3

big problem. My Archiva internal repo (and maybe snapshot repo, although I don't know yet as I have not put any snapshots in there yet) seem to be accessible to the public.

I.e. if someone wanted the surefire plugin from my repo, they could download it by simply going to https://my.repo.url.com/archiva/repository/internal/org/apache/maven/surefire/surefire-junit3/2.7.1/surefire-junit3-2.7.1.jar

They could download the file right then and there. Would be a shame if there were actual project jar's and such in there also available to the general public and I can't seem to figure out how to disable private access to save the life of me.

I authenticate via LDAP.

Thanks!

Brett Porter
  • 5,827
  • 27
  • 25
Sam Levin
  • 3,326
  • 7
  • 30
  • 44

2 Answers2

2

One possibility is you have a guest user, which has the repository observer role. You can either remove the user or disable the role. There is an FAQ which asks for the opposite of what you need.

Raghuram
  • 51,854
  • 11
  • 110
  • 122
  • 1
    it's not possible to remove the guest user, but you are correct that removing the repository observer role from that user would prevent public access – Brett Porter Mar 07 '12 at 07:09
2

To expand on Raghuram's answer, you should consider using different managed repositories for your own releases, as opposed to those proxied from an internet repository (as internal is configured to do by default).

Part of the confusion here is the legacy name of internal, which no longer accurately represents its meaning.

Brett Porter
  • 5,827
  • 27
  • 25
  • I can't seem to do this. Every time I try to remove the Guest User from a list, it says "user does not exist". Am I missing something blatantly obvious here? – Sam Levin Mar 11 '12 at 08:30
  • 1
    note my comment on the answer below - you can't delete the guest user, but you can edit it's roles to remove permissions. If that is causing problems, more detail is needed - you might be better to post to users@archiva.apache.org to work through it. – Brett Porter Mar 13 '12 at 02:06