Hi Benoit,
I wasn't actually questioning enableVirtualHosting. I was simply trying
to figure out where to put the admin id. I noticed that the adminId was
pulled from the configuration in the next line after the
enableVirtualHosting flag was pulled. So I was just deducing that
perhaps they should be side by side in the same config file. I tried
that, and it worked.
My only recommendation was that we add a 'dummy' commented-only
<administratorId> line to the default config file, so others can easily
find where to set it.
Jerry
On 11/4/2019 3:27 AM, Tellier Benoit wrote:
Answers inlined,
Regards,
Benoit
On 30/10/2019 11:37, Jerry Malcolm wrote:
"enableVirtualHosting" is another config parameter that's set in this
same method. So I decided to search around and see where that is set.
I found it, and just taking a wild guess, is this correct?
Maybe we need to further explain this.
When virtual hosting is enabled, usernames are composed of a local part
and a domain part. al...@domain.tld and al...@company.org are two
distinct users, with different login and distinct mailboxes. Creating a
user without domain part is forbidden.
When virtual hosting is turned of, usernames are only composed of a
local part. All domains handled by James (check domain list) can be used
as domain part of their mail address. al...@domain.tld and
al...@company.org are two mail address belonging to a same "alice" user,
with same login and mailboxes. Creating users with domain parts is
forbidden.
I will add the following indication within the documentation as it might
get really useful to understand this. Thanks for highlighting this weak
point!
<usersrepository name="LocalUsers"
class="org.apache.james.user.jpa.JPAUsersRepository">
<algorithm>MD5</algorithm>
Try more secure algorithms, you should give a go to SHA-512.
We should update default configuration accordingly as MD5 hashing is not
acceptable.
<enableVirtualHosting>true</enableVirtualHosting>
<administratorid>ad...@myhost.com</administratorid>
</usersrepository>
This took a whole lot of digging to figure out. I really think the
default usersrepository.xml should have at least commented-out lines
defining where/how to set the administrator id.
I would be glad to have you contribute this!
I'll add it to my list if this is indeed the correct implementation.
Jerry
On 10/29/2019 11:27 PM, Jerry Malcolm wrote:
I see in AbstractUsersRepository where "adminstratorid" is pulled from
somewhere in the configuration:
administratorId =
Optional.ofNullable(configuration.getString("administratorId"));
But I can't find any place to set it in the shipped configuration
files. Where is the administrator id supposed to be defined, and what
is the correct syntax to define it?
Thx
Jerry
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
