访问需要基本身份验证的Artifactory / Maven Repo

Question

I have an Artifactory repo that sits behind basic authentication. How would I configure the settings.xml to allow access?

<mirrors>
    <mirror>
        <id>artifactory</id>
        <mirrorOf>*</mirrorOf>
        <url>https://myserver.example.com/artifactory/repo</url>
        <name>Artifactory</name>
    </mirror>
</mirrors>
<servers>
    <!--
        This server configuration gives your personal username/password for
        artifactory. Note that the server id must match that given in the
        mirrors section.
    -->
    <server>
        <id>Artifactory</id>
        <username>someArtifactoryUser</username>
        <password>someArtifactoryPassword</password>
    </server>

So server tag is the user credentials for the artifactory user, but I also need to provide another user/password to get through the basic-auth. Where would I put that?!?

Answer 1

The username and password go in the server settings as you have them. I think your problem is that you've specified the server by its name ( A rtifactory), rather than its id ( a rtifactory).

I'd recommend you put the server settings in your user settings rather than the global settings. You can also encrypt the password in Maven 2.1.0+, see the mini guide for details.

Update: What version of Artifactory are you using? There is a discussion and corresponding issue that basic-auth fails. This has apparently been fixed in 2.0.7 and 2.1.0.

From the discussion, it seems that a workaround is to pass the properties via the command line, eg

-Dhttp.proxyHost=proxy -Dhttp.proxyPort=8080 -Dproxy.username=... -Dhttp.password=... 

Update: To let your Maven installation connect through a firewall, you'll need to configure the proxy section of the settings.xml, see this question for some pointers on doing that.

---

Update2: There are additional properties you can set in the server settings, see this blog for some background. I've not had an opportunity to test this, but from the blog and related http wagon javadoc , it appears you can set authenticationInfo on the server settings, something like this:

<server>  
  <id>Artifactory</id>
  <username>someArtifactoryUser</username>
  <password>someArtifactoryPassword</password>
  <configuration>  
    <authenticationInfo>
      <userName>auth-user</userName>
      <password>auth-pass</password>
    </authenticationInfo>
  </configuration>  
</server> 

Answer 2

I was able to use the following configuration to enable HTTP basic authentication - by writing the necessary HTTP headers manually. In my situation I used it to access the build artifacts on my Go server as a poor man's staging repository.

    <server>
        <id>go</id>
        <configuration>
            <httpHeaders>
                <property>
                    <name>Authorization</name>
                    <!-- Base64-encoded "guest:guest" -->
                    <value>Basic Z3Vlc3Q6Z3Vlc3Q=</value>
                </property>
            </httpHeaders>
        </configuration>
    </server>

Answer 3

Tip to solve the problem with the clear text password:

• Access and login into Artifactory.
• Once you are logged in, click over your user name, on the superior right corner of the screen.
• Put your password then clique in the em Unlockbutton, enabling the encrypted password.
• Copy the tag that will be showed on the inferior part of the screen and paste it into the settings.xml file. If you prefer to just copy the password, be sure about let it exactly equals the tag showed below, including the "\\" at the beginning of the password.
• Remember to adjust the tag with the id of your server, defined into the tag, in your POM.xml
• Click in Update button and ready! Check if everything will occur well at the next project's publication.