Hi Ranjith, could you please check the permissions of the guest user? The guest user is the one which is assigned, if the user is not authenticated. Other possibility is, that you are already logged in with your browser (there are authentication cookies stored in the browser), because you used the web ui before. Please logout before testing with your browser. The better alternative is to test with curl or wget, both do not send cookies by default.
Regards Martin Am Dienstag, 27. November 2018, 07:25:28 CET schrieb ranjithmnair: > Hi, > I am using Archiva, and when i include a dependency uploaded in archiva in a > maven project, the security is working fine and it is allowing only if the > credentials are provided in settings.xml. > But the problem is anyone is able to access the repository > (internal/snapshot), /using the url we mention in the settings/pom to > download using maven install/, directly in browser and download the jars. Is > there a way to prevent that.. *I am talking about this url: > http://localhost:8080/repository/internal/*. > Is there a way to password protect this url from accessing externally? > something like it ask for password which i configured in archiva while > clicking on http://localhost:8080/repository/internal/ > > Thanks very much.. > > With Best Regards, > Ranjith > > > > -- > Sent from: http://archiva.996284.n3.nabble.com/User-f10698.html > >
