When our test maven build tries to upload an artifact to our Archiva 2.0.1 instance, we are getting a 401 as seen here:
09:51:56,991 ERROR - Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.5:deploy (default-deploy) on project my-app: Failed to deploy artifacts: Could not transfer artifact org.oclc.middleware:my-app:pom:1.85-20140603.135156-1 from/to snapshots (http://host:port/repository/snapshots): Failed to transfer file: http://host:port/repository/snapshots/org/oclc/middleware/my-app/1.85-SNAPSHOT/my-app-1.85-20140603.135156-1.pom. Return code is: 401 -> [Help 1] If I look in archiva.log, I find the following corresponding message: 2014-06-03 09:51:56,915 [qtp96083163-25] INFO org.apache.archiva.security.ArchivaServletAuthenticator [] - Authorization Denied [ip=[ip address],permission=archiva-upload-repository,repo=snapshots] : no matching permissions But if I check the user which we have set up in our settings.xml file, it has the role "Repository Manager - snapshots" which does include the archiva-upload-repository permission. Thinking that perhaps this user is not actually the one doing the upload, I gave every available role to the 'guest' user and tried again, but got the same result. It appears that Archiva 2.0.1 does not generate an audit log in the way that 1.3.5 used to, so I'm not sure how to verify which user is actually attempting the upload. There is a new log file, request-[timestmap].log which seems to serve a similar purpose to the old audit log, but it doesn't show any user information. Here is what I can find in the request log which corresponds to the upload attempt: [ip address] - - [03/Jun/2014:13:51:56 +0000] "PUT /repository/snapshots/org/oclc/middleware/my-app/1.85-SNAPSHOT/my-app-1.85-20140603.135156-1.pom HTTP/1.1" 401 0 "-" "Apache-Maven/3.0.3 (Java 1.6.0_37; Linux 2.6.18-308.el5)" Any idea why I am getting 401 on upload, or how I can get more information on which user is actually doing the upload so I can see why its roles don't include archiva-upload-repository permission? Thanks, David
