zharvey wrote on 09/15/2011 10:56 AM:
(c) It, theoretically, would be possible to script my Apache server to accept the PUT from Ivy and write these files to my ivyrepo. (Yes, I am aware of the security concerns that will arise from this, and would have to take measure into my own hands on that account).
Well, I'm not sure what Ivy actually has or has not attempted in your case (wireshark could tell you for sure).
I wouldn't use bare PUTs to publish artifacts myself to a URL resolver, even if Ivy does allow it.
I would like some security and authentication on writes to my repository. It would be tricky to get Apache and Ivy to implement any decent security on bare puts. I suppose you could implement HTTP Basic Auth and encode the user/pass in the URL of the resolver, but that would be hackish and insecure indeed.
If you're going to use a remote resolver, I'd use one designed for writing with solid session authentication: Webdav is a good choice, as is SFTP.
A lot of folks just export the filesystem underlying the HTTP docroot via NFS or CIFS, and then use a filesystem resolver to publish. Then your filesystem permissions handle security.
Still others use the Ivy-SVN integration to publish to a subversion repo, and then use svnweb to access the repo.
All are valid choices; which is best for you will depend upon your environment, VCS, and toolchain.
Thanks, --- Kirby Files Software Architect Masergy Communications kfi...@masergy.com
