archiva-docs/src/site/apt/adminguide/roles.apt - archiva - Git at Google

  ------
  Understanding Apache Archiva Security Roles
  ------

 Understanding Apache Archiva Security Roles

   Archiva uses the {{{http://redback.codehaus.org/} Redback}} security framework for managing repository security. When the server is first started,
   you will be prompted to create an administration user. This user will be given permission to administer all aspects of the system (as well as
   access to all of the repositories). This user can then be used to grant permissions to other users.

   A guest user is also created by default, and given read access to the default repositories (<<<internal>>> and <<<snapshots>>>). Repositories with
   guest user access can be accessed without the use of a username and password (or without being logged in to the web interface).

   However, when new repositories are created, by default no permissions are assigned and only the administrators will have access until it is
   explicitly granted.

   Note that Redback has the concept of inferred roles, so the assignment of some roles will imply other roles (which will be displayed in the web interface).

 * Repository Roles

   Archiva contains the following roles for repository access:

     * <Repository Observer>: users with this role can read from the given repository that the role is for (including access through the browse and search features of the
       web interface)

     * <Repository Manager>: users with this role can write to and administer the given repository that the role is for

     * <Global Repository Observer>: users with this role can read from any repository (including access through the browse and search features of the
       web interface)

     * <Global Repository Manager>: users with this role can write to and administer any repository in the instance

 * General Roles

   Archiva also contains the following general roles for security of the instance:

     * <System Administrator>: full access to all functionality in the system

     * <User Administrator>: ability to create, edit, and grant roles to other users in the system

   The guest and registered user roles do not affect repository access.

 ~~TODO: walkthrough screens
	------
	Understanding Apache Archiva Security Roles
	------

	Understanding Apache Archiva Security Roles

	Archiva uses the {{{http://redback.codehaus.org/} Redback}} security framework for managing repository security. When the server is first started,
	you will be prompted to create an administration user. This user will be given permission to administer all aspects of the system (as well as
	access to all of the repositories). This user can then be used to grant permissions to other users.

	A guest user is also created by default, and given read access to the default repositories (<<<internal>>> and <<<snapshots>>>). Repositories with
	guest user access can be accessed without the use of a username and password (or without being logged in to the web interface).

	However, when new repositories are created, by default no permissions are assigned and only the administrators will have access until it is
	explicitly granted.

	Note that Redback has the concept of inferred roles, so the assignment of some roles will imply other roles (which will be displayed in the web interface).

	* Repository Roles

	Archiva contains the following roles for repository access:

	* <Repository Observer>: users with this role can read from the given repository that the role is for (including access through the browse and search features of the
	web interface)

	* <Repository Manager>: users with this role can write to and administer the given repository that the role is for

	* <Global Repository Observer>: users with this role can read from any repository (including access through the browse and search features of the
	web interface)

	* <Global Repository Manager>: users with this role can write to and administer any repository in the instance

	* General Roles

	Archiva also contains the following general roles for security of the instance:

	* <System Administrator>: full access to all functionality in the system

	* <User Administrator>: ability to create, edit, and grant roles to other users in the system

	The guest and registered user roles do not affect repository access.

	~~TODO: walkthrough screens