Artifactory 403匿名访问

Question

我使用ajp在Apache（无auth）后面运行Artifactory 3.9.2。用户界面工作得很好但是当我尝试访问此存储库中的工件或列出目录（http://ziath.com/artifactory/libs-release/）时，我得到了403。 000默认文件如下：

    DocumentRoot /var/www

    ProxyPreserveHost on
    ProxyPass  /xxx ajp://127.0.0.1:8009/xxx
    ProxyPassReverse /xxx ajp://127.0.0.1:8009/xxx

    ProxyPass /yyy ajp://127.0.0.1:8009/yyy
    ProxyPassReverse /yyy ajp://127.0.0.1:8009/yyy

    ProxyPass /zzz ajp://127.0.0.1:8009/zzz
    ProxyPassReverse /zzz ajp://127.0.0.1:8009/zzz

    ProxyPass /artifactory ajp://127.0.0.1:8009/artifactory
    ProxyPassReverse /artifactory ajp://127.0.0.1:8009/artifactory
    ProxyPassReverseCookiePath /artifactory /repository

    <Directory />
            Options FollowSymLinks
            AllowOverride None
    </Directory>
    <Directory /var/www/>
            Options -Indexes FollowSymLinks MultiViews
            AllowOverride None
            Order allow,deny
            allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
            AllowOverride None
            Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
            Order allow,deny
            Allow from all
    </Directory>

    ErrorLog /var/log/apache2/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog /var/log/apache2/access.log combined

Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
    Options Indexes MultiViews FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
    Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>

x / y / z行是其他正在通过的应用程序。查看日志，我可以看到apache请求进入，但我能看到的唯一神器日志条目在request.log中：

20170626192333|262|REQUEST|217.33.228.150|anonymous|GET|/libs-release/|HTTP/1.0|
200|0

有趣的是，当我把'糟糕; repos（http://ziath.com/artifactory/libs-releasexx/）我收到回复：

{
  "errors" : [ {
    "status" : 404,
    "message" : "/artifactory/libs-releasexx/"
  } ]
}

还会在artifactory.log中显示日志消息：

2017-06-26 19:21:54,726 [TP-Processor7] [WARN ] (o.a.w.s.RequestUtils:132) - Request /libs-releasexx/ should be a repo request and does not match any repo key

所以看起来神器似乎接受了一个请求，但后来给了我403但是我找不到任何通过request.log条目的日志。

毋庸置疑;现在是20:30，我被困住了 - 有人对我有什么建议吗？

顺便说一句;我尝试过Artifactory 5.1.4，但是我需要在我自己的tomcat实例中运行（不是专用的），当我尝试使用5.1.4时，它反复说它无法连接到derby实例 - 这甚至是我试过的时候做一个干净的安装。

感谢;提前帮助你。

• ADDENDUM - 根据建议，我去了当地的盒子，用curl来获取细节;命令

  curl -vv http://localhost:8080/artifactory/libs-release

给出

的回应

* About to connect() to localhost port 8080 (#0)
*   Trying 127.0.0.1...
* connected
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /artifactory/libs-release HTTP/1.1
> User-Agent: curl/7.26.0
> Host: localhost:8080
> Accept: */*
>
* additional stuff not fine transfer.c:1037: 0 0
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 302 Found
< Server: Artifactory/3.9.2
< X-Artifactory-Id: 0e44c1983dacd590:4572b75b:15ce5fb3a3f:-8000
< Location: http://localhost:8080/artifactory/libs-release/
< Content-Length: 0
< Date: Fri, 30 Jun 2017 13:25:06 GMT
<
* Connection #0 to host localhost left intact
* Closing connection #0

我们知道curl有效，因为如果你输入错误的存储库地址，你会得到：

curl -vv http://localhost:8080/artifactory/libs-releasexx

返回

* About to connect() to localhost port 8080 (#0)
*   Trying 127.0.0.1...
* connected
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /artifactory/libs-releasexx HTTP/1.1
> User-Agent: curl/7.26.0
> Host: localhost:8080
> Accept: */*
>
* additional stuff not fine transfer.c:1037: 0 0
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 404 Not Found
< Server: Artifactory/3.9.2
< X-Artifactory-Id: 0e44c1983dacd590:4572b75b:15ce5fb3a3f:-8000
< Content-Type: application/json
< Content-Length: 92
< Date: Fri, 30 Jun 2017 13:26:29 GMT
<
{
  "errors" : [ {
    "status" : 404,
    "message" : "/artifactory/libs-releasexx"
  } ]
* Connection #0 to host localhost left intact
}* Closing connection #0

如果我们通过'目录'而不是回购名称进行搜索，我们会得到：

curl -vv http://localhost:8080/artifactory/libs-release/

返回

* About to connect() to localhost port 8080 (#0)
*   Trying 127.0.0.1...
* connected
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /artifactory/libs-release/ HTTP/1.1
> User-Agent: curl/7.26.0
> Host: localhost:8080
> Accept: */*
>
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 200 OK
< Server: Artifactory/3.9.2
< X-Artifactory-Id: 0e44c1983dacd590:4572b75b:15ce5fb3a3f:-8000
< Set-Cookie: JSESSIONID=94DCD54787E6A1A928B7B0C08C66EA8D; Path=/artifactory
< Date: Fri, 30 Jun 2017 13:27:27 GMT
< Expires: Thu, 01 Jan 1970 00:00:00 GMT
< Pragma: no-cache
< Cache-Control: no-cache, no-store
< Content-Type: text/html;charset=UTF-8
< Transfer-Encoding: chunked
<
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<title>Index of libs-release/</title>
</head>
<body>
<h1>Index of libs-release/</h1>
<pre>Name  Last modified      Size</pre>
<hr/>
<pre><a href="com/">com/</a>   05-Oct-2016 12:27    -
</pre>
<hr/>
<address style="font-size:small;">Artifactory/3.9.2 Server at localhost Port 8080</address>
</body>
</html>
* Connection #0 to host localhost left intact
* Closing connection #0

有趣的是，这似乎给出了回购的索引，但是当这是通过apache运行时，我们得到：

禁止

您无权访问此服务器上的/ artifactory / libs-release /。

所以我们对apache的反应不同于神器。

干杯，

尼尔

Answer 1

最后给出了一个新盒子并从头开始安装