Sonatype CLM - Upgrade Instructions
There are two critical changes that will affect any users upgrading from version 1.7x.
- Config.yml Change
-
The introduction of the security administration features require that a specific line be added to your current config file, under the loggers: area.
"org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter": INFO
After adding, your config should look like this:
loggers: "eu.medsea.mimeutil.MimeUtil2": INFO "org.apache.http": INFO "org.eclipse.jetty": INFO "org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter": INFO
![[Warning]](images/icons/warning.png){kind=icon}
|
|
|
Failure to add this line to your config.yml file will result in credentials being published to the Sonatype CLM log file and is considered insecure. |
- Parent Organization Requirement
-
For those users of Sonatype CLM between, and including, 1.6x and 1.8x, applications were permitted to exist without a parent organization. Within the interface any applications without an organization were identified as follows:
However, as of Sonatype CLM 1.9x and higher, this is no longer permitted, and will prevent the Sonatype CLM Server from starting. Prior to upgrading, make sure all applications have been assigned an organization. For more information on organization, please see the Organization and Application Management section of the Policy Management Guide.
