archiva-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jesse McConnell" <>
Subject Re: Security Question
Date Thu, 30 Aug 2007 22:21:54 GMT
2)  soon you will be able to authenticate against an ldap server, perhaps as
soon as the next release :)

it will take a bit of xml configuration to make it happen, and it will be
read-only for now..but you'll be able to do it.


On 8/30/07, Joel Morris <> wrote:
> We have just upgraded to the latest version of Archiva and I have a
> couple of security questions.
> 1. In the previous release we added our archiva repository to our
> ~/.m2/settings.xml as a mirror.
> <settings>
> ...
>    <mirrors>
>      <mirror>
>        <id>catchy</id>
>        <name>EBS Maven Repository Manager</name>
>        <url>http://<hostname>/archiva/repository/internal</url>
>        <mirrorOf>central</mirrorOf>
>      </mirror>
>    </mirrors>
> ...
> </settings>
> That way when you ran a mvn command it would try to download the plug-
> in or resource from our archiva repository and proxy to the central
> if needed. We were adding the guest account to the repository-
> observer role, but we would like to stop doing that and make users
> authenticate to use our archiva repository.  What is the proper way
> to set that up, so that when mvn runs it can still download from
> archiva?  It doesn't seem like the repository or mirror configuration
> in the settings.xml allow you to setup a username/password, so I'm
> not sure how this should be done.
> 2. Is there anyway to setup archiva to authenticate against an LDAP
> directory, rather than the builit-in authentication scheme?
> Thanks,
> Joel Morris

jesse mcconnell

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message