User access - don't allow external download

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

User access - don't allow external download

Phil Cryer
We are migrating to a new Aritfactory Pro server, we were using the OSS
version on our previous configuration. One of the main requirements for
that setup was to limit devs, so that they could only use approved open
source maven artifacts. Because of this we have one Artifactory server
that can download things from maven central, that then syncs to an
internal Artifactory server that the devs can hit. This way they cannot
install any other artifacts or versions that haven't been specifically
approved and downloaded by an admin on the other node. I assume there
has to be a way to handle access control so that we could do both on the
same box - devs can download artifacts that are on the server, but can't
initiate Artifactory to go out and download things that aren't there.
They say this isn't possible, I'm hoping this was a limitation of the
OSS versoin - so I'm trying to help improve the setup as we move to Pro.
Thanks

--
http://philcryer.com / 04A1 69CC A79F 7188

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Artifactory-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/artifactory-users
Reply | Threaded
Open this post in threaded view
|

Re: User access - don't allow external download

HughG_TMVSE
Hi Phil,

I'm surprised that they say it's not possible on a single box.  I can think of one way to achieve what you want: just give most developers Read access to the remote repo, but not Deploy access.  Then have separate users/groups which have both Read and Deploy access, for pulling in new things.  I just tested this on 3.3.0 and it works for me.

Regards,

Hugh Greene, Senior Software Developer
Toshiba Medical Visualization Systems Europe, Ltd
Bonnington Bond, 2 Anderson Place, Edinburgh EH6 5NP, UK
Tel + 44 (0)131 472 4792 / Fax + 44 (0) 131 472 4799
http://www.tmvse.com / mailto:[hidden email]

DISCLAIMER
Unless indicated otherwise, the information contained in this message is privileged and confidential, and is intended only for the use of the addressee(s) named above and others who have been specifically authorized to receive it. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this message and/or attachments is strictly prohibited. The company accepts no liability for any damage caused by any virus transmitted by this email. Furthermore, the company does not warrant a proper and complete transmission of this information, nor does it accept liability for any delays. If you have received this message in error, please contact the sender and delete the message.

-----Original Message-----
From: Phil Cryer [mailto:[hidden email]]
Sent: 16 February 2016 16:14
To: [hidden email]
Subject: [Artifactory-users] User access - don't allow external download

We are migrating to a new Aritfactory Pro server, we were using the OSS version on our previous configuration. One of the main requirements for that setup was to limit devs, so that they could only use approved open source maven artifacts. Because of this we have one Artifactory server that can download things from maven central, that then syncs to an internal Artifactory server that the devs can hit. This way they cannot install any other artifacts or versions that haven't been specifically approved and downloaded by an admin on the other node. I assume there has to be a way to handle access control so that we could do both on the same box - devs can download artifacts that are on the server, but can't initiate Artifactory to go out and download things that aren't there.
They say this isn't possible, I'm hoping this was a limitation of the OSS versoin - so I'm trying to help improve the setup as we move to Pro.
Thanks

--
http://philcryer.com / 04A1 69CC A79F 7188

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Artifactory-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/artifactory-users

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com ______________________________________________________________________

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Artifactory-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/artifactory-users