CopyDisable

Saturday, 3 November 2012

Configuring Artifactory to use authentication

In my two previous posts I wrote about Installing Artifactory 2.3.3 with Tomcat and MySQL and Configuring Maven to use Artifactory. Continuing this series, in this post I will write about securing the Artifactory access, configuring LDAP settings and changing Maven configuration to access the Artifactory in authorized way.  

By default Artifactory allows Anonymous Access to the artifact repository. That means anybody can connect to this server and access the artifacts. To disable anonymous access login as admin and go to Admin tab and Security –> General. Here you will see a checkbox Allow Anonymous Access, which is ticked by default. Remove the check mark and save it. Now our artifact repository can only be accessed by authorized users.

image

Using the Maven configuration (that I showed in my previous post Configuring Maven to use Artifactory), I will try to compile a project.
Oooppsss…. error, Not authorized. I must authorized myself with the Artifactory server to access the repository.
image

I can create some local user in Artifactory and give access to the repository. But here I will write about configuring LDAP (Active Directory) authentication.

Login as admin user and go to Admin tab, Security –> LDAP Settings
image

Click on New button to add LDAP (in my case Active Directory) settings
image

Enter the details for the New LDAP Settings (you can take help of your system admin for the different fields in this form) and click on the Create button to save the new LDAP settings.
image

To test the settings, enter your username and password and click on Test Connection button.
image


Note: If you want to use your Active Directory username and you want to find out the DN for your active directory username, you can use the following command from your command prompt.
gpresult /r
image

Once our LDAP connection settings are configured, we are ready to connect to this Artifactory server using our Active Directory login.

Now coming back to Maven configurations, this time we have to add server definition in our Maven configuration file to authenticate against the Artifactory repositories.
Now if I am using mirror all repositories kind of settings in my settings.xml file
<?xml version="1.0" encoding="UTF-8"?>

<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://mav$
   <mirrors>
    <mirror>
      <id>local-artifactory</id>
      <name>My Artifactory</name>
      <url>
http://localhost:8081/artifactory/repo</url>
      <mirrorOf>*</mirrorOf>
    </mirror>
  </mirrors>

</settings>
Then in my settings.xml file I will add the server definition as shown below (in red)

<?xml version="1.0" encoding="UTF-8"?>

<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://mav$
  <servers>
    <server>
      <username>pranabtest</username>
      <password>P@ssw0rd</password>
      <id>local-artifactory</id>
    </server>
  </servers>


<mirrors>
    <mirror>
      <id>local-artifactory</id>
      <name>My Artifactory</name>
      <url>
http://localhost:8081/artifactory/repo</url>
      <mirrorOf>*</mirrorOf>
    </mirror>
  </mirrors>

</settings>

Note: the <id> of server element should match the <id> of the mirror element.

If my settings.xml file was configured as shown below (please see my previous post Configuring Maven to use Artifactory)

<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<profiles>
      <profile>

            <id>dev</id>
<repositories>
                  <repository>

                        <id>central</id>
                        <url>http://localhost:8081/artifactory/libs-release</url>
                        <snapshots>

                              <enabled>false</enabled>
                        </snapshots>
                  </repository>
                  <repository>
                        <id>snapshots</id>
                        <url>http://localhost:8081/artifactory/libs-snapshot</url>
                        <releases>

                              <enabled>false</enabled>
                        </releases>
                  </repository>
            </repositories>
            <pluginRepositories>
                  <pluginRepository>
                        <id>central</id>
                        <url>http://localhost:8081/artifactory/plugins-release</url>
                        <snapshots>

                              <enabled>false</enabled>
                        </snapshots>
                  </pluginRepository>
                  <pluginRepository>
                        <id>snapshots</id>
                        <url>http://localhost:8081/artifactory/plugins-snapshot</url>
                        <releases>

                              <enabled>false</enabled>
                        </releases>
                  </pluginRepository>
            </pluginRepositories>
      </profile>
</profiles>

<activeProfiles>
    <activeProfile>dev</activeProfile>

</activeProfiles>
</settings>
 
Then in my settings.xml file I will add the server elements as shown below (in red)
 
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
    <server>
      <username>pranabtest</username>
      <password>P@ssw0rd</password>
      <id>central</id>
    </server>
    <server>
      <username>pranabtest</username>
      <password>P@ssw0rd</password>
      <id>snapshots</id>
    </server>
  </servers>

<profiles>
      <profile>
            <id>dev</id>           
            <repositories>
                  <repository>
                        <id>central</id>
                        <url>
http://localhost:8081/artifactory/libs-release</url>
                        <snapshots>
                              <enabled>false</enabled>
                        </snapshots>
                  </repository>
                  <repository>
                        <id>snapshots</id>
                        <url>
http://localhost:8081/artifactory/libs-snapshot</url>
                        <releases>
                              <enabled>false</enabled>
                        </releases>
                  </repository>
            </repositories>
            <pluginRepositories>
                  <pluginRepository>
                        <id>central</id>
                        <url>
http://localhost:8081/artifactory/plugins-release</url>
                        <snapshots>
                              <enabled>false</enabled>
                        </snapshots>
                  </pluginRepository>
                  <pluginRepository>
                        <id>snapshots</id>
                        <url>
http://localhost:8081/artifactory/plugins-snapshot</url>
                        <releases>
                              <enabled>false</enabled>
                        </releases>
                  </pluginRepository>
            </pluginRepositories>
      </profile>
</profiles>
<activeProfiles>
    <activeProfile>dev</activeProfile>
</activeProfiles>

</settings>
 
Now we are ready to build our Maven projects by connecting to Artifactory using authentication.
 
Lets try to compile the project after adding the server elements in my settings.xml file
 
image
Hurray…..Thumbs up..…. Maven can access the Artifactory server using the authentication settings specified in the server definition Smile.

I am concluding this post here……adieu for today……Hot smile