Access not possible with Artifact Resolver then security is on

[hcguersoy]

Hi,

using this plugin in a pipeline it is not possible to access the repository with e.g. the Artifact Resolver (aka Repository connector) Plugin then the global security (matrix project based) is enabled.
Got always an 'access denied' even then I provide a valid jenkins user and his password.
Don't find a way to configure the access to the repo.
Using Jenkins 1.535 and plugin version 1.0

[Favorlock]

I'm having the same issue with defining the server in my settings.xml and running mvn dependency:resolve.

[kshakir]

Although this plugin provides a repository, the basic setup only works under anonymous, unauthenticated Jenkins. Jenkins authentication is incompatible with any software using the ivy library for artifact resolution. For our setup, this means sbt.

Jenkins only supports forced authentication. During anonymous access, instead of a HTTP 401, Jenkins returns a HTTP 403 meaning:

Authorization will not help and the request SHOULD NOT be repeated.

Programs like wget do allow forced authentication, enabling basic examples to work when authenticating to Jenkins. However, neither the ivy library, nor the underlying HttpUrlConnection, currently expose options for forced authentication.

Perhaps running a separate authenticated reverse proxy in front of Jenkins would work, if the reverse proxy returned a proper HTTP 401 when the request is unauthorized but not forbidden.

[jakub-bochenski]

You might find this open issue useful https://issues.apache.org/jira/browse/WAGON-405
It describes how to enable preemptive authentication -- the documented way doesn't work