Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-17198

"Edit Profile" UI page requires HTTP Basic header to be open

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 6.1.0, 5.11.1
    • Fix Version/s: 6.7.0
    • Component/s: SAML SSO, Web UI
    • Labels:
      None
    • Regression:
      Yes
    • Sprint:
      Leap 35

      Description

      Symptoms: When using a reverse proxy that uses a different AuthType mechanism, users cannot access their profile pages through the UI.

      Steps to reproduce:

      1. Set up Artifactory behind an Nginx reverse proxy
      2. Block the HTTP Basic auth type:

      location / {

      if ($http_authorization)

      {     return 401; }

      3. Attempt to access the Artifactory user profile page

      4. Observe that the "/ui/userApiKey" internal API request never reaches the Artifactory request logs, and generates a 401 error from Nginx instead

       

      This is a problem for users that need to use the BasicAuth header for a custom sign-on process. The workaround is to use the REST API to perform the same functions available through the UI.

      Artifactory expects the BasicAuth header to contain a base64 string containing the following format: "<USERNAME>:null", with "null" being expected. This requirement looks to have been added since version 5.4.6

       

        Attachments

          Activity

            People

            • Assignee:
              barh Bar Haim
              Reporter:
              patrickr Patrick Russell
              Assigned QA:
              Barak Hacham
            • Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: