在 Nexus 服务器上设置经过身份验证的 Maven 仓库
Setting up an-authenticated maven repo on Nexus server
我有一个 Nexus OSS 服务器,我们用它来为我们的 java 罐子提供服务。
我们已经为我们的项目创建了一个 repo,它要求客户通过用户名和密码来下载 Maven 依赖项。
现在,我们还需要一个存储库,用户应该能够从中下载工件而无需传递任何凭据。
是否可以在单个 Nexus OSS 服务器上托管两个存储库,一个由基本身份验证支持,另一个允许匿名访问?
我报告的解决方案在 https://support.sonatype.com/hc/en-us/articles/360050779593-How-to-grant-anonymous-access-to-a-specific-repository- 中有解释:
To restrict anonymous access to a single repository you can create your own anonymous role with targeted permissions and assign it to the anonymous user.
1. Create a new role with the permissions you would like to grant to the anonymous user.
For example, the following allows read and browse privileges to a maven2 repository:
nx-repository-view-maven2-<repo-id>-read
nx-repository-view-maven2-<repo-id>-browse
The read privilege allows downloads, and the browse privilege allows a user to see the repository's contents in the UI.
You may also want to add the "nx-search-read" privilege to allow searching.
2. Then in Security > Users remove the default nx-anonymous role from the anonymous user, and replace it with the new role.
3. Make sure anonymous access is enabled in Security > Realms. Verify that the "local authenticating realm" and "local authorizing realm" are in the active realm list.
4. Make sure anonymous access is enabled. In Security > Anonymous make sure the check box to Allow anonymous access to the server is checked. Also make sure the realm of the anonymous user is "local authorizing realm".
Additional documentation regarding anonymous access is provided here:
https://help.sonatype.com/repomanager3/system-configuration/user-authentication/anonymous-access
我有一个 Nexus OSS 服务器,我们用它来为我们的 java 罐子提供服务。
我们已经为我们的项目创建了一个 repo,它要求客户通过用户名和密码来下载 Maven 依赖项。
现在,我们还需要一个存储库,用户应该能够从中下载工件而无需传递任何凭据。
是否可以在单个 Nexus OSS 服务器上托管两个存储库,一个由基本身份验证支持,另一个允许匿名访问?
我报告的解决方案在 https://support.sonatype.com/hc/en-us/articles/360050779593-How-to-grant-anonymous-access-to-a-specific-repository- 中有解释:
To restrict anonymous access to a single repository you can create your own anonymous role with targeted permissions and assign it to the anonymous user.
1. Create a new role with the permissions you would like to grant to the anonymous user.
For example, the following allows read and browse privileges to a maven2 repository:
nx-repository-view-maven2-<repo-id>-read
nx-repository-view-maven2-<repo-id>-browse
The read privilege allows downloads, and the browse privilege allows a user to see the repository's contents in the UI.
You may also want to add the "nx-search-read" privilege to allow searching.
2. Then in Security > Users remove the default nx-anonymous role from the anonymous user, and replace it with the new role.
3. Make sure anonymous access is enabled in Security > Realms. Verify that the "local authenticating realm" and "local authorizing realm" are in the active realm list.
4. Make sure anonymous access is enabled. In Security > Anonymous make sure the check box to Allow anonymous access to the server is checked. Also make sure the realm of the anonymous user is "local authorizing realm".
Additional documentation regarding anonymous access is provided here:
https://help.sonatype.com/repomanager3/system-configuration/user-authentication/anonymous-access