Author: brett
Date: Thu Nov 22 18:47:29 2007
New Revision: 597526
URL: http://svn.apache.org/viewvc?rev=597526&view=rev
Log:
add roles
Modified:
maven/archiva/trunk/archiva-docs/src/site/apt/adminguide/roles.apt
Modified: maven/archiva/trunk/archiva-docs/src/site/apt/adminguide/roles.apt
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-docs/src/site/apt/adminguide/roles.apt?rev=597526&r1=597525&r2=597526&view=diff
==============================================================================
--- maven/archiva/trunk/archiva-docs/src/site/apt/adminguide/roles.apt
(original)
+++ maven/archiva/trunk/archiva-docs/src/site/apt/adminguide/roles.apt Thu Nov
22 18:47:29 2007
@@ -4,5 +4,41 @@
Understanding Apache Archiva Security Roles
- :STUB: This is a documentation stub.
+ Archiva uses the {{{http://redback.codehaus.org/} Redback}} security
framework for managing repository security. When the server is first started,
+ you will be prompted to create an administration user. This user will be
given permission to administer all aspects of the system (as well as
+ access to all of the repositories). This user can then be used to grant
permissions to other users.
+
+ A guest user is also created by default, and given read access to the
default repositories (<<<internal>>> and <<<snapshots>>>). Repositories with
+ guest user access can be accessed without the use of a username and password
(or without being logged in to the web interface).
+
+ However, when new repositories are created, by default no permissions are
assigned and only the administrators will have access until it is
+ explicitly granted.
+
+ Note that Redback has the concept of inferred roles, so the assignment of
some roles will imply other roles (which will be displayed in the web
interface).
+
+* Repository Roles
+
+ Archiva contains the following roles for repository access:
+
+ * <Repository Observer>: users with this role can read from the given
repository that the role is for (including access through the browse and search
features of the
+ web interface)
+
+ * <Repository Manager>: users with this role can write to and administer
the given repository that the role is for
+
+ * <Global Repository Observer>: users with this role can read from any
repository (including access through the browse and search features of the
+ web interface)
+
+ * <Global Repository Manager>: users with this role can write to and
administer any repository in the instance
+
+* General Roles
+
+ Archiva also contains the following general roles for security of the
instance:
+
+ * <System Administrator>: full access to all functionality in the system
+
+ * <User Administrator>: ability to create, edit, and grant roles to other
users in the system
+
+ The guest and registered user roles do not affect repository access.
+
+~~TODO: walkthrough screens
