Accessing an Artifactory/Maven Repo that requires basic-auth

maven-2 basic-authentication artifactory
33,133

Solution 1

The username and password go in the server settings as you have them. I think your problem is that you've specified the server by its name (Artifactory), rather than its id (artifactory).

I'd recommend you put the server settings in your user settings rather than the global settings. You can also encrypt the password in Maven 2.1.0+, see the mini guide for details.

Update: What version of Artifactory are you using? There is a discussion and corresponding issue that basic-auth fails. This has apparently been fixed in 2.0.7 and 2.1.0.

From the discussion, it seems that a workaround is to pass the properties via the command line, e.g.

-Dhttp.proxyHost=proxy -Dhttp.proxyPort=8080 -Dproxy.username=... -Dhttp.password=...

Update: To let your Maven installation connect through a firewall, you'll need to configure the proxy section of the settings.xml, see this question for some pointers on doing that.

Update2: There are additional properties you can set in the server settings, see this blog for some background. I've not had an opportunity to test this, but from the blog and related http wagon javadoc, it appears you can set authenticationInfo on the server settings, something like this:

<server>  
  <id>Artifactory</id>
  <username>someArtifactoryUser</username>
  <password>someArtifactoryPassword</password>
  <configuration>  
    <authenticationInfo>
      <userName>auth-user</userName>
      <password>auth-pass</password>
    </authenticationInfo>
  </configuration>  
</server>

Solution 2

I was able to use the following configuration to enable HTTP basic authentication - by writing the necessary HTTP headers manually. In my situation I used it to access the build artifacts on my Go server as a poor man's staging repository.

    <server>
        <id>go</id>
        <configuration>
            <httpHeaders>
                <property>
                    <name>Authorization</name>
                    <!-- Base64-encoded "guest:guest" -->
                    <value>Basic Z3Vlc3Q6Z3Vlc3Q=</value>
                </property>
            </httpHeaders>
        </configuration>
    </server>

Solution 3

Tip to solve the problem with the clear text password:

  • Access and login into Artifactory.
  • Once you are logged in, click over your user name, on the superior right corner of the screen.
  • Put your password then clique in the em Unlockbutton, enabling the encrypted password.
  • Copy the tag that will be showed on the inferior part of the screen and paste it into the settings.xml file. If you prefer to just copy the password, be sure about let it exactly equals the tag showed below, including the "\" at the beginning of the password.
  • Remember to adjust the tag with the id of your server, defined into the tag, in your POM.xml
  • Click in Update button and ready! Check if everything will occur well at the next project's publication.
Share:
33,133

Related videos on Youtube

harschware
Author by

harschware

I am a semantic web / Java developer. Previously I have been an Oracle DBA and Perl programmer.

Updated on May 07, 2021

Comments

  • harschware
    harschware about 3 years

    I have an Artifactory repo that sits behind basic authentication. How would I configure the settings.xml to allow access?

    <mirrors>
    <mirror>
        <id>artifactory</id>
        <mirrorOf>*</mirrorOf>
        <url>https://myserver.example.com/artifactory/repo</url>
        <name>Artifactory</name>
    </mirror>
</mirrors>
<servers>
    <!--
        This server configuration gives your personal username/password for
        artifactory. Note that the server id must match that given in the
        mirrors section.
    -->
    <server>
        <id>Artifactory</id>
        <username>someArtifactoryUser</username>
        <password>someArtifactoryPassword</password>
    </server>

    So server tag is the user credentials for the artifactory user, but I also need to provide another user/password to get through the basic-auth. Where would I put that?!?

