging to figure out. I really think the >> default usersrepository.xml should have at least commented-out lines >> defining where/how to set the administrator id. > > I would be glad to have you contribute this! > >> >> I'll add it to my list if this is indeed the correct implementation. >> >> Jerry >> >> >> On 10/29/2019 11:27 PM, Jerry Malcolm wrote: >>> I see in AbstractUsersRepository where "adminstratorid" is pulled from >>> somewhere in the configuration: >>> >>> administratorId = >>> Optional.ofNullable(configuration.getString("administratorId")); >>> >>> But I can't find any place to set it in the shipped configuration >>> files. Where is the administrator id supposed to be defined, and what >>> is the correct syntax to define it? >>> >>> Thx >>> >>> Jerry >>> >>> >>> - >>> To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org >>> For additional commands, e-mail: server-user-h...@james.apache.org >>> >> >> - >> To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org >> For additional commands, e-mail: server-user-h...@james.apache.org >> - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org
Re: Setting "administratorid"?
Answers inlined, Regards, Benoit On 30/10/2019 11:37, Jerry Malcolm wrote: > "enableVirtualHosting" is another config parameter that's set in this > same method. So I decided to search around and see where that is set. > I found it, and just taking a wild guess, is this correct? Maybe we need to further explain this. When virtual hosting is enabled, usernames are composed of a local part and a domain part. al...@domain.tld and al...@company.org are two distinct users, with different login and distinct mailboxes. Creating a user without domain part is forbidden. When virtual hosting is turned of, usernames are only composed of a local part. All domains handled by James (check domain list) can be used as domain part of their mail address. al...@domain.tld and al...@company.org are two mail address belonging to a same "alice" user, with same login and mailboxes. Creating users with domain parts is forbidden. I will add the following indication within the documentation as it might get really useful to understand this. Thanks for highlighting this weak point! > > class="org.apache.james.user.jpa.JPAUsersRepository"> > MD5 Try more secure algorithms, you should give a go to SHA-512. We should update default configuration accordingly as MD5 hashing is not acceptable. > true > ad...@myhost.com > > > This took a whole lot of digging to figure out. I really think the > default usersrepository.xml should have at least commented-out lines > defining where/how to set the administrator id. I would be glad to have you contribute this! > > I'll add it to my list if this is indeed the correct implementation. > > Jerry > > > On 10/29/2019 11:27 PM, Jerry Malcolm wrote: >> I see in AbstractUsersRepository where "adminstratorid" is pulled from >> somewhere in the configuration: >> >> administratorId = >> Optional.ofNullable(configuration.getString("administratorId")); >> >> But I can't find any place to set it in the shipped configuration >> files. Where is the administrator id supposed to be defined, and what >> is the correct syntax to define it? >> >> Thx >> >> Jerry >> >> >> - >> To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org >> For additional commands, e-mail: server-user-h...@james.apache.org >> > > - > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org
Re: Setting "administratorid"?
Please have a look at http://james.apache.org/server/config-users.html ad...@plateform.com in usersrepository.xml Will enable ad...@plateform.com to login as f...@plateform.com using imap. On 30/10/2019 11:27, Jerry Malcolm wrote: > I see in AbstractUsersRepository where "adminstratorid" is pulled from > somewhere in the configuration: > > administratorId = > Optional.ofNullable(configuration.getString("administratorId")); > > But I can't find any place to set it in the shipped configuration > files. Where is the administrator id supposed to be defined, and what > is the correct syntax to define it? > > Thx > > Jerry > > > - > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org
Re: Setting "administratorid"?
"enableVirtualHosting" is another config parameter that's set in this same method. So I decided to search around and see where that is set. I found it, and just taking a wild guess, is this correct? class="org.apache.james.user.jpa.JPAUsersRepository"> MD5 true ad...@myhost.com This took a whole lot of digging to figure out. I really think the default usersrepository.xml should have at least commented-out lines defining where/how to set the administrator id. I'll add it to my list if this is indeed the correct implementation. Jerry On 10/29/2019 11:27 PM, Jerry Malcolm wrote: I see in AbstractUsersRepository where "adminstratorid" is pulled from somewhere in the configuration: administratorId = Optional.ofNullable(configuration.getString("administratorId")); But I can't find any place to set it in the shipped configuration files. Where is the administrator id supposed to be defined, and what is the correct syntax to define it? Thx Jerry - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org
Setting "administratorid"?
I see in AbstractUsersRepository where "adminstratorid" is pulled from somewhere in the configuration: administratorId = Optional.ofNullable(configuration.getString("administratorId")); But I can't find any place to set it in the shipped configuration files. Where is the administrator id supposed to be defined, and what is the correct syntax to define it? Thx Jerry - To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org