On 08/04/2009, at 4:57 AM, solo1970 wrote:
Here is the use case:
With Archiva 2.1, they've added a "Delete Artifact" possibility in
the UI,
as long as you are a "Repository Manager", you have access to it.
In the
past, we used the "guest" logon for everyone which was "Repository
manager"
for our snapshots and development repositories, hence no username/
password
in the settings.xml file. Ande everyone can deploy.
I'll answer that on the archiva list with the Q you asked there, and
it is easily fixed.
Now we don't want everyone to go to the UI and have the possibility to
delete artifacts from those repositories, so we can't give "guest" the
"Repository manager" role for those repositories.
We've then created a "deployment" user which has those roles, but we
need to
encrypt the password so that not everyone can login to the UI, but can
deploy from the command-line to those repositories.
If you give everyone the master password, you're effectively giving
away the passwords. It's a little hidden, but trivial for anyone to
figure out that wants to.
Cheers,
Brett
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
