Grant privileges based on IP

Hi all,

I’d like to manage access to Sonatype Nexus 3 in this way:

  • If a client connects from a list of whitelisted IPs (ie, our LAN), it can download artifacts from a given maven repository (and other functionality, like browsing/listing), without having to login

  • Outside of the established IPs, the client wanting to access the same repo needs to authenticate with an account having the proper privileges.

  • The same server has other repositories (eg, public) which are accessible in read-only mode by any client, without authentication (ie, as anonymous).

I can’t understand if this is somehow possible. Thanks in advance for any help.

This isn’t something that Nexus supports, it may be possible to implement using a reverse proxy such as nginx or Apache httpd.