Yep.
The downside is that when someone gets booted from the team (never
happens, right?), you need a new cert unless you're also doing user
authentication.
Correct me if I'm mistaken or if I misquote, please:
If I understand Tamás' idea, using the SSL cert would make it possible
for anyone with the cert to get to the repo. This revoking rights to
the repo means generating a new cert and distributing it to the
appropriate (i.e. still permitted) parties.
Using .htaccess or some other Apache auth mechanism, you might hide
the resources behind a "requires {blah}" protected URI and thus be
able to administrate add and remove on a user-by-user basis.
Note that for SSL-based deploys, if you're not using a trusted CA's
cert, you'll need to install your self-signed cert into each java
runtime's trusted CA store. Not particularly difficult but still a
pain.
I'm doing the large-scale version of your scenario right now with a
client. Unfortunately, all of thier userbase admin is done with
Active Directory 2003R2 which seems to have a host of issues if your
config isn't very vanilla.
On 9/28/06, Tamás Cservenák <[EMAIL PROTECTED]> wrote:
A solution would be to set up a HTTPS repo, where Apache does client
SSL authentication, and you start maven with proper SSL config and
keystore....
I think it should work. Just create certs for your team members,
others without certs will be banned from repo completely.
~t~
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
I'm just an unfrozen caveman software developer. I don't understand
your strange, "modern" ways.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
