[
https://issues.apache.org/jira/browse/MRM-1908?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15044521#comment-15044521
]
Fabian Trampusch edited comment on MRM-1908 at 12/7/15 7:47 AM:
----------------------------------------------------------------
I can verify that this issue happened here (at the company I am working) too. A
user without write permission for a given repository had uploaded artifacts
into that repository.
was (Author: trampi):
I can verify that this issue happened here too. A user without write permission
for a given repository had uploaded artifacts into that repository.
> Logged on users can write any repository
> ----------------------------------------
>
> Key: MRM-1908
> URL: https://issues.apache.org/jira/browse/MRM-1908
> Project: Archiva
> Issue Type: Bug
> Components: Users/Security
> Affects Versions: 2.2.0
> Reporter: Krisztian Fekete
> Attachments: archiva1.jpg, archiva2.jpg, archiva3.jpg, archiva4.jpg,
> archiva5.jpg, archiva6.jpg
>
>
> Our sandbox Archiva 2.2.0 instance is connected with our corporate LDAP
> service. I created a repository with name common-internal. My LDAP user
> feketk1 doesn't have any permission on the common-internal repository. When I
> login through the web UI with my feketk1 user, I am able to upload artefacts
> to the common-internal repository.
> For additional details please check attached screenshots.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
