如何配置grails 2.4.0以通过身份验证解决来自JFrog Artifactory的工件? [英] How to configure grails 2.4.0 to resolve artifacts from JFrog Artifactory with authentication?

问题描述

这个问题每隔几个月就会发生一次. 我进行了一些grails升级，该应用程序无法从我的安全工件存储库中解析出我的工件.这次我做了升级到grails 2.4.0，但是问题再次存在. 我按照grails文档中的说明配置了存储库(这似乎已经过时了)，但是grails无法从存储库中解析我的依赖项.无法正确验证身份.

It's a problem which every few months occurs. I do some grails upgrades and the app can't resolve my artifacts from my secured artifactory repository. This time i did an upgrade to grails 2.4.0 and yet again the problem exists. I configured my repository as described in the grails documentation (which seems very outdated) but grails can't resolve my dependencies from our repo. It doesn't authenticate correctly.

因此，我已经被很多人问到的最后一个问题:

So my final questions which many people already have asked:

如何将Grails(当前版本2.4.0)与Maven配置为依赖关系解析器，以正确地与具有 身份验证的私有Maven存储库(人工工厂)一起使用?要使它正常工作，我必须写些什么?

How to configure grails (current 2.4.0) with maven as dependency-resolver to work with a private maven respository (artifactory) with authentication correctly? What do i have to write to my BuildConfig to get it working?

这不起作用:

if (Environment.current == Environment.PRODUCTION) {

    if (grails.project.dependency.resolver == "maven") {
        mavenRepo "http://repo.myRepoHost.com/plugins-release-local/", {
            auth([
                username: "reader",
                password: "readerPw"
            ])
        }
    }

}

推荐答案

我可以解决此问题，并找出为什么我的人工仓库总是存在问题，需要身份验证.

I could solve this problem and found out why i always had problems with artifactory repositories which require authentication.

存在带有人工制品的http标头状态问题. 如果您通过Admin-> Security-> General-> Allow Anonymous Access复选框(未选中)将整个人工产品设为私有，那么一切正常，因为人工产品会以http状态码"401 Authorization Required"进行响应，并且grails会对您配置的内容进行另一个请求授权凭证，可以正常工作.

There is a http header status problem with artifactory. If you've made your whole artifactory private with the Admin-> Security-> General-> Allow Anonymous Access checkbox (unchecked) everything works because artifactory responds with a http status code "401 Authorization Required" and grails does another request with your configured authorization credentials which works fine.

如果您选中了该复选框(因为您拥有像我这样的私有存储库和公共存储库)，则会遇到介绍性的麻烦，因为人工制品不再以401状态代码响应.而是使用"404 Not Found"(即使找不到)响应 工件在存储库中，只有匿名者无法访问它.在这种情况下，在access.log中可以找到"DOWNLOAD DENIED"，并且由于404状态代码，grails不会使用已配置的凭据再次发出请求.

If you've checked the checkbox (because you have both private and public repositories like me) you get intro trouble because artifactory doesn't respond with a 401 status code anymore. Instead it responds with "404 Not Found" even if artifact is in repository and only anonymous doesn't have access to it. In access.log you can find "DOWNLOAD DENIED" in this case and grails doesn't make a second request with the configured credentials because of the 404 status code.

因此，您必须为公共存储库和私有存储库创建单独的工件实例，或者我们必须为grails实现新的配置选项，以支持所选存储库上的始终进行身份验证"功能.我会通过grails bugtracker向grails开发团队提出建议，并且我还将寻找人工开发人员为此构建解决方法.

So you've to create seperate artifactory instances for your public and private repositories or we have to implement a new configuration option for grails to support an "always authenticate" feature on chosen repositories. I'll suggest this to the grails development team via grails bugtracker and i will also look for the artifactory developers to build a workaround option for this.

这篇关于如何配置grails 2.4.0以通过身份验证解决来自JFrog Artifactory的工件?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！