Hey Dave,
Dave McLoughlin wrote:
We are using Archive to manage a set of repositories and we've hit a
snag. We allow teams to store "commercial" artifacts into one of the
repositories but we are concerned about possible licensing implications.
If the product equires a separate license key, there is no problem. But
if the ommercial binaries do not have that ability, then we are
wondering if here is a way to implement "fine-grained entitlements"
within Archiva. We have not seen anything in the user management space
other than "coarse-grained roles".
This is something I need soon as well. Your right - we only have
coarse-grained access (per repository).
The only way that we have found to do this would be to create a separate
repository for each group that has a set of commercial binaries that
they need to build against. We'd rather not take this approach because
(1) it reduces the reuse of maven and really defeats the purpose of
having shared binaries and (2) we are concerned that it will not scale
to 500-2000 repositories.
Any thoughts or advice would be appreciated,
We really need to review our security system post 1.2 release. If you
could document your needs and requirements on our wiki
(http://cwiki.apache.org/confluence/display/ARCHIVA/Index) it would go a
long way to help us understand what improvements we need to make in 1.3
(or a future version).
If you have time, we could really use help in this area :)
Thanks
James
