Continuum Security Configuration

Security properties and password rules can be configured in the security.properties file, which by default is searched for in:

  • ~/.m2/security.properties
  • $CONTINUUM_HOME/conf/security.properties

(In the list above, ~ is the home directory of the user who is running Continuum, and $CONTINUUM_HOME is the directory where Continuum is installed, such as /opt/continuum-1.2.)

Following are some of the properties you can modify. For a complete list, consult the default properties file in Redback's svn repo: config-defaults.properties

# Security Policies
#security.policy.password.encoder=
security.policy.password.previous.count=6
security.policy.password.expiration.days=90
security.policy.allowed.login.attempt=3

# Password Rules
security.policy.password.rule.alphanumeric.enabled=false
security.policy.password.rule.alphacount.enabled=true
security.policy.password.rule.alphacount.minimum=1
security.policy.password.rule.characterlength.enabled=true
security.policy.password.rule.characterlength.minimum=1
security.policy.password.rule.characterlength.maximum=8
security.policy.password.rule.musthave.enabled=true
security.policy.password.rule.numericalcount.enabled=true
security.policy.password.rule.numericalcount.minimum=1
security.policy.password.rule.reuse.enabled=true
security.policy.password.rule.nowhitespace.enabled=true

Note: If installed standalone, Continuum's list of configuration files is itself configurable, and can be found in: $CONTINUUM_HOME/apps/continuum/webapp/WEB-INF/classes/META-INF/plexus/application.xml