CODEWITHSUNDEEP
mavengrailsgroovyartifactory
whitenexx
whitenexx

Reputation: 1360

How to configure grails 2.4.0 to resolve artifacts from JFrog Artifactory with authentication?

It's a problem which every few months occurs. I do some grails upgrades and the app can't resolve my artifacts from my secured artifactory repository. This time i did an upgrade to grails 2.4.0 and yet again the problem exists. I configured my repository as described in the grails documentation (which seems very outdated) but grails can't resolve my dependencies from our repo. It doesn't authenticate correctly.

So my final questions which many people already have asked:

How to configure grails (current 2.4.0) with maven as dependency-resolver to work with a private maven respository (artifactory) with authentication correctly? What do i have to write to my BuildConfig to get it working?

This doesn't work:

if (Environment.current == Environment.PRODUCTION) {

    if (grails.project.dependency.resolver == "maven") {
        mavenRepo "http://repo.myRepoHost.com/plugins-release-local/", {
            auth([
                username: "reader",
                password: "readerPw"
            ])
        }
    }

}

Upvotes: 2

Views: 1438

Answers (2)

whitenexx
whitenexx

Reputation: 1360

I could solve this problem and found out why i always had problems with artifactory repositories which require authentication.

There is a http header status problem with artifactory. If you've made your whole artifactory private with the Admin-> Security-> General-> Allow Anonymous Access checkbox (unchecked) everything works because artifactory responds with a http status code "401 Authorization Required" and grails does another request with your configured authorization credentials which works fine. unchecked checkbox

If you've checked the checkbox (because you have both private and public repositories like me) you get intro trouble because artifactory doesn't respond with a 401 status code anymore. Instead it responds with "404 Not Found" even if artifact is in repository and only anonymous doesn't have access to it. In access.log you can find "DOWNLOAD DENIED" in this case and grails doesn't make a second request with the configured credentials because of the 404 status code. checked checkbox

So you've to create seperate artifactory instances for your public and private repositories or we have to implement a new configuration option for grails to support an "always authenticate" feature on chosen repositories. I'll suggest this to the grails development team via grails bugtracker and i will also look for the artifactory developers to build a workaround option for this.

Upvotes: 1

Dror Bereznitsky
Dror Bereznitsky

Reputation: 20376

The following setup is working for me with Artifactory

grails.project.dependency.resolver = "maven"
grails.project.ivy.authentication = {
    repositories {
        mavenRepo('http://localhost:8081/artifactory/grails-remote') {
             auth([
                realm: "Artifactory Realm",
                username: 'user',
                password: 'pass'
            ])
        }
    }
}

grails.project.dependency.resolution = {
    ...
    repositories {
        inherits true
    }
    ...
}

Notice that the repository is not defined in the grails.project.dependency.resolution section.
In addition you have to make sure the "reader" user has the required permissions for the "plugins-release-local" repository.
A good way to test the repository setup is checking the Artifactory request/access log and monitoring for requests performed by Grails.

Upvotes: 1

Related Questions