You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@archiva.apache.org by Olivier Lamy <ol...@apache.org> on 2012/12/20 14:57:18 UTC
Releasing 1.4-M4
Hi,
I'd like to release 1.4-M4.
A bit late for xmas now :-).
But early next year.
Any issue ?
Thanks,
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: Releasing 1.4-M4
Posted by Brent Atkinson <br...@gmail.com>.
I agree with you Brett, that approach is probably the best balance. It
allows fine granularity permissions on the application side, the ability to
manage from the directory side, and it won't require specific schema in
ldap. This approach is similar as others I have seen and it is generally
well accepted among system oprations folks these days.
Brent
On Dec 21, 2012 4:39 AM, "Brett Porter" <br...@apache.org> wrote:
>
> On 21/12/2012, at 7:39 PM, Olivier Lamy <ol...@apache.org> wrote:
>
> > Note something I'd like to add is to be able to use only ldap
> > (including for roles).
> > But probably not yet for this release, I have to think which ldap
> > attributes to use for role mapping (and a couple of other things :-)
> > ).
> > Such feature makes sense ?
>
> I'm not sure you'll get the granularity of the resources/permissions that
> you want without overly-polluting LDAP or unless you limit it to the global
> roles.
>
> Probably the better way to approach it is to add support for groups
> (mapped onto LDAP) that can be assigned to roles (still stored in
> Archiva/Redback).
>
> - Brett
>
> --
> Brett Porter
> brett@apache.org
> http://brettporter.wordpress.com/
> http://au.linkedin.com/in/brettporter
> http://twitter.com/brettporter
>
>
>
>
>
>
Re: Releasing 1.4-M4
Posted by Olivier Lamy <ol...@apache.org>.
Apologize for delay (some other stuff to do recently)
Most of ldap mapping is implemented ( ldap group -> n archiva roles).
Can be done via file security.properties (see
http://archiva.apache.org/redback/configuration.html )
ldap.config.groups.class= object class for groups (default: groupOfUniqueNames)
ldap.config.groups.base.dn= basedn for groups, dn with list of groups
( dc=archiva,dc=apache,dc=org ) (if empty default will be
ldap.config.base.dn)
ldap.config.groups.role.*(ldap group)=*(roles) (mapping ldap group -
redback roles comma separated) (example:
ldap.config.groups.role.archiva-admin=Archiva System Administrator,
Foo)
ldap.config.writable=true/false will write datas to ldap (default false)
ldap.config.groups.use.rolename=true/false will create groups in ldap
with default role if no group-role mapping found (default false)
ldap.config.user.attribute= attribute name to use for user (default uid=)
Note the new ldap.config.writable this mean is possible to activate
write to ldap (for groups creation and users)
Now (I hope in the coming days) I will add a ui screen to map groups to n roles.
I'd like to add some changes (but probably for a next release). This
means be able to fully remove the database use as currently the
roles/permissions (redback model) still need a database.
Any comments are welcome :-)
2013/1/2 Olivier Lamy <ol...@apache.org>:
> So finally I will implement that for 1.4-M4 :-)
> That sounds to be a nice feature to have.
> The idea will be to add some configuration mapping between ldap group
> and archiva/redback roles.
>
> 2012/12/21 Olivier Lamy <ol...@apache.org>:
>> 2012/12/21 Brett Porter <br...@apache.org>:
>>>
>>> On 21/12/2012, at 7:39 PM, Olivier Lamy <ol...@apache.org> wrote:
>>>
>>>> Note something I'd like to add is to be able to use only ldap
>>>> (including for roles).
>>>> But probably not yet for this release, I have to think which ldap
>>>> attributes to use for role mapping (and a couple of other things :-)
>>>> ).
>>>> Such feature makes sense ?
>>>
>>> I'm not sure you'll get the granularity of the resources/permissions that you want without overly-polluting LDAP or unless you limit it to the global roles.
>>>
>>> Probably the better way to approach it is to add support for groups (mapped onto LDAP) that can be assigned to roles (still stored in Archiva/Redback).
>>
>> Sounds good to do such mapping.
>> But for next release :-)
>>
>>>
>>> - Brett
>>>
>>> --
>>> Brett Porter
>>> brett@apache.org
>>> http://brettporter.wordpress.com/
>>> http://au.linkedin.com/in/brettporter
>>> http://twitter.com/brettporter
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>> --
>> Olivier Lamy
>> Talend: http://coders.talend.com
>> http://twitter.com/olamy | http://linkedin.com/in/olamy
>
>
>
> --
> Olivier Lamy
> Talend: http://coders.talend.com
> http://twitter.com/olamy | http://linkedin.com/in/olamy
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: Releasing 1.4-M4
Posted by Olivier Lamy <ol...@apache.org>.
