Available in Nexus Repository OSS and Nexus Repository Pro
The repository manager ships with two users by default: admin and anonymous. The admin user has all privileges and the anonymous user has read-only privileges. The initial password for the admin user can be found in an
admin.password file found in the
$data-dir directory after starting the server. The Users feature view displayed in Figure: “Feature View with List of Users” can be accessed via the Users item in the Security section of the Administration menu. The list shows the users User ID, First Name, Last Name and Email as well as what security Realm is selected and if the accounts Status is active or disabled. The Default security realm is the local NXRM realm.
Figure: Feature View with List of Users
Clicking on a user in the list or clicking on the Create user button displays the details view to edit or create the account shown in Figure: “Creating or Editing a User”. For external users, such as LDAP or Crowd, once you have your external realm setup you can edit their permissions here as well. Simply select the realm the user is on from the Source dropdown. Then type the user ID into the field to the right of that dropdown and search for it. Then click on the result desired to edit, same as a local user.
Figure: Creating or Editing a User
The ID can be defined upon initial creation and remains fixed thereafter. In addition you can specify the users First Name, Last Name and Email address. You also must enter and confirm a Password.
The Status allows you to set an account to be Disabled or Active. The Roles control allows you to add and remove defined roles to the user and therefore control the privileges assigned to the user. A user can be assigned one or more roles that in turn can include references to other roles or to individual privileges. For more information see Roles.
On edit, the More button in the header allows you to select the Change Password item in the drop down. The password can be changed in a dialog, provided the user is managed by the built-in security realm.
For remote users, you can only edit, not create. Fields defined by the remote, such as ID, will be uneditable.
Ensure to change the password of the admin user to avoid security issues. Alternatively create other users with administrative rights and disable the default admin user.