Hi!
There is only one privilege “RSS Feeds - (read)” that grants access to all feeds. The problem is there are three feeds that contains info that shouldn’t be accessible to everyone:
- Authentication and Authorization Events
- Errors and Warnings from Nexus log
- System changes in Nexus
The three feeds logs events about all repositories/IPs/users (including admin)/nexus errors … and that info is accessible to everyone that has the “RSS Feeds - (read)” privilege. That info isn’t of interest at all to developers and should only be accessible by system administrators. On a large organization it can be a security problem.
I haven’t found any info to configure “nexus-timeline-plugin” or if it’s possible to configure it.
Anybody knows something about that?