Google Git
Sign in
apache / archiva-web-content / f5a93ea21fcb526dad4bd0a17d06bc71dd6a1bb3 / . / docs / 3.0.0-SNAPSHOT / adminguide / roles.html
blob: 3fdc9623482213cfa408bdf2752c839202538b65 [file] [log] [blame]
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.8.1
| Rendered using Apache Maven Fluido Skin 1.6
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta http-equiv="Content-Language" content="en" />
<title>Archiva Documentation &#x2013; Understanding Apache Archiva Security Roles</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.6.min.css" />
<link rel="stylesheet" href="../css/site.css" />
<link rel="stylesheet" href="../css/print.css" media="print" />
<script type="text/javascript" src="../js/apache-maven-fluido-1.6.min.js"></script>
<!-- Google Analytics -->
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-140879-5']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>
</head>
<body class="topBarDisabled">
<a href="https://github.com/apache/archiva">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left"><a href="http://archiva.apache.org/" id="bannerLeft"><img src="http://archiva.apache.org/images/archiva.png" alt="Apache Archiva"/></a></div>
<div class="pull-right"><a href="http://www.apache.org/" id="bannerRight"><img src="https://www.apache.org/images/asf_logo_wide_2016.png" alt="Apache Software Foundation"/></a></div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class=""><a href="https://www.apache.org" class="externalLink" title="Apache">Apache</a><span class="divider">/</span></li>
<li class=""><a href="../../../index.html" title="Archiva">Archiva</a><span class="divider">/</span></li>
<li class=""><a href="../index.html" title="Archiva Documentation">Archiva Documentation</a><span class="divider">/</span></li>
<li class="active ">Understanding Apache Archiva Security Roles</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2019-11-30</li>
<li id="projectVersion" class="pull-right">Version: 3.0.0-SNAPSHOT</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Introduction</li>
<li><a href="../quick-start.html" title="Quick Start"><span class="none"></span>Quick Start</a> </li>
<li><a href="../tour/index.html" title="Feature Tour"><span class="none"></span>Feature Tour</a> </li>
<li><a href="../release-notes.html" title="Release Notes"><span class="none"></span>Release Notes</a> </li>
<li><a href="../../../download.html" title="Downloads"><span class="none"></span>Downloads</a> </li>
<li class="nav-header">Users Guide</li>
<li><a href="../userguide/browsing.html" title="Browsing"><span class="none"></span>Browsing</a> </li>
<li><a href="../userguide/searching.html" title="Searching"><span class="none"></span>Searching</a> </li>
<li><a href="../userguide/delete-artifact.html" title="Deleting an Artifact"><span class="none"></span>Deleting an Artifact</a> </li>
<li><a href="../userguide/using-repository.html" title="Using as a repository"><span class="none"></span>Using as a repository</a> </li>
<li><a href="../userguide/deploy.html" title="Deploying to repository"><span class="none"></span>Deploying to repository</a> </li>
<li><a href="../userguide/virtual-repositories.html" title="Configuring Virtual Repositories"><span class="none"></span>Configuring Virtual Repositories</a> </li>
<li><a href="../userguide/rss.html" title="Rss Feeds in Archiva"><span class="none"></span>Rss Feeds in Archiva</a> </li>
<li><a href="../userguide/querying-artifacts.html" title="Querying Artifacts"><span class="none"></span>Querying Artifacts</a> </li>
<li class="nav-header">Administrators Guide</li>
<li><a href="../adminguide/installing.html" title="Installing Archiva"><span class="icon-chevron-right"></span>Installing Archiva</a> </li>
<li><a href="../adminguide/databases.html" title="Databases"><span class="none"></span>Databases</a> </li>
<li><a href="../adminguide/repositories-content-storage.html" title="Repositories Content Storage"><span class="none"></span>Repositories Content Storage</a> </li>
<li><a href="../adminguide/security.html" title="Security"><span class="icon-chevron-down"></span>Security</a>
<ul class="nav nav-list">
<li><a href="../adminguide/users.html" title="Users"><span class="none"></span>Users</a> </li>
<li class="active"><a href="#"><span class="none"></span>Roles</a>
</li>
<li><a href="../adminguide/customising-security.html" title="Customising"><span class="none"></span>Customising</a> </li>
</ul>
</li>
<li><a href="../adminguide/configuration.html" title="Archiva Configuration"><span class="icon-chevron-right"></span>Archiva Configuration</a> </li>
<li><a href="../adminguide/webservices/rest.html" title="REST Apis"><span class="none"></span>REST Apis</a> </li>
<li><a href="../adminguide/configuration-files.html" title="Configuration Files"><span class="none"></span>Configuration Files</a> </li>
<li><a href="../adminguide/system-status.html" title="System Status"><span class="none"></span>System Status</a> </li>
<li><a href="../adminguide/logging.html" title="Log Files"><span class="icon-chevron-right"></span>Log Files</a> </li>
<li><a href="../adminguide/reports.html" title="Reports"><span class="none"></span>Reports</a> </li>
<li class="nav-header">Customising Archiva</li>
