ansaurus

Question

Accessing an Artifactory/Maven Repo that requires basic-auth

Answer 1

+3 A:

The username and password go in the server settings as you have them. I think your problem is that you've specified the server by its name (Artifactory), rather than its id (artifactory).

I'd recommend you put the server settings in your user settings rather than the global settings. You can also encrypt the password in Maven 2.1.0+, see the mini guide for details.

Update: What version of Artifactory are you using? There is a discussion and corresponding issue that basic-auth fails. This has apparently been fixed in 2.0.7 and 2.1.0.

From the discussion, it seems that a workaround is to pass the properties via the command line, e.g.

-Dhttp.proxyHost=proxy -Dhttp.proxyPort=8080 -Dproxy.username=... -Dhttp.password=...

Update: To let your Maven installation connect through a firewall, you'll need to configure the proxy section of the settings.xml, see this question for some pointers on doing that.

Update2: There are additional properties you can set in the server settings, see this blog for some background. I've not had an opportunity to test this, but from the blog and related http wagon javadoc, it appears you can set authenticationInfo on the server settings, something like this:

<server>  
  <id>Artifactory</id>
  <username>someArtifactoryUser</username>
  <password>someArtifactoryPassword</password>
  <configuration>  
    <authenticationInfo>
      <userName>auth-user</userName>
      <password>auth-pass</password>
    </authenticationInfo>
  </configuration>  
</server>

Rich Seller 2009-08-15 06:49:05

Thanks for the Maven encryption tip... The name/id conflict isn't the issue though. The problem still remains that I have two sets of credentials to work with.

harschware 2009-08-15 17:13:53

The proxy settings might apply to configuring my Maven to get through to the server. I tried putting them in place but am having no luck. The issues you cite above, seem to be about getting Artifactory to communicate through a firewall. In my case I am trying to get Maven to communicate to an Artifactory that sits behind basic-auth.I will continue trying proxy settings, and post any updates.Thanks.

harschware 2009-08-17 15:23:52

I found this: http://maven.apache.org/guides/mini/guide-proxies.html

harschware 2009-08-17 15:27:11

Sorry I thought I had posted a link to the proxy mini guide already, looking at my answer again it seems not. If you configure your proxy settings in the settings.xml it allows Maven to get outside the firewall.

Rich Seller 2009-08-17 15:30:28

But, what does it mean to get through a firewall? (not to sound dense). In my case I have Maven on my local box, and Artifactory is on https on "myserver.example.com". Testing with my browser I can see JAR URLs at "myserver.example.com" but am challenged with basic-auth login. In reality there is a firewall, but I get passed it with VPN-client on the local box. I know this because I can fetch JARs manually with the browser.

harschware 2009-08-17 20:00:26

If you look in your browser, you'll see if you're using a proxy to connect to the net (on IE it's Tools->Internet Options...->Connections->LAN Settings->Proxy Server and on Firefox its Tools->Options->Advanced->Network-Settings...). If you are using a proxy you need to configure Maven's proxy settings with the same values for the proxy host and port, the username and password will be your domain user and password

Rich Seller 2009-08-17 20:07:17

That is helpful, thanks. It confirms I do not use a proxy server. Can Maven be made to authenticate the URL using basic-auth?

harschware 2009-08-17 21:03:45

I think your "Update2" is probably the solution to my problem. For the moment, I am hung up on some other technical issues that are preventing me from validating that. Once I get by those, I'll mark your answer as a valid one. ( In any case, thanks for all the awesome help )

harschware 2009-08-19 14:40:10

The technical issues I spoke of have been removed and I had a chance to test. As stated above the configuration did not work. The only other thing I could think to try so far was to wrap the password in a CDATA section. No luck there either.

harschware 2009-08-24 22:19:19

It should work. According to this issue (http://jira.codehaus.org/browse/WAGON-129) it was resolved a while back. I don't have a server to test against, but it is entirely possible my snippet has some typo that stops it working. Do you have a domain for your username when logging on? e.g. for me it is HBEU/<username>, that might also be an issue

Rich Seller 2009-08-24 22:26:58

I don't need a domain. I can authenticate via basic-auth through my browser and so I know the proper username/password. I'll keep trying. I tried changing to:<wagonProvider>httpclient</wagonProvider>...no effect. Also, the maven XSD is kind of weak. It does not specify what are valid tags within the <configuration> tag. So I'll have to scour the web some to see if I can find another example...

harschware 2009-08-24 22:53:33

It says "Unable to apply wagon configuration." but I don't yet know why...

harschware 2009-08-24 23:09:20

I determined I had used the tag userName as username. That got Maven attempting to connect I think. Now it says "Authorization failed: Not authorized." Still working this one.

harschware 2009-08-25 14:43:52

sounds like progress. Did you see my previous comment about specifying the domain in the username?

Rich Seller 2009-08-25 14:51:51

yes, no luck there either. :-(

harschware 2009-08-25 15:13:53

On a whim I changed password to passWord. if I do it says "Unable to apply wagon configuration". Good, so if I don't see that then I have the tags correct. When correct, I see "[WARNING] Unable to get resource 'XXX' from repository artifactory (YYY/artifactory/repo): Authorization failed: Access denied to: XXX". At this point I think it must be a Maven bug.

harschware 2009-08-25 15:18:52

It sounds like it might be a bug, you can raise a JIRA at the same location as the WAGON-129 issue above.

Rich Seller 2009-08-25 15:36:07

ansaurus

tags:

views:

answers:

Accessing an Artifactory/Maven Repo that requires basic-auth

related questions