We determined that the issue below was caused by the fact that the <id> in the settings.xml and the <id> in the distributionManagement section of the pom.xml were mismatched. Once we made sure they had the same name, our build was able to upload successfully. So this is resolved, please disregard.
Thanks, David From: <Stallard>, "Stallard,David" <[email protected]<mailto:[email protected]>> Date: Tuesday, June 3, 2014 at 10:41 AM To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: 401 Unauthorized during upload to Archiva 2.0.1 When our test maven build tries to upload an artifact to our Archiva 2.0.1 instance, we are getting a 401 as seen here: 09:51:56,991 ERROR - Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.5:deploy (default-deploy) on project my-app: Failed to deploy artifacts: Could not transfer artifact org.oclc.middleware:my-app:pom:1.85-20140603.135156-1 from/to snapshots (http://host:port/repository/snapshots): Failed to transfer file: http://host:port/repository/snapshots/org/oclc/middleware/my-app/1.85-SNAPSHOT/my-app-1.85-20140603.135156-1.pom. Return code is: 401 -> [Help 1] If I look in archiva.log, I find the following corresponding message: 2014-06-03 09:51:56,915 [qtp96083163-25] INFO org.apache.archiva.security.ArchivaServletAuthenticator [] - Authorization Denied [ip=[ip address],permission=archiva-upload-repository,repo=snapshots] : no matching permissions But if I check the user which we have set up in our settings.xml file, it has the role "Repository Manager - snapshots" which does include the archiva-upload-repository permission. Thinking that perhaps this user is not actually the one doing the upload, I gave every available role to the 'guest' user and tried again, but got the same result. It appears that Archiva 2.0.1 does not generate an audit log in the way that 1.3.5 used to, so I'm not sure how to verify which user is actually attempting the upload. There is a new log file, request-[timestmap].log which seems to serve a similar purpose to the old audit log, but it doesn't show any user information. Here is what I can find in the request log which corresponds to the upload attempt: [ip address] - - [03/Jun/2014:13:51:56 +0000] "PUT /repository/snapshots/org/oclc/middleware/my-app/1.85-SNAPSHOT/my-app-1.85-20140603.135156-1.pom HTTP/1.1" 401 0 "-" "Apache-Maven/3.0.3 (Java 1.6.0_37; Linux 2.6.18-308.el5)" Any idea why I am getting 401 on upload, or how I can get more information on which user is actually doing the upload so I can see why its roles don't include archiva-upload-repository permission? Thanks, David
