Problem description: Crowd users are unable to download files using the "URL to file" when logged in as a Crowd user the using the "URL to file" will result in a pop-up window for the credentials, entering valid credentials will not start the download, and the credentials pop up window will appear again. If the "Hide Existence of Unauthorized Resources" is enabled the user will receive a 404 error "Resource not found".
What is the expected behavior? The "URL to file" will work as expected and download the artifact.
Steps to reproduce:
- Create a generic repository, upload a file
- Enable "Hide Existence of Unauthorized Resources"
- Login with Crowd user, refer to the artifact in the UI and click on the "URL to file" to download the file, you will get a 404 error "Resource not found".
Disabling the "Hide Existence of Unauthorized Resources" will result in a pop-up window appearing for entering the credentials, although the user is logged in already, entering the right credentials will not download the file.
Possible workaround: downloading the artifact using the Download button in the UI or with the REST API.