You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@archiva.apache.org by "Olivier Lamy (JIRA)" <ji...@codehaus.org> on 2014/03/02 23:56:00 UTC

[jira] (MRM-1181) HTTP 401 - Unauthorized is Returned when Accessing Artifact from Repository Group if the User Doesn't Have Access to All Repositories in the Group

    [ https://jira.codehaus.org/browse/MRM-1181?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=342295#comment-342295 ] 

Olivier Lamy commented on MRM-1181:
-----------------------------------

to check but should be fixed.

> HTTP 401 - Unauthorized is Returned when Accessing Artifact from Repository Group if the User Doesn't Have Access to All Repositories in the Group
> --------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: MRM-1181
>                 URL: https://jira.codehaus.org/browse/MRM-1181
>             Project: Archiva
>          Issue Type: Bug
>          Components: Users/Security
>    Affects Versions: 1.2
>         Environment: Archiva 1.2; Tomcat 6.0.16; JRE 1.6.0_06-b02
>            Reporter: Scott Seiter
>            Priority: Minor
>              Labels: TOCHECK
>             Fix For: 2.0.1
>
>
> When trying to access an artifact via a repository group, Archiva returns 'HTTP 401 - Unauthorized' when the artifact  can't be found in the set of repositories the user has access to and there is at least 1 repository in the repository group the user doesn't have permission to access.
> In this case it may be more logical to return an HTTP 404 instead of an HTTP 401.
> On the client machine, Maven responds to the 401 with (where the repository group name is group-repo-name): 
> [WARNING] repository metadata for: 'artifact org.apache.maven.plugins:maven-checkstyle-plugin' could not be retrieved from repository: group-repo-name due to an error: Error transferring file
> [INFO] Repository 'group-repo-name' will be blacklisted
> By the way, the artifact being requested is http://maven.co.myorganization.org/archiva/repository/group-repo-name/org/apache/maven/plugins/maven-checkstyle-plugin/2.2/maven-checkstyle-plugin-2.2.pom.
> Another note, the wire trace shows that the client requests the resource 20 times and receives 20 HTTP 401 messages from the server in response.



--
This message was sent by Atlassian JIRA
(v6.1.6#6162)