I have setup a local nexus server with a hosted repo dev-repo
http://localhost:8081/nexus/content/repositories/dev-repo/
In gradle I can download the artifacts hosted like this:
repositories {
maven {
url "http://localhost:8081/nexus/content/repositories/dev-repo/"
credentials {
username "admin"
password "admin"
}
}
}
When I am not logged in, I am able to access the above repository in the browser.
Why is that?
Isn't it secured by Nexus admin account by default?
By default, Nexus Repository Manager has anonymous access to its components on. From your URL, I am guessing you are using NXRM2. This is not well documented in NXRM2, but is hinted at here: https://help.sonatype.com/display/NXRM2/Introduction+to+the+User+Interface
You can adjust this in NXRM2 by logging in as admin (or anyone with security permissions) and accessing Administration - Server and the "Anonymous Access" section.
This is discussed here in NXRM3 documentation, FYI or in case I misanalyzed what version you're on (but the concept is the same).