Uploaded image for project: 'Archiva'
  1. Archiva
  2. MRM-1114

Archiva misleadingly logs an authorization error when deploying during the initial challenge stage

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • 1.2-M1
    • None
    • None

    Description

      In ArchivaServletAuthenticator:

      log.info( "Authorization Denied [ip=" + request.getRemoteAddr() + ",isWriteRequest=" + isWriteRequest +
        ",permission=" + permission + ",repo=" + repositoryId + "] : " +
        authzResult.getException().getMessage() );
      

      However, when deploying the client will send a request with no credentials first before receiving the challenge, and this is logged in the middle, which causes some confusion.

      It should be removed altogether and possibly logged (maybe in a different audit location), but at a later stage where it is finally rejected.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              brettporter Brett Porter
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: