Answers inlined, Regards,
Benoit On 30/10/2019 11:37, Jerry Malcolm wrote: > "enableVirtualHosting" is another config parameter that's set in this > same method. So I decided to search around and see where that is set. > I found it, and just taking a wild guess, is this correct? Maybe we need to further explain this. When virtual hosting is enabled, usernames are composed of a local part and a domain part. al...@domain.tld and al...@company.org are two distinct users, with different login and distinct mailboxes. Creating a user without domain part is forbidden. When virtual hosting is turned of, usernames are only composed of a local part. All domains handled by James (check domain list) can be used as domain part of their mail address. al...@domain.tld and al...@company.org are two mail address belonging to a same "alice" user, with same login and mailboxes. Creating users with domain parts is forbidden. I will add the following indication within the documentation as it might get really useful to understand this. Thanks for highlighting this weak point! > > <usersrepository name="LocalUsers" > class="org.apache.james.user.jpa.JPAUsersRepository"> > <algorithm>MD5</algorithm> Try more secure algorithms, you should give a go to SHA-512. We should update default configuration accordingly as MD5 hashing is not acceptable. > <enableVirtualHosting>true</enableVirtualHosting> > <administratorid>ad...@myhost.com</administratorid> > </usersrepository> > > This took a whole lot of digging to figure out. I really think the > default usersrepository.xml should have at least commented-out lines > defining where/how to set the administrator id. I would be glad to have you contribute this! > > I'll add it to my list if this is indeed the correct implementation. > > Jerry > > > On 10/29/2019 11:27 PM, Jerry Malcolm wrote: >> I see in AbstractUsersRepository where "adminstratorid" is pulled from >> somewhere in the configuration: >> >> administratorId = >> Optional.ofNullable(configuration.getString("administratorId")); >> >> But I can't find any place to set it in the shipped configuration >> files. Where is the administrator id supposed to be defined, and what >> is the correct syntax to define it? >> >> Thx >> >> Jerry >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org >> For additional commands, e-mail: server-user-h...@james.apache.org >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org