[MRM-1908] Logged on users can write any repository - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.2.0
Fix Version/s: 2.2.3
Component/s: Users/Security
Labels:
None

Description

Our sandbox Archiva 2.2.0 instance is connected with our corporate LDAP service. I created a repository with name common-internal. My LDAP user feketk1 doesn't have any permission on the common-internal repository. When I login through the web UI with my feketk1 user, I am able to upload artefacts to the common-internal repository.

For additional details please check attached screenshots.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

archiva1.jpg
04/Dec/15 12:35
60 kB
Krisztian Fekete
archiva2.jpg
04/Dec/15 12:35
98 kB
Krisztian Fekete
archiva3.jpg
04/Dec/15 12:35
78 kB
Krisztian Fekete
archiva4.jpg
04/Dec/15 12:35
52 kB
Krisztian Fekete
archiva5.jpg
04/Dec/15 12:35
91 kB
Krisztian Fekete
archiva6.jpg
04/Dec/15 12:35
76 kB
Krisztian Fekete
MRM-1908.patch
25/Mar/16 22:08
7 kB
Oliver E

Issue Links

links to

GitHub Pull Request #9

GitHub Pull Request #26

Activity

People

Assignee:: Olivier Lamy

Reporter:: Krisztian Fekete

Votes:: 4 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 04/Dec/15 12:34

Updated:: 05/May/17 11:01

Resolved:: 13/Sep/16 00:53