So I assume that there will be a set of permissions that can be mapped to roles that user's have. The mappings would be stored in a database somewhere. I think it would also be useful in our case to have a role mapping interface that could point to various sources such as LDAP or Active directory as well as the one inside Archiva.
How is the control applied to uploading artifacts. So far in our implementations we use scp to upload the artifacts directly to the file system. Since it does not interact with Archiva at that point how can that be secured? Is there a way to use Archiva to facilitate uploads/deployments of artifacts? I look forward to pulling down the code and giving a test drive to what is currently there. Scott D. Ryan Senior Java Developer/Architect Aurora Loan Services 10350 Park Meadows Drive Littleton, Co. 80124 Office: (720) 945-5328 Cell: (303) 263-3044 [EMAIL PROTECTED] -----Original Message----- From: Jesse McConnell [mailto:[EMAIL PROTECTED] Sent: Saturday, October 21, 2006 9:08 AM To: [email protected] Subject: Re: Help Needed? > > Same here. First step I think is to get a Reports API in place. They > need to be individually ACL'd so some can be private and some can be > public. An abstract TabularReport should make it easier to do a lot of > them and leave room for more complex summarising reports at the same > time. > I was thinking that if we have the ability to easily add all the elements of rbac from the UI then it would be easy to experiment with different strategies of securing those kind of resources..and once you have something that works nicely codify into an actual role profile. Otherwise it would be a bit of a pain to tweak/recompile/redeploy over and over to get the right security notations. Maybe not though, depends on how much its designed before you dig into that lvl. Ping me anytime on the rbac part of that, there can be a little adjustment to how to think about using it. jesse -- jesse mcconnell [EMAIL PROTECTED] ------------------------------------------------------------------------------ This message is intended only for the personal and confidential use of the designated recipient(s) named. If you are not the intended recipient of this message, you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited. This communication is for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer to buy any financial product, an official confirmation of any transaction, or as an official statement of Aurora Loan Services. Email transmission cannot be guaranteed to be secure or error-free. Therefore, we do not represent that this information is complete or accurate and it should not be relied upon as such. All information is subject to change without notice.