<li><a href="../customising/writing-consumer.html" title="Writing a Consumer Plugin"><span class="none"></span>Writing a Consumer Plugin</a> </li>
<li class="nav-header">More Information</li>
<li><a href="https://cwiki.apache.org/confluence/display/ARCHIVA/Index" class="externalLink" title="Archiva Wiki"><span class="none"></span>Archiva Wiki</a> </li>
<li class="nav-header">ASF</li>
<li><a href="https://www.apache.org/foundation/how-it-works.html" class="externalLink" title="How Apache Works"><span class="none"></span>How Apache Works</a> </li>
<li><a href="https://www.apache.org/foundation/" class="externalLink" title="Foundation"><span class="none"></span>Foundation</a> </li>
<li><a href="https://www.apache.org/foundation/sponsorship.html" class="externalLink" title="Sponsoring Apache"><span class="none"></span>Sponsoring Apache</a> </li>
<li><a href="https://www.apache.org/foundation/thanks.html" class="externalLink" title="Thanks"><span class="none"></span>Thanks</a> </li>
<li class="nav-header">Project Documentation</li>
<li><a href="../project-info.html" title="Project Information"><span class="icon-chevron-right"></span>Project Information</a> </li>
</ul>
<form id="search-form" action="https://www.google.com/search" method="get" >
<input value="https://archiva.apache.org/docs/3.0.0-SNAPSHOT/" name="sitesearch" type="hidden"/>
<input class="search-query" name="q" id="query" type="text" />
</form>
<script type="text/javascript">asyncJs( 'https://cse.google.com/brand?form=search-form' )</script>
<hr />
<div id="poweredBy">
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/archiva" class="twitter-follow-button" data-show-count="false" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow archiva</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"><img class="builtBy" alt="Built by Maven" src="../images/logos/maven-feather.png" /></a>
</div>
</div>
</div>
<div id="bodyColumn" class="span10" >
<div class="section">
<h2><a name="Understanding_Apache_Archiva_Security_Roles"></a>Understanding Apache Archiva Security Roles</h2>
<p>Archiva uses the <a class="externalLink" href="http://archiva.apache.org/redback/"> Redback</a> security framework for managing repository security. When the server is first started, you will be prompted to create an administration user. This user will be given permission to administer all aspects of the system (as well as access to all of the repositories). This user can then be used to grant permissions to other users.</p>
<p>A guest user is also created by default, and given read access to the default repositories (<tt>internal</tt> and <tt>snapshots</tt>). Repositories with guest user access can be accessed without the use of a username and password (or without being logged in to the web interface).</p>
<p>However, when new repositories are created, by default no permissions are assigned and only the administrators will have access until it is explicitly granted.</p>
<p>Note that Redback has the concept of inferred roles, so the assignment of some roles will imply other roles (which will be displayed in the web interface).</p>
<div class="section">
<h3><a name="Repository_Roles"></a>Repository Roles</h3>
<p>Archiva contains the following roles for repository access:</p>
<ul>
<li><i>Repository Observer</i>: users with this role can read from the given repository that the role is for (including access through the browse and search features of the web interface)</li>
<li><i>Repository Manager</i>: users with this role can write to and administer the given repository that the role is for</li>
<li><i>Global Repository Observer</i>: users with this role can read from any repository (including access through the browse and search features of the web interface)</li>
<li><i>Global Repository Manager</i>: users with this role can write to and administer any repository in the instance</li></ul>
<div class="section">
<h4><a name="Roles_list"></a>Roles list</h4><img src="../images/roles-list.png" alt="" /></div>
<div class="section">
<h4><a name="Role_details"></a>Role details</h4><img src="../images/role-detail.png" alt="" /></div>
<div class="section">
<h4><a name="Attach_users_to_a_role"></a>Attach users to a role</h4><img src="../images/role-users.png" alt="" /></div></div>
<div class="section">
<h3><a name="General_Roles"></a>General Roles</h3>
<p>Archiva also contains the following general roles for security of the instance:</p>
<ul>
<li><i>System Administrator</i>: full access to all functionality in the system</li>
<li><i>User Administrator</i>: ability to create, edit, and grant roles to other users in the system</li></ul>
<p>The guest and registered user roles do not affect repository access.</p></div></div>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<div class="row">
<div class="span6 offset1">Apache Archiva, Archiva, Apache, the Apache feather logo, and the Apache Archiva project logos are trademarks of The Apache Software Foundation.</div>
</div>
<div class="row">
&nbsp;
</div>
<div class="row">
<div class="span6 offset2">
<p>
<a href="https://archiva.apache.org/docs/3.0.0-SNAPSHOT/privacy-policy.html">Privacy Policy</a>
</p>
</div>
</div>
</div>
<div id="ohloh" class="pull-right">
<script type="text/javascript" src="https://www.ohloh.net/p/6670/widgets/project_thin_badge.js"></script>
</div>
</div>
</footer>
</body>
</html>