HTTP 401 - Unauthorized is Returned when Accessing Artifact from Repository
Group if the User Doesn't Have Access to All Repositories in the Group
--------------------------------------------------------------------------------------------------------------------------------------------------
Key: MRM-1181
URL: http://jira.codehaus.org/browse/MRM-1181
Project: Archiva
Issue Type: Bug
Components: Users/Security
Affects Versions: 1.2
Environment: Archiva 1.2; Tomcat 6.0.16; JRE 1.6.0_06-b02
Reporter: Scott Seiter
Priority: Minor
When trying to access an artifact via a repository group, Archiva returns 'HTTP
401 - Unauthorized' when the artifact can't be found in the set of
repositories the user has access to and there is at least 1 repository in the
repository group the user doesn't have permission to access.
In this case it may be more logical to return an HTTP 404 instead of an HTTP
401.
On the client machine, Maven responds to the 401 with (where the repository
group name is group-repo-name):
[WARNING] repository metadata for: 'artifact
org.apache.maven.plugins:maven-checkstyle-plugin' could not be retrieved from
repository: group-repo-name due to an error: Error transferring file
[INFO] Repository 'group-repo-name' will be blacklisted
By the way, the artifact being requested is
http://maven.co.myorganization.org/archiva/repository/group-repo-name/org/apache/maven/plugins/maven-checkstyle-plugin/2.2/maven-checkstyle-plugin-2.2.pom.
Another note, the wire trace shows that the client requests the resource 20
times and receives 20 HTTP 401 messages from the server in response.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
