Archiva checks user's credentials before guest's rights on the repository
-------------------------------------------------------------------------
Key: MRM-911
URL: http://jira.codehaus.org/browse/MRM-911
Project: Archiva
Issue Type: Bug
Components: Users/Security
Affects Versions: 1.1.1
Environment: Apache 2.2, Tomcat 5.5.26, Archiva 1.1.1, JDK 1.6
Reporter: Arnaud Heritier
In a corporate environment we installed archiva on tomcat & mysql.
A reverse proxy (Apache) is used to protect our intranet applications. (I tried
to use mod_proxy and mod_jk to connect apache & tomcat and the behavior is the
same.)
To access to our intranet thought the reverse proxy I have to give my
credentials (the RP is using a ldap directory and accessed only in HTTPS).
When I access to the archiva UI, everything is fine. After giving my
credentials, I can logon or logout with accounts created in archiva (admin for
example).
I configured the guest to be a global Repository Manager & Observer on all our
repositories (we don't need to readd a security level in archiva. It's already
done by apache).
When I access to a repository (to browse it for example) I receive an
authentication dialog box (basic authent) like :
{{A user name and password are being requested by https://xxx.yyy.com. The site
says: "Repository Archiva Managed 3rd-parties Repository"}}
It shouldn't be because guest can browse and write on repositories.
What I suppose is that archiva is retreiving my credentials from apache and
tries to logon me, which is failing (i don't have this account in archiva).
After having fail it proposes to me to reenter new credentials.
I tried to create a user in archiva as the one I have to logon in apache and it
works.
I think archiva should check guest rights before to try to logon the user.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
