Search code examples
mavengrailsgroovyartifactory

How to configure grails 2.4.0 to resolve artifacts from JFrog Artifactory with authentication?

It's a problem which every few months occurs. I do some grails upgrades and the app can't resolve my artifacts from my secured artifactory repository. This time i did an upgrade to grails 2.4.0 and yet again the problem exists. I configured my repository as described in the grails documentation (which seems very outdated) but grails can't resolve my dependencies from our repo. It doesn't authenticate correctly.

So my final questions which many people already have asked:

How to configure grails (current 2.4.0) with maven as dependency-resolver to work with a private maven respository (artifactory) with authentication correctly? What do i have to write to my BuildConfig to get it working?

This doesn't work:

if (Environment.current == Environment.PRODUCTION) {

    if (grails.project.dependency.resolver == "maven") {
        mavenRepo "http://repo.myRepoHost.com/plugins-release-local/", {
            auth([
                username: "reader",
                password: "readerPw"
            ])
        }
    }

}
Solution

  • I could solve this problem and found out why i always had problems with artifactory repositories which require authentication.

    There is a http header status problem with artifactory. If you've made your whole artifactory private with the Admin-> Security-> General-> Allow Anonymous Access checkbox (unchecked) everything works because artifactory responds with a http status code "401 Authorization Required" and grails does another request with your configured authorization credentials which works fine. unchecked checkbox

    If you've checked the checkbox (because you have both private and public repositories like me) you get intro trouble because artifactory doesn't respond with a 401 status code anymore. Instead it responds with "404 Not Found" even if artifact is in repository and only anonymous doesn't have access to it. In access.log you can find "DOWNLOAD DENIED" in this case and grails doesn't make a second request with the configured credentials because of the 404 status code. checked checkbox

    So you've to create seperate artifactory instances for your public and private repositories or we have to implement a new configuration option for grails to support an "always authenticate" feature on chosen repositories. I'll suggest this to the grails development team via grails bugtracker and i will also look for the artifactory developers to build a workaround option for this.