Nexus 3 OSS - preventing unauthenticated access to maven2 artifacts

Hi there,

I’ve already disabled anonymous access to the server and disabled the anonymous user, however, when I try to open the URL to an artifact in a maven2 repository directly I will still get the download:

https://nexus/repository/myrepo/baz/bar/foo/1.0.0/foo-1.0.0.jar

Is there a way to completely disable unauthenticated access?

I believe you’ll need to setup a Repository View permission and assign it to any roles that you want to be able to access the repository. Once you do that public access should no longer be allowed. You can find the security documentation here for more details.