security:

password-policy: # users' password policy (用户的密码策略)

uppercase: 0 # minimum number of uppercase letters that the password must contain (密码必须包含的最小小写字母数)

lowercase: 0 # minimum number of lowercase letters that the password must contain (密码必须包含的最小大写字母数)

digit: 0 # minimum number of digits that the password must contain (密码必须包含的最小数字数)

length: 4 # minimum length of the password (密码最小长度)

not-match-old: true # should access allow setting a new password to the same one currently set for the user (禁止与新旧密码相同)

user-lock-policy:

attempts: 0 # number of failed login attempts to allow before locking a user. 0 (default) means the feature is disabled (锁定用户之前允许的失败登录尝试次数)

seconds-to-unlock: 0 # number of seconds to wait before re-enabling login for a user that has been locked out (为已锁定的用户重新启用登录之前等待的秒数)

password-expiry-days: 0 # number of days before a password expires. Set by Artifactory (密码过期)

admin-password-expirable: false # does the access admin password expire (访问管理员密码是否过期)

audit:

enabled: true # should access log all requests to a specific file or not (是否应访问将所有请求记录到指定文件)

password-strength: 8 # bcrypt password strength. A higher value means better security, but password verification will be slower (密码加密强度，更高的值意味着更好的安全性，但是密码验证会慢一些)

local-interfaces-expire-in-seconds: 60 * 10 # number of seconds for which local server ips should be cached for users’allowed-ips (用户允许的IP缓存本地服务器IP的秒数)

encryption-enabled: true # specifies if users’custom data encryption is allowed (指定是否允许用户的自定义数据加密)