directory level access control

[brewk9 <ke...@pearson.com>]

I would like to implement security to grant write access for each team only
to their top level directories(groupId's). Each group would have read access
to the entire repository. For example, team A would only have write access
to directory com.mycompany.teamA but read access to the whole repository. We
have many different teams using our internal repository and we do not like
giving everyone write access to the whole repository. Anyone have any ideas
for this? Here are the two options I'm aware of. Has anyone else dealt with
this issue? What are the pros/cons. Are there other options?

1) Create a separate internal repository for each team.

1) Grant only read access to the Linux user that tomcat is running under so
developers cannot deploy to the repository using Archiva but instead, have
to use scp and a linux user. Setup linux users and groups to grant
write/delete access for each team.

-Ken
-- 
View this message in context: http://www.nabble.com/directory-level-access-control-tp15024333p15024333.html
Sent from the archiva-users mailing list archive at Nabble.com.