Hi Shay,
thanks a lot for your reply that was really helpful to understand the reason
why allowing anonymous access prevents authenticated access via REST API.
At the moment we do not really need anonymous authentication so I think we will
leave it switched off. But if I'll find time I'll give the preemptive
authentication a try.
Best regards!
Frank
Von: shayb [via Artifactory] [mailto:[email protected]]
Gesendet: Dienstag, 12. März 2013 10:45
An: Winkler Frank
Betreff: Re: AW: REST API delete item issue: anonymous user
Hi Tomek,
It looks like your restClient does not use preemptive authentication, meaning,
your restClient sends the request as unauthenticated and only after receiving
401 challenge, the restClient request will be sent again with the credentials.
When Artifactory anonymous access is not allowed and your request sent as
anonymous (not an preemptive authentication request), Artifactory will respond
with 401 challenge. Your restClient expect to get 401, and it will re-send the
request with the user credentials.
As you said, this is the case that worked for you.
The other scenario is if you disabled anonymous access in Artifactory and your
request sent as anonymous request, Artifactory will respond with 403 - not
allowed. Your restClient excpect to get 401, and for that reason it will not
work.
You can use preemptive authentication in your restClient and your request will
be sent authenticated with the credentials.
See example:
http://stackoverflow.com/questions/6588256/using-groovy-http-builder-in-preemptive-mode
About the get method, my assumption is that you removed the read permission of
the anonymous user.
Hope this helps,
Shay.
________________________________
If you reply to this email, your message will be added to the discussion below:
http://forums.jfrog.org/REST-API-delete-item-issue-anonymous-user-tp7578368p7578655.html
To unsubscribe from REST API delete item issue: anonymous user, click
here<http://forums.jfrog.org/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=7578368&code=ZnJhbmsud2lua2xlckBtaWMtY3VzdC5jb218NzU3ODM2OHwtMTk1MjkxMjA5OA==>.
NAML<http://forums.jfrog.org/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
--
View this message in context:
http://forums.jfrog.org/REST-API-delete-item-issue-anonymous-user-tp7578368p7578663.html
Sent from the Artifactory - Users mailing list archive at Nabble.com.
------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
endpoint security space. For insight on selecting the right partner to
tackle endpoint security challenges, access the full report.
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
Artifactory-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/artifactory-users
