From e2c584ac395c69770319311378572d385390f28e Mon Sep 17 00:00:00 2001 From: Brett Porter Date: Fri, 23 Nov 2007 02:47:29 +0000 Subject: [PATCH] add roles git-svn-id: https://svn.apache.org/repos/asf/maven/archiva/trunk@597526 13f79535-47bb-0310-9956-ffa450edef68 --- .../src/site/apt/adminguide/roles.apt | 38 ++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) diff --git a/archiva-docs/src/site/apt/adminguide/roles.apt b/archiva-docs/src/site/apt/adminguide/roles.apt index 962303204..c819ebc34 100644 --- a/archiva-docs/src/site/apt/adminguide/roles.apt +++ b/archiva-docs/src/site/apt/adminguide/roles.apt @@ -4,5 +4,41 @@ Understanding Apache Archiva Security Roles - :STUB: This is a documentation stub. + Archiva uses the {{{http://redback.codehaus.org/} Redback}} security framework for managing repository security. When the server is first started, + you will be prompted to create an administration user. This user will be given permission to administer all aspects of the system (as well as + access to all of the repositories). This user can then be used to grant permissions to other users. + + A guest user is also created by default, and given read access to the default repositories (<<>> and <<>>). Repositories with + guest user access can be accessed without the use of a username and password (or without being logged in to the web interface). + + However, when new repositories are created, by default no permissions are assigned and only the administrators will have access until it is + explicitly granted. + + Note that Redback has the concept of inferred roles, so the assignment of some roles will imply other roles (which will be displayed in the web interface). + +* Repository Roles + + Archiva contains the following roles for repository access: + + * : users with this role can read from the given repository that the role is for (including access through the browse and search features of the + web interface) + + * : users with this role can write to and administer the given repository that the role is for + + * : users with this role can read from any repository (including access through the browse and search features of the + web interface) + + * : users with this role can write to and administer any repository in the instance + +* General Roles + + Archiva also contains the following general roles for security of the instance: + + * : full access to all functionality in the system + + * : ability to create, edit, and grant roles to other users in the system + + The guest and registered user roles do not affect repository access. + +~~TODO: walkthrough screens