So finally I will implement that for 1.4-M4 :-)
That sounds to be a nice feature to have.
The idea will be to add some configuration mapping between ldap group
and archiva/redback roles.
2012/12/21 Olivier Lamy <ol...@apache.org>:
> 2012/12/21 Brett Porter <br...@apache.org>:
>>
>> On 21/12/2012, at 7:39 PM, Olivier Lamy <ol...@apache.org> wrote:
>>
>>> Note something I'd like to add is to be able to use only ldap
>>> (including for roles).
>>> But probably not yet for this release, I have to think which ldap
>>> attributes to use for role mapping (and a couple of other things :-)
>>> ).
>>> Such feature makes sense ?
>>
>> I'm not sure you'll get the granularity of the resources/permissions that you want without overly-polluting LDAP or unless you limit it to the global roles.
>>
>> Probably the better way to approach it is to add support for groups (mapped onto LDAP) that can be assigned to roles (still stored in Archiva/Redback).
>
> Sounds good to do such mapping.
> But for next release :-)
>
>>
>> - Brett
>>
>> --
>> Brett Porter
>> brett@apache.org
>> http://brettporter.wordpress.com/
>> http://au.linkedin.com/in/brettporter
>> http://twitter.com/brettporter
>>
>>
>>
>>
>>
>
>
>
> --
> Olivier Lamy
> Talend: http://coders.talend.com
> http://twitter.com/olamy | http://linkedin.com/in/olamy
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: Releasing 1.4-M4
Posted by Olivier Lamy <ol...@apache.org>.
2012/12/21 Brett Porter <br...@apache.org>:
>
> On 21/12/2012, at 7:39 PM, Olivier Lamy <ol...@apache.org> wrote:
>
>> Note something I'd like to add is to be able to use only ldap
>> (including for roles).
>> But probably not yet for this release, I have to think which ldap
>> attributes to use for role mapping (and a couple of other things :-)
>> ).
>> Such feature makes sense ?
>
> I'm not sure you'll get the granularity of the resources/permissions that you want without overly-polluting LDAP or unless you limit it to the global roles.
>
> Probably the better way to approach it is to add support for groups (mapped onto LDAP) that can be assigned to roles (still stored in Archiva/Redback).
Sounds good to do such mapping.
But for next release :-)
>
> - Brett
>
> --
> Brett Porter
> brett@apache.org
> http://brettporter.wordpress.com/
> http://au.linkedin.com/in/brettporter
> http://twitter.com/brettporter
>
>
>
>
>
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: Releasing 1.4-M4
Posted by Brett Porter <br...@apache.org>.
On 21/12/2012, at 7:39 PM, Olivier Lamy <ol...@apache.org> wrote:
> Note something I'd like to add is to be able to use only ldap
> (including for roles).
> But probably not yet for this release, I have to think which ldap
> attributes to use for role mapping (and a couple of other things :-)
> ).
> Such feature makes sense ?
I'm not sure you'll get the granularity of the resources/permissions that you want without overly-polluting LDAP or unless you limit it to the global roles.
Probably the better way to approach it is to add support for groups (mapped onto LDAP) that can be assigned to roles (still stored in Archiva/Redback).
- Brett
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter
http://twitter.com/brettporter
Re: Releasing 1.4-M4
Posted by Olivier Lamy <ol...@apache.org>.
Note something I'd like to add is to be able to use only ldap
(including for roles).
But probably not yet for this release, I have to think which ldap
attributes to use for role mapping (and a couple of other things :-)
).
Such feature makes sense ?
2012/12/21 Olivier Lamy <ol...@apache.org>:
> 2012/12/21 Sascha Vogt <sa...@gmail.com>:
>> Hi,
>>
>> Am 21.12.2012 07:52, schrieb Brett Porter:
>>> [...]
>>>
>>> We should probably talk about what is needed to call it 1.4 final after that and narrow the scope to that.
>>>
>>> I'll look over the tickets you asked questions of me in over the next couple of days.
>>>
>>> [...]
>>
>> I would love that :) We're desparately waiting for the 1.4 to become
>> stable :D as it brings a lot of new features we'd like to use.
> Ah the version naming :-)
> Maybe this one can be last Mx and after that RC or final.
>>
>> I can also do more serious testing, if I know which parts are likely to
>> stay or are still being worked on.
> I will add some stuff on dynamic caching configuration (users and url
> failures) and that's it (or not I don't know yet :-) )
> To test builds are available here:
> https://builds.apache.org/view/A-F/view/Archiva/job/archiva-all-maven-3.x-jdk-1.6/
> (war and bin.zip)
>>
>> Anyway, thanks everyone for the effort being put into Archiva!
