Thanks for the pointers to the source. After I looked a little closer, I realized the guest user only had access to add new modules to the existing project, not to add new project groups. This seems reasonable to me. (Or at least not a big enough deal for me to dig into the source code) I would be more concerned about letting guest users add new project groups. I've just finished migrating most of our existing projects over to 1.1-beta3, so overall I've been pretty happy with 1.1.
OT: I did checkout hudson to see where they are at. With hudson, the big missing functionality for me was it doesn't pick up email notifiers from the pom for build notification. Thanks for your assistance, Tom Emmanuel Venisse wrote: > > Look at this file > (http://svn.apache.org/repos/asf/maven/continuum/trunk/continuum-security/src/main/resources/META-INF/redback/redback.xml), > it defines all roles and inheritence between each roles. > If you write a patch, I don't think it will be in 1.1 but you'll have it > for your instance. > > Emmanuel > > -- View this message in context: http://www.nabble.com/Guest-security-in-1.1-beta-3-tf4594648.html#a13224776 Sent from the Continuum - Users mailing list archive at Nabble.com.