I tested this setup and does not work. I'm using Archiva 1.3, and below is my security.properties.
########################################################################## # The subject line for the email message. email.validation.subject=Welcome to Archiva # Feedback page email.feedback.path=http://archiva.apache.org/mail-lists.html # Ldap Conf user.manager.impl=ldap ldap.bind.authenticator.enabled=true redback.default.admin=rafaell ldap.config.hostname=IP_SERV ldap.config.port=389 ldap.config.base.dn=dc=domain,dc=domain,dc=domain ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.config.bind.dn=cn=admin,dc=domain,dc=domain,dc=domain ldap.config.password=XXXXXXXXXXXX #ldap.config.authentication.method= ldap.config.mapper.attribute.email=description #ldap.config.mapper.attribute.email=mail ldap.config.mapper.attribute.fullname=uid #ldap.config.mapper.attribute.fullname=givenName ldap.config.mapper.attribute.password=userPassword ldap.config.mapper.attribute.user.id=uid #ldap.config.mapper.attribute.user.base.dn= #ldap.config.mapper.attribute.user.object.class=inetOrgPerson ldap.config.mapper.attribute.user.object.class=simpleSecurityObject #ldap.config.mapper.attribute.user.filter=(attributeName=value) #user.manager.impl=cached # Security Policies #security.policy.password.previous.count=0 #security.policy.allowed.login.attempt=13 # Password Rules #security.policy.password.rule.reuse.enabled=true security.policy.password.expiration.enabled=false security.policy.strict.enforcement.enabled=false security.policy.strict.force.password.change.enabled=false security.policy.unlockable.accounts=pedrol security.policy.allowed.login.attempt=1000 #security.policy.password.rule.alphanumeric.enabled=false #security.policy.password.rule.alphacount.enabled=false #security.policy.password.rule.characterlength.enabled=false #security.policy.password.rule.musthave.enabled=false #security.policy.password.rule.numericalcount.enabled=false #security.policy.password.rule.nowhitespace.enabled=true ################################################################################# And my application.xml is default. How do I report this bug? -- Pedro Macedo Leite" 2011/7/28 Brett Porter <[email protected]> > It shouldn't trigger under LDAP, but perhaps there is a bug. > > A common cause is if you've exceeded the built in number of login attempts, > or expiry. Try these: > > security.policy.allowed.login.attempt=1000 > security.policy.password.expiration.enabled=false > > > On 29/07/2011, at 12:03 AM, "Pedro M. Leite \"" <[email protected]> < > [email protected]> wrote: > > > Hello, > > > > I need to remove the option to change password on first login. I'm > > authenticating > > the Archiva LDAP-and because they want the archive to change the password > in > > LDAP, he must not require this option. > > > > I saw that the configuration is within the security.properties attribute: > > security.policy.strict.force.password.change.enabled = false > > > > 've Configured it, and when I go with a LDAP user he always asks me to > change > > the password on the page: > > archive / security / password.action > > > > > > Anyone know how to take this action? > > > > > > With urgency and Thank you. > > > > -- > > Pedro Macedo Leite " > > -- > Brett Porter > [email protected] > http://brettporter.wordpress.com/ > http://au.linkedin.com/in/brettporter > > > > > -- Pedro Macedo Leite "
