Maven http.authentication.preemptive against Artifactory

Question

I am having enormous difficulty downloading "protected" artifacts from my Artifactory server. Can anyone confirm that the (maven) settings.xml excerpt below is sufficient to cause GET requests to carry authentication info preemptively?

Maven 3.3.9. Artifactory 4.4.2.

<servers>
<server>
  <id>myServerId</id>
  <username>myUserId</username> 
  <password>myPlainTextPassword</password>
  <configuration>
     <httpConfiguration>
        <all>
           <params>
              <property>
                 <name>http.authentication.preemptive</name>
                 <value>%b,true</value>
              </property>
           </params>
        </all>
     </httpConfiguration>
  </configuration>
</server>
</servers>

Thanks,
Robin

Maven output:

C:\>mvn -U clean package
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building fc 1.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
Downloading: http://repo.myserver.co.uk/artifactory/libs-release/com/group/artifact/126/artifact-126.pom
Downloading: http://www.license4j.com/maven/com/group/artifact/126/artifact-126.pom
Downloading: http://repo.myserver.co.uk/artifactory/private-local/com/group/artifact/126/artifact-126.pom
Downloading: https://repo.maven.apache.org/maven2/com/group/artifact/126/artifact-126.pom
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 3.906 s
[INFO] Finished at: 2016-01-31T19:41:52+02:00
[INFO] Final Memory: 8M/245M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal on project fc: Could not resolve dependencies for project uk.co.myserver:fc:jar:1.0-SNAPSHOT: Failed to collect dependencies at com.group:artifact:jar:126: Failed to read artifact descriptor for com.group:artifact:jar:126: Could not transfer artifact com.group:artifact:pom:126 from/to releases (http://repo.myserver.co.uk/artifactory/libs-release): Access denied to: http://repo.myserver.co.uk/artifactory/libs-release/com/group/artifact/126/artifact-126.pom , ReasonPhrase:Forbidden. -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException

Artifactory Access Log:

2016-02-01 11:14:33,562 [DENIED DOWNLOAD] libs-release:com/group/artifact/126/artifact-126.pom for anonymous/193.66.174.253.
2016-02-01 11:14:33,564 [DENIED DOWNLOAD] private-release-local:com/group/artifact/126/artifact-126.pom for anonymous/193.66.174.253.
2016-02-01 11:14:34,436 [ACCEPTED DELETE] libs-release:com/group/artifact/126/artifact-126.pom for anonymous/193.66.174.253.
2016-02-01 11:14:35,010 [DENIED DOWNLOAD] private-local:com/group/artifact/126/artifact-126.pom for anonymous/193.66.174.253.
2016-02-01 11:14:35,011 [DENIED DOWNLOAD] private-release-local:com/group/artifact/126/artifact-126.pom for anonymous/193.66.174.253.
2016-02-01 11:14:35,012 [ACCEPTED DELETE] private-local:com/group/artifact/126/artifact-126.pom for anonymous/193.66.174.253.

All of the below exist identically in pom.xml and in settings.xml and, since they all reference the same Artifactory server, they share identical username/password/http.authentication.preemptive parameters :

<id>releases</id>
<id>snapshots</id>
<id>private-local</id>
<id>plugin-releases</id>
<id>plugin-snapshots</id>
<id>deploy-releases</id>
<id>deploy-snapshots</id>

Only the below is not mentioned in settings.xml, as access should be anonymous and it is a separate repository instance on someone else's server:

<id>license4j-runtime-library</id>

Here is the corresponding output from the request log:

20160202060102|58|REQUEST|193.66.174.253|admin|GET|/ui/systemlogs/logData|HTTP/1.1|200|0
20160202060102|1099|REQUEST|199.19.249.196|anonymous|GET|/libs-release/com/group/artifact/126/artifact-126.pom|HTTP/1.1|401|0
20160202060102|706|REQUEST|199.91.135.165|anonymous|GET|/libs-release/com/group/artifact/126/artifact-126.pom|HTTP/1.1|401|0
20160202060102|5|REQUEST|193.66.174.253|anonymous|GET|/libs-release/com/group/artifact/126/artifact-126.pom|HTTP/1.1|401|0
20160202060103|3|REQUEST|199.19.249.196|anonymous|GET|/private-local/com/group/artifact/126/artifact-126.pom|HTTP/1.1|401|0
20160202060103|3|REQUEST|193.66.174.253|anonymous|GET|/private-local/com/group/artifact/126/artifact-126.pom|HTTP/1.1|401|0
20160202060113|60|REQUEST|193.66.174.253|admin|GET|/ui/systemlogs/logData|HTTP/1.1|200|0

Note that there are two requests to private-local, both of which occur as "anonymous". With preemptive authentication I would have expected all of these to have been as "myUserId".

Answer 1

When going behind a proxy the httpConfiguration for the server must be:

<server>
    <id>**********</id>
    <username>**********</username>
    <password>**********</password>
    <configuration>
        <httpConfiguration>
          <all>
            <usePreemptive>true</usePreemptive>
          </all>
        </httpConfiguration>
    </configuration>
</server>

Answer 2

What are the permissions that you have for your anonymous user on Artifactory?

On Artifactory --> Admin --> Security --> General --> Is the checkbox for "Hide existence of unauthorised resources" is checked?

Other than that can you also paste the relevant part from the request.log?