You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@archiva.apache.org by Murphy McMahon <pa...@gmail.com> on 2014/08/02 02:40:13 UTC

Debugging Authorization Issues (401/403)

Hi, I'm new to Archiva and am trying to use it from Clojure's popular
mvn-compatible leiningen build tool to store my project's artifacts.

Unfortunately I am having an issue with deploying, despite double and
triple checking my credentials, making sure that the user is
associated with the proper roles, etc, my artifact uploads (pom, jar,
asc, etc) are all met with 401 Unauthorized. Even trying to deploy
using the admin user's credentials fails in this manner.

Additionally, I am even unable to, once logged into the web interface
as the deploying user, change the deploying user's password through
the "EDIT DETAILS" dialog (I receive the message "[you can update only
your profile]" within the dialog box and the ajax POST request to
'updateMe' 403s).

My question is, how can I go about debugging these authorization
issues? Links to documentation, or, preferably, specific files to
inspect, would be greatly appreciated.

Most grateful in advance,
Murph

Re: Debugging Authorization Issues (401/403)

Posted by Deng Ching-Mallete <oc...@apache.org>.

Hi,

You can check the archiva-audit.log and archiva-security-audit.log files
for additional info on your deployments. If you're using 2.1.0, you might
need to change immediateFlush="true" in log4j2.xml config. Please also see
[1] for additional details.

In case you haven't checked this yet, you might also want to verify if the
user account is not locked and has been validated.

Thanks,
Deng

[1] http://archiva.apache.org/docs/2.1.0/adminguide/logging.html



On Sat, Aug 2, 2014 at 8:40 AM, Murphy McMahon <pa...@gmail.com> wrote:

> Hi, I'm new to Archiva and am trying to use it from Clojure's popular
> mvn-compatible leiningen build tool to store my project's artifacts.
>
> Unfortunately I am having an issue with deploying, despite double and
> triple checking my credentials, making sure that the user is
> associated with the proper roles, etc, my artifact uploads (pom, jar,
> asc, etc) are all met with 401 Unauthorized. Even trying to deploy
> using the admin user's credentials fails in this manner.
>
> Additionally, I am even unable to, once logged into the web interface
> as the deploying user, change the deploying user's password through
> the "EDIT DETAILS" dialog (I receive the message "[you can update only
> your profile]" within the dialog box and the ajax POST request to
> 'updateMe' 403s).
>
> My question is, how can I go about debugging these authorization
> issues? Links to documentation, or, preferably, specific files to
> inspect, would be greatly appreciated.
>
> Most grateful in advance,
> Murph
>



-- 
Maria Odea "Deng" Ching-Mallete | oching@apache.org |
http://www.linkedin.com/in/oching