我正在使用 ajp 在 Apache(无身份验证)后面运行 Artifactory 3.9.2。 UI 工作正常,但是当我尝试访问此存储库中的 Artifactory 或列出目录 (http://ziath.com/artifactory/libs-release/) 时,我得到 403 返回。 000-默认文件如下:
DocumentRoot /var/www
ProxyPreserveHost on
ProxyPass /xxx ajp://127.0.0.1:8009/xxx
ProxyPassReverse /xxx ajp://127.0.0.1:8009/xxx
ProxyPass /yyy ajp://127.0.0.1:8009/yyy
ProxyPassReverse /yyy ajp://127.0.0.1:8009/yyy
ProxyPass /zzz ajp://127.0.0.1:8009/zzz
ProxyPassReverse /zzz ajp://127.0.0.1:8009/zzz
ProxyPass /artifactory ajp://127.0.0.1:8009/artifactory
ProxyPassReverse /artifactory ajp://127.0.0.1:8009/artifactory
ProxyPassReverseCookiePath /artifactory /repository
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
x/y/z 线是其他正常通过的应用程序。查看日志,我可以看到 Apache 