Logo Sonatype CLM Sonatype CLM Release Notes
Documentation Index
Sonatype CLM Downloads
Document Descriptions
Release Notes

Sonatype CLM Server
Installation and Deployment Guide
Security Administration Guide
Policy Management Guide
Report User Guide

CI User Guide

IDE User Guide

Repository Manager User Guide

Nine Steps For Open Source Governance
Optimized Component Lifecycle Management with Sonatype CLM

Sonatype CLM Release Notes

6.1. Update to Config.yml

One of the most requested features found in version 1.7 of the Sonatype CLM Suite, is Security Administration. Going forward, Sonatype CLM no longer allows anonymous access in Sonatype CLM for IDE. In addition, access to reports directly in the Sonatype CLM for CI interface is no available. To provide a more secure environment, these reports are now exclusive to the Sonatype CLM Server, and will require a user name and password to login. However, a link to these reports is still provided within the native Hudson and Jenkins environment.

If you are upgrading from a previous version, you will need to add a specific line to your current config file, under the loggers: area.

Line to Add 

"org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter": INFO

After adding, your config should look like this:

loggers:
    "eu.medsea.mimeutil.MimeUtil2": INFO
    "org.apache.http": INFO
    "org.eclipse.jetty": INFO
    "org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter": INFO

Warning

Failure to add this line to your config.yml file will result in credentials being published to the Sonatype CLM log file and is considered insecure.