Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-20689

The value set in the property "artifactory.access.token.non.admin.max.expires.in=300" not being picked up.


    • Type: Bug
    • Status: Open
    • Priority: High
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:


      A possible workaround is at the end of the description.

      As per our confluence page:

      "Non-admin users, can only set the token validity period to a value that is equal or less than the maximum allowed value. This can be specified by setting the artifactory.access.token.non.admin.max.expires.in parameter in the $ARTIFACTORY_HOME/etc/artifactory.system.properties file (default: 3600)."

      However, when we are trying to create an access token for a user, the default value is set to 3600 to the access token, even after we have set the property "artifactory.access.token.non.admin.max.expires.in=300" in the $ARTIFACTORY_HOME/etc/artifactory.system.properties file.

      Steps to reproduce:

      1. Set the property "artifactory.access.token.non.admin.max.expires.in=300" in the $ARTIFACTORY_HOME/etc/artifactory.system.properties file.
      2. Create users as user1 or user2 in Artifactory.
      3. Create a group as testGroup in Artifactory.
      4. Run the command to create an access token for the user without "expires_in=300" in the command:
        $curl -uadmin -XPOST "http://localhost:8081/artifactory/api/security/token" -d "username=user1" -d "scope=member-of-groups:testGroup" -d "refreshable=true"
        Enter host password for user 'admin':
      {   "scope" : "member-of-groups:testGroup api:*",   "access_token" : "xxxxx",   *"expires_in" : 3600,*   "token_type" : "Bearer" }

      In the above, it can be seen that the default value is set to 3600 seconds which is one hour.

      1. When we explicitly mention the "expires_in=300" in the curl command, then only the access token is being created for 300 seconds.

      $ curl -uadmin -XPOST "http://localhost:8081/artifactory/api/security/token" -d "username=test1" -d "scope=member-of-groups:testGroup" -d "refreshable=true" -d "expires_in=300"

      Enter host password for user 'admin':

      {   "scope" : "member-of-groups:testGroup api:*",   "access_token" : "xxxxx",   *"expires_in" : 300,*   "token_type" : "Bearer" }

      Which means the property set in the artifactory.system.properites file is not being picked up.


      Possible workaround:

      Check the config descriptor and search for the following parameter:


      If it is found in the config descriptor please delete it. 

      This should solve the issue. 




            • Assignee:
              swarnenduk Swarnendu Kayal
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created: