Managing Roles

Hi folks,

I've spent the last couple of days on IRC, idly dumping my results making slow
progress with LDAP authentication and finally getting stuck with Roles Management.

What it boils down to is that I now have imported all my users from AD(AM), but
the default role (or so I assume) "Registered User", doesn't have *any* privileges.

Now I would very much like to change that. I've figured there's only two ways to
do that: Either change the default role to, say "(Global) Repository Manager", or
change "Registered User's" default permits to something more reasonable.

I've not been able to do any of the both, or even find remote references on how
to go about this from within Archiva.

What I did find was: http://redback.codehaus.org/rbac/role-management.html ,
which led me to believe that this might be configurable. There is however not a
single trace of any of the configuration files, or their directories for that
matter in the archiva.war .

(Well, I did find META-INF/redback/redback-core.xml, but it's in a .jar ...)

So I'm stuck, I guess.
Anyone got an idea how to get unstuck again?

So long,
Igor

2009/7/16 Igor Galić <i.galic@...>:

> (Well, I did find META-INF/redback/redback-core.xml, but it's in a .jar ...)
>
> So I'm stuck, I guess.
> Anyone got an idea how to get unstuck again?

If that's the file you want to modify, extract it from the jar and put
it in WEB-INF/classes/META-INF/redback/redback-core.xml .  Unless the
spec has changed, Servlet containers are required to load things in
WEB-INF/classes before WEB-INF/lib, so you should see your changes
reflected when you re-start the app.

Someone more familiar with Redback will have to comment on what
changes to make, assuming that's the right place and it's possible to
do what you want.

--
Wendy

It looks like a plan. But only it appears it won't affect Archiva.
The above config file does not contain anything specific to the
application only the general Redback defaults.
 
Igor

Hi Igor,

Try redback.xml in archiva-security jar, the Archiva-specific
roles/permissions config should be there :)

Thanks,
Deng

2009/7/20 Igor Galić <i.galic@...>

> Hi Igor,

Hi Deng,

> Try redback.xml in archiva-security jar, the Archiva-specific
> roles/permissions config should be there :)

Thanks for the tip. This does indeed include Archiva's redback config,
but I'm back to zero, as it doesn't define a default.
Only now have I actually found out that a registered user is *not* the
*default*, and that my users don't have *any* role -- with exception
for the admins and the guest user.

How do I change this ``default'' to a saner one?

> Thanks,
> Deng

Thank you all for your patience.

Bye,
Igor