Repository Manager 3.x Security Reference


More information in our book.

Internally, Nexus 3 uses wildcard privileges. These are a colon separated list of segments, where each segment can be one of:

- a single string value
- a comma separated list of string values
- an asterisk *

All of our privileges are wildcard privileges, we just have different components used for the different segments. Here is a listing of the different types of wildcard privileges we use in Nexus 3.

Application - nexus:{name}:{actions}, i.e. nexus:blobstores:create,read (Note used CRUD action names)

Repository Admin - nexus:repository-admin:{format}:{repository}:{actions}, i.e. nexus:repository-admin:maven2:central:browse,read (Note used BREAD action names)

Repository View - nexus:repository-view:{format}:{repository}:{actions}, i.e. nexus-repository-view:maven2:central:browse,read (Note used BREAD action names)

Script - nexus:script:{name}:{actions}, i.e. nexus:script:*:read (Note used BREAD action names)

Content Selector - nexus:repository-content-selector:{selector}:{format}:{repository}:{actions}, i.e. nexus:repository-content-selector:*:maven2:*:read (Note BREAD action names)

Wildcard - This allows you to build a permission in any fashion you like, we create a single wildcard perm by default, nexus:* (our 'nx-all' perm that gives access to everything)

We use Apache Shiro and this page explains how the wildcard matching works.

Have more questions? Submit a request


Article is closed for comments.