>
> Thanks to you for your early testing support !
>
>>
>> Greetings
>> -Sascha-
>
>
>
> --
> Olivier Lamy
> Talend: http://coders.talend.com
> http://twitter.com/olamy | http://linkedin.com/in/olamy
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: Releasing 1.4-M4
Posted by Olivier Lamy <ol...@apache.org>.
2012/12/21 Sascha Vogt <sa...@gmail.com>:
> Hi,
>
> Am 21.12.2012 07:52, schrieb Brett Porter:
>> [...]
>>
>> We should probably talk about what is needed to call it 1.4 final after that and narrow the scope to that.
>>
>> I'll look over the tickets you asked questions of me in over the next couple of days.
>>
>> [...]
>
> I would love that :) We're desparately waiting for the 1.4 to become
> stable :D as it brings a lot of new features we'd like to use.
Ah the version naming :-)
Maybe this one can be last Mx and after that RC or final.
>
> I can also do more serious testing, if I know which parts are likely to
> stay or are still being worked on.
I will add some stuff on dynamic caching configuration (users and url
failures) and that's it (or not I don't know yet :-) )
To test builds are available here:
https://builds.apache.org/view/A-F/view/Archiva/job/archiva-all-maven-3.x-jdk-1.6/
(war and bin.zip)
>
> Anyway, thanks everyone for the effort being put into Archiva!
Thanks to you for your early testing support !
>
> Greetings
> -Sascha-
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: Releasing 1.4-M4
Posted by Sascha Vogt <sa...@gmail.com>.
Hi,
Am 21.12.2012 07:52, schrieb Brett Porter:
> [...]
>
> We should probably talk about what is needed to call it 1.4 final after that and narrow the scope to that.
>
> I'll look over the tickets you asked questions of me in over the next couple of days.
>
> [...]
I would love that :) We're desparately waiting for the 1.4 to become
stable :D as it brings a lot of new features we'd like to use.
I can also do more serious testing, if I know which parts are likely to
stay or are still being worked on.
Anyway, thanks everyone for the effort being put into Archiva!
Greetings
-Sascha-
Re: Releasing 1.4-M4
Posted by Brett Porter <br...@apache.org>.
Sounds good. Appreciate the push!
We should probably talk about what is needed to call it 1.4 final after that and narrow the scope to that.
I'll look over the tickets you asked questions of me in over the next couple of days.
Cheers,
Brett
On 21/12/2012, at 12:57 AM, Olivier Lamy <ol...@apache.org> wrote:
> Hi,
> I'd like to release 1.4-M4.
> A bit late for xmas now :-).
> But early next year.
>
> Any issue ?
>
> Thanks,
> --
> Olivier Lamy
> Talend: http://coders.talend.com
> http://twitter.com/olamy | http://linkedin.com/in/olamy
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter
http://twitter.com/brettporter
Re: Releasing 1.4-M4
Posted by Olivier Lamy <ol...@apache.org>.
Great.
Note I have added by default cache support for users (now activation
configuration via the ui).
So a bit faster (previously it was off per default and need a manual
change with restart)
I will add dynamic configuration of ttl for users cache and urlCache
failure too (see http://jira.codehaus.org/browse/MRM-526)
2012/12/20 Eric Barboni <Er...@irit.fr>:
> Hi,
>
> Considering 39 issues fixed + snapshot version running stable would be +1
> for me :).
>
> Eric
>
> Season greetings
>
> -----Message d'origine-----
> De : Olivier Lamy [mailto:olamy@apache.org]
> Envoyé : jeudi 20 décembre 2012 14:57
> À : dev@archiva.apache.org
> Objet : Releasing 1.4-M4
>
> Hi,
> I'd like to release 1.4-M4.
> A bit late for xmas now :-).
> But early next year.
>
> Any issue ?
>
> Thanks,
> --
> Olivier Lamy
> Talend: http://coders.talend.com
> http://twitter.com/olamy | http://linkedin.com/in/olamy
>
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
RE: Releasing 1.4-M4
Posted by Eric Barboni <Er...@irit.fr>.
Hi,
Considering 39 issues fixed + snapshot version running stable would be +1
for me :).
Eric
Season greetings
-----Message d'origine-----
De : Olivier Lamy [mailto:olamy@apache.org]
Envoyé : jeudi 20 décembre 2012 14:57
À : dev@archiva.apache.org
Objet : Releasing 1.4-M4
Hi,
I'd like to release 1.4-M4.
A bit late for xmas now :-).
But early next year.
Any issue ?
Thanks,
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy