Wendy beat me to it. I believe she is correct. You can configure anonymous read-only by granting Global Repo Observer to your configured guest account, but selective roles and privileges are not automatically granted based on ldap groups at the moment. However, an administrator should be able to grant the appropriate roles and privileges easily.
Feel free to submit a feature request to redback jira, REDBACK-142 is the closest I could find, but the issue wasn't recreated as suggested. To support editing of roles in archiva and continuum redback will require write-back support which may be a bit tricky because of the variability of directory schemas. It may be possible to get this done rather quickly if redback role assignments are slaves to the LDAP groups. It may require the ability to map LDAP groups to required redback privileges if there isn't a 1:1 correspondence. Brent On Wed, Jan 19, 2011 at 11:47 AM, Wendy Smoak <wsm...@gmail.com> wrote: > 2011/1/19 Igor Galić <i.ga...@brainsware.org>: > > > I'm looking for a way to define a certain set of rules for Archiva's > deployments and management. > > > > * anonymous read only access to all repositories > > * read/write access to repo Experimental for all developers (ldap group) > > * read/write access to repo DSL to all architects and team leads (ldap > groups) > > * Manage repositories (^ same group?) > > * Manage users (admins ldap group) > > > > Is this possible with Redback, if so, uh.. how? > > You can do the 'anonymous read only access to all repositories' by > granting the global repository observer role to the 'guest' user. > > I don't think LDAP groups have anything to do with it... the > permissions (authorization) are kept in the Redback users database and > LDAP is just consulted for authentication at login. > > So you would grant repository 'observer' or 'manager' roles to each > person in Archiva as needed. > > Happy to be proven wrong though, I've just recently started using LDAP > with Continuum/Archiva/Redback. > > -- > Wendy >
