-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
So I am following this page http://www.sonatype.com/book/repository.html
. I get the idea that after I have a closed source local repo inplace,
I can configure the parent pom.xml with the information and the
settings.xml with the passwords. So I am feeling a bit stretched and
google isn't being kind about 'setup apache "REST server"' I was
wondering if someone can provide me with some additional background?
I have pasted my apache maven-snap.conf below. At first I just want a
simple solution. Later I can try archiva and similar solutions. What I
find unsavory about the path I am taking, in the file below is enabling
a shared upload mechanism and all the pathological problems of squaring
away team security and apache security. If I already have a working
authz_mod_svn security configuration and basic auth scheme going for
subversion, might I be able to revise the maven-snap.conf below so that
webdav is used for the transport? Can anyone point me to a URL for an
example configuration? Also would I use webdav_fs with this configuration?
Regards,
Greg
# Ident: maven-snap.conf
#
# maven-snap.conf provides steps to configure a simple Maven
# Snap_shot_repo, Release_repo, and required_files location
# on a maven box,
#
# Steps
# su - root
# cd /var/www
# mkdir maven2
# cd maven2
# mkdir snapshot_repo
# mkdir release_repo
# mkdir required_files
# cd /var/www
# chown -R apache.apache maven2
# chmod -R g+rwsx maven2
# copy this file to fedora /etc/httpd/conf.d directory
# /etc/rc.d/init.d/httpd restart
# exit # root login
#
<IfModule !mod_dir.c>
LoadModule dir_module modules/mod_dir.so
</IfModule>
<IfModule !mod_autoindex.c>
LoadModule autoindex_module modules/mod_autoindex.so
</IfModule>
# This error_log message on linux said I needed to remove a security
setting.
# this may be OK on an internal network!
#
# [Sun Oct 28 17:31:41 2007] [error] [client 172.20.3.25] ModSecurity:
Access denied with code 403 (phase 4). Pattern match "(?:>\\\\[To Parent
Directory\\\\]<\\\\/[Aa]><br>|<title>Index of.*?<h1>Index of)" at
RESPONSE_BODY. [id "970013"] [msg "Directory Listing"] [severity
"WARNING"] [hostname "bagheera"] [uri "/maven-snap/"] [unique_id
"0vxS86wUAxcAAF7zk4IAAAAA"]
#
# Note remove error for directory listing?
# Found in /etc/httpd/modsecurity.d/modsecurity_crs_50_outbound.conf
# SecRule RESPONSE_BODY "(?:>\[To Parent
Directory\]<\/[Aa]><br>|<title>Index of.*?<h1>Index of)" \
#
"ctl:auditLogParts=+E,deny,log,auditlog,status:403,msg:'Directory
Listing',,id:'970013',severity:'4'"
#
Alias /maven-snap "/var/www/maven2/snapshot_repo"
<Directory "/var/www/maven2/snapshot_repo">
DirectoryIndex index.html index.htm
Options Indexes
IndexOptions FancyIndexing
Order allow,deny
Allow from all
</Directory>
# Maven Release repo
Alias /maven-release "/var/www/maven2/release_repo"
<Directory "/var/www/maven2/release_repo">
DirectoryIndex index.html index.htm
Options Indexes
IndexOptions FancyIndexing
Order allow,deny
Allow from all
</Directory>
# Required files for dependencies. The idea behind this
# web location is that you store all the jars and other archives
# that were used to build your application. Team would go to this
# URL to make sure that a common set of JDKs and other applications
# are used on all developer's work stations.
Alias /required-files "/var/www/maven2/required_files"
<Directory "/var/www/maven2/required_files">
DirectoryIndex index.html index.htm
Options Indexes
IndexOptions FancyIndexing
Order allow,deny
Allow from all
</Directory>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFHJTioxyxe5L6mr7IRAmaJAKCfc3PJzQ/5gYqms3U/78Bjj5KEUQCfati6
nL+Mv7zbFV550gfArwrCgwc=
=BXam
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
