Answers inlined,
Regards,
Benoit
On 30/10/2019 11:37, Jerry Malcolm wrote:
> "enableVirtualHosting" is another config parameter that's set in this
> same method. So I decided to search around and see where that is set.
> I found it, and just taking a wild guess, is this correct?
Maybe we need to further explain this.
When virtual hosting is enabled, usernames are composed of a local part
and a domain part. al...@domain.tld and al...@company.org are two
distinct users, with different login and distinct mailboxes. Creating a
user without domain part is forbidden.
When virtual hosting is turned of, usernames are only composed of a
local part. All domains handled by James (check domain list) can be used
as domain part of their mail address. al...@domain.tld and
al...@company.org are two mail address belonging to a same "alice" user,
with same login and mailboxes. Creating users with domain parts is
forbidden.
I will add the following indication within the documentation as it might
get really useful to understand this. Thanks for highlighting this weak
point!
>
> <usersrepository name="LocalUsers"
> class="org.apache.james.user.jpa.JPAUsersRepository">
> <algorithm>MD5</algorithm>
Try more secure algorithms, you should give a go to SHA-512.
We should update default configuration accordingly as MD5 hashing is not
acceptable.
> <enableVirtualHosting>true</enableVirtualHosting>
> <administratorid>ad...@myhost.com</administratorid>
> </usersrepository>
>
> This took a whole lot of digging to figure out. I really think the
> default usersrepository.xml should have at least commented-out lines
> defining where/how to set the administrator id.
I would be glad to have you contribute this!
>
> I'll add it to my list if this is indeed the correct implementation.
>
> Jerry
>
>
> On 10/29/2019 11:27 PM, Jerry Malcolm wrote:
>> I see in AbstractUsersRepository where "adminstratorid" is pulled from
>> somewhere in the configuration:
>>
>> administratorId =
>> Optional.ofNullable(configuration.getString("administratorId"));
>>
>> But I can't find any place to set it in the shipped configuration
>> files. Where is the administrator id supposed to be defined, and what
>> is the correct syntax to define it?
>>
>> Thx
>>
>> Jerry
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
>> For additional commands, e-mail: server-user-h...@james.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
> For additional commands, e-mail: server-user-h...@james.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
