[
http://jira.codehaus.org/browse/MRM-1181?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=208144#action_208144
]
Stefan Seifert commented on MRM-1181:
-------------------------------------
we need a fix for this issue - too.
it prevents download source attachments for our projects and results in
blacklisting the archiva repository in the maven client - e.g.:
{noformat}
[INFO] Scanning for projects...
[INFO] snapshot de.xxx.dfra:de.xxx.dfra.parent_toplevel:0.5.0-SNAPSHOT:
checking for updates from pvtool.repository
[WARNING] repository metadata for: 'snapshot
de.xxx.dfra:de.xxx.dfra.parent_toplevel:0.5.0-SNAPSHOT'
could not be retrieved from repository: pvtool.repository due to an error:
Authorization failed: Access denied to:
https://xxx/archiva/repository/default/de/xxx
/dfra/de.xxx.dfra.parent_toplevel/0.5.0-SNAPSHOT/maven-metadata.xml
[INFO] Repository 'pvtool.repository' will be blacklisted
{noformat}
> HTTP 401 - Unauthorized is Returned when Accessing Artifact from Repository
> Group if the User Doesn't Have Access to All Repositories in the Group
> --------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: MRM-1181
> URL: http://jira.codehaus.org/browse/MRM-1181
> Project: Archiva
> Issue Type: Bug
> Components: Users/Security
> Affects Versions: 1.2
> Environment: Archiva 1.2; Tomcat 6.0.16; JRE 1.6.0_06-b02
> Reporter: Scott Seiter
> Priority: Minor
> Fix For: 1.4
>
>
> When trying to access an artifact via a repository group, Archiva returns
> 'HTTP 401 - Unauthorized' when the artifact can't be found in the set of
> repositories the user has access to and there is at least 1 repository in the
> repository group the user doesn't have permission to access.
> In this case it may be more logical to return an HTTP 404 instead of an HTTP
> 401.
> On the client machine, Maven responds to the 401 with (where the repository
> group name is group-repo-name):
> [WARNING] repository metadata for: 'artifact
> org.apache.maven.plugins:maven-checkstyle-plugin' could not be retrieved from
> repository: group-repo-name due to an error: Error transferring file
> [INFO] Repository 'group-repo-name' will be blacklisted
> By the way, the artifact being requested is
> http://maven.co.myorganization.org/archiva/repository/group-repo-name/org/apache/maven/plugins/maven-checkstyle-plugin/2.2/maven-checkstyle-plugin-2.2.pom.
> Another note, the wire trace shows that the client requests the resource 20
> times and receives 20 HTTP 401 messages from the server in response.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
