Art Authentication issues, users get 403

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Art Authentication issues, users get 403

dsmorse
I am running the artifactory pro registry (jfrog-docker-reg2.bintray.io/jfrog/artifactory-registry:4.7.7) and my users have been experience an issue since 4.7.5... a small percentage of my traffic is getting 403's.

What is confusing me is that when I look at the ngix logs I see entries like this:
../nginx/access.log:172.20.7.84 - public [17/May/2016:09:11:01 -0600] "GET /artifactory/api/npm/NPM-Main/grunt-contrib-jshint HTTP/1.1" 403 147 "install" "npm/2.7.5 node/v0.10.30 linux x64" "-"  
../nginx/access.log:172.20.7.83 - public [17/May/2016:09:16:08 -0600] "GET /artifactory/api/npm/NPM-Main/grunt-contrib-jshint HTTP/1.1" 403 147 "install" "npm/2.7.5 node/v0.10.30 linux x64" "-"  


While when I look at artifactory's request log the entries look like this:
 request.log:20160517091101|0|REQUEST|172.20.7.84|non_authenticated_user|GET|/api/npm/NPM-Main/grunt-contrib-jshint|HTTP/1.0|403|0
 request.log:20160517091608|1|REQUEST|172.20.7.83|non_authenticated_user|GET|/api/npm/NPM-Main/grunt-contrib-jshint|HTTP/1.0|403|0 vi

obviously the problem is that the user account has been changed to non_authenticated_user, and despite the fact that the original requester and anonymous users have access to the repo, the non_authenticated_user is being refused access..  

How can I configure the repo to re-establish the users session or assume that the non_authenticated_user should have the same rights as an anonymous user?