How to disable Basic Auth "Artifactory Realm"

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

How to disable Basic Auth "Artifactory Realm"

Shrike
Hi.
We have Artifactory 4 behind Apache.
When an unauthenticated user accesses Artifactory he/she is prompted for credentials by browser (basic auth dialog with text "The server ... requires a username and password. The server say: Artifactory Realm" ). If user clicks "Cancel" then he/she will be prompted for credentials by Artifactory (cookies/Forms authentication).
Both methods work fine. But I'd like to have only one - cookies/Forms auth for Artifactory webapp and both for api. That means that if a unauthenticated user accesses webapp he/she is prompted to enter credentials in web Artifactory's dialog. But sending api requests would work with basic auth also (mostly for setting up npm repos - https://artifacts.server.org/api/npm/auth)

Is it possible to do?

In Apache config I have the following VHost:
```
<VirtualHost *:80>
    ServerName artifacts.server.org
    AllowEncodedSlashes NoDecode
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    ProxyPreserveHost On
    ProxyPassReverseCookiePath /artifactory/ /
    ProxyPass / ajp://localhost:8022/artifactory/ nocanon
    ProxyPassReverse / http://artifacts.server.org/artifactory/
    #RequestHeader unset Authorization

    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^artifacts\.server\.org$ [NC]
    RewriteRule ^/artifactory/(.*)$ /$1 [L,R=301]
</VirtualHost>
```