  • harschware
    harschware almost 15 years
    Thanks for the Maven encryption tip... The name/id conflict isn't the issue though. The problem still remains that I have two sets of credentials to work with.
  • harschware
    harschware almost 15 years
    The proxy settings might apply to configuring my Maven to get through to the server. I tried putting them in place but am having no luck. The issues you cite above, seem to be about getting Artifactory to communicate through a firewall. In my case I am trying to get Maven to communicate to an Artifactory that sits behind basic-auth. I will continue trying proxy settings, and post any updates. Thanks.
  • Rich Seller
    Rich Seller almost 15 years
    Sorry I thought I had posted a link to the proxy mini guide already, looking at my answer again it seems not. If you configure your proxy settings in the settings.xml it allows Maven to get outside the firewall.
  • harschware
    harschware almost 15 years
    But, what does it mean to get through a firewall? (not to sound dense). In my case I have Maven on my local box, and Artifactory is on https on "myserver.example.com". Testing with my browser I can see JAR URLs at "myserver.example.com" but am challenged with basic-auth login. In reality there is a firewall, but I get passed it with VPN-client on the local box. I know this because I can fetch JARs manually with the browser.
  • harschware
    harschware almost 15 years
    That is helpful, thanks. It confirms I do not use a proxy server. Can Maven be made to authenticate the URL using basic-auth?
  • harschware
    harschware over 14 years
    I think your "Update2" is probably the solution to my problem. For the moment, I am hung up on some other technical issues that are preventing me from validating that. Once I get by those, I'll mark your answer as a valid one. ( In any case, thanks for all the awesome help )
  • harschware
    harschware over 14 years
    The technical issues I spoke of have been removed and I had a chance to test. As stated above the configuration did not work. The only other thing I could think to try so far was to wrap the password in a CDATA section. No luck there either.
  • Rich Seller
    Rich Seller over 14 years
    It should work. According to this issue (jira.codehaus.org/browse/WAGON-129) it was resolved a while back. I don't have a server to test against, but it is entirely possible my snippet has some typo that stops it working. Do you have a domain for your username when logging on? e.g. for me it is HBEU/<username>, that might also be an issue
  • harschware
    harschware over 14 years
    I don't need a domain. I can authenticate via basic-auth through my browser and so I know the proper username/password. I'll keep trying. I tried changing to: <wagonProvider>httpclient</wagonProvider> ...no effect. Also, the maven XSD is kind of weak. It does not specify what are valid tags within the <configuration> tag. So I'll have to scour the web some to see if I can find another example...
  • harschware
    harschware over 14 years
    I determined I had used the tag userName as username. That got Maven attempting to connect I think. Now it says "Authorization failed: Not authorized." Still working this one.
  • Rich Seller
    Rich Seller over 14 years
    sounds like progress. Did you see my previous comment about specifying the domain in the username?
  • harschware
    harschware over 14 years
    On a whim I changed password to passWord. if I do it says "Unable to apply wagon configuration". Good, so if I don't see that then I have the tags correct. When correct, I see "[WARNING] Unable to get resource 'XXX' from repository artifactory (YYY/artifactory/repo): Authorization failed: Access denied to: XXX". At this point I think it must be a Maven bug.
  • Rich Seller
    Rich Seller over 14 years
    It sounds like it might be a bug, you can raise a JIRA at the same location as the WAGON-129 issue above.
  • Davio
    Davio almost 8 years
    The regular way (username and password without configuration element) doesn't seem to work when the password is empty, this does!
  • Andrew T Finnell
    Andrew T Finnell almost 6 years
    I seem to be experiencing something similar. All the documents online seem to deal with a Proxy and ignore the idea that the Repository server ITSELF can be behind NTLM or Basic Auth which is not the same as a HTTP Proxy server.
  • Jesse Glick
    Jesse Glick over 2 years

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to configure settings.xml to pull from Artifactory private virtual repository?
Maven fails to get SNAPSHOT builds from repository
How do I find the latest version of an artifact from a maven repository
Use public maven repository with ivy
Should we use Nexus or Artifactory for a Maven Repo?
Multiple deployments in maven
On stack deploy, unable to pin image to digest: unauthorized: the client does not have permission for manifest
How to configure CORS and Basic Authorization in Spring Boot?
Basic authentication in REST-application
How to have npm dependencies from different registries in the package.json?