Skip to main content

Local Authentication

While it is generally recommended to use a centralized authentication provider such as LDAP, SAML or Crowd, Nexus Repository Manager does include support for managing users. This can be accomplished both through the user interface as well as the REST API.

Enforcing Password Requirements

Administrator can set minimum password requirements for users managed in Local realms by using configuration properties in $data-dir/nexus/etc/nexus.properties. nexus.password.validator accepts a regular expression whose conditions must be met in order for the password to change. nexus.password.validator.message is the message that will be shown if a password attempt is made and does not meet the requirements. If the message is not supplied in the properties, a generic one will be used.

This example shows how to require a password contain a lowercase, an uppercase and digit, with a message:

                     nexus.password.validator=^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).+$
nexus.password.validator.message=Passwords must contain a lowercase letter, an uppercase letter and a digit