Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-23004

Crowd cookie is not read by Router



    • Type: Bug
    • Status: Done
    • Resolution: Done
    • Affects Version/s: 7.4.3, 7.6.3
    • Fix Version/s: 7.42.0, 7.31.16
    • Component/s: Crowd
    • Labels:


      Problem description: When Anonymous Access is disabled, download URLs do not work when accessed by a web browser. This only happens for the Atlassian Crowd Integration system in Artifactory, and only in Artifactory 7.X. The Download URL is only accessed anonymously when the request is routed through port 8082, the Router port.

      This is a bug because although you can't log in via port 8082, if you jump over to port 8081 the Crowd Cookie is used properly and the file downloads. After that the user is "logged in" and can use port 8082 to access the UI, only download URLs are affected.

      What is the expected behavior? Download URLs work regardless of whether the port is Artifactory or Router.

      Steps to reproduce: 

      1] Install Artifactory 7.X and Atlassian Crowd (Crowd 4.X was used in this test)

      2] Configure Artifactory to use Atlassian Crowd as normal

      3] Disable Anonymous Access, so a user must be logged into download things

      4] Import a Crowd Group and grant that group at least Read access to a repository's resources

      5] Log into Crowd as the Crowd user, then log into Artifactory automatically using the Crowd Cookie

      6] Copy the Download URL from the Web UI, this simulates using a direct download link

      7] When going to the Download URL, you will face a login prompt that will not accept Crowd credentials. The request appears as an Anonymous request in the Artifactory logs

      8] The Download URL usually goes to the Router or reverse proxy (Which passes to the Router) on port 8082. If you switch the port to go directly to Artifactory on port 8081, the login prompt does not appear the file downloads.




              tamirh Tamir Hadad [X] (Inactive)
              patrickr Patrick Russell
              0 Vote for this issue
              1 Start watching this issue