How do I setup a private, remotely accessible Maven repository?

The solution is to use a Maven Repository Manager, such as Nexus, Artifactory or Archivia.

You install the MRM on a server and configure it with the authentication details of the users you want to have access it.

You can see a publicly accessible Nexus instance at https://oss.sonatype.org and also at https://repository.apache.org So on that basis it is fairly safe to assume that the authentication in Nexus is reliable and secure.

Artifactory is available as an on-line hosted service, and we use it (the on-line hosted service) for our internal artifact hosting.

Archivia is maintained by some really good guys and I suspect they have that well locked down too.

If you want to get up and running fast and you don't want to have to manage a server, I would recommend using a hosting service such as Artifactory. I do not know if there is an online Nexus or Archivia hosting service.

Now for the disclosures:

  1. JFrog (creators of Artifactory) is a partner of my employers and we use the Artifactory hosting service
  2. Sonatype (creators of Nexus) is a partner of my employers
  3. I am a member of the Apache Software Foundation (creators of Archivia)

I do not recommend which MRM you use. But as a Maven committer and PMC member I strongly recommend using a MRM.


Amazon S3 is the best solution: http://www.stackoverflow.com/questions/850570/maven-s3-wagon-provider, because:

  1. No installation procedures
  2. Hosted by Amazon, highly available
  3. Fully supported by Maven through a few wagons (see the link above)

You may also find this article helpful: http://www.yegor256.com/2015/09/07/maven-repository-amazon-s3.html


Since posting this question I discovered JitPack, which makes it incredibly easy to create public (free) and private (cheap) repos directly from Github.


You can place username/passwords on different repos on your server with archiva or nexus. You can also manage who can deploy to those repos.

These can be added to your settings.xml file so you don't have to login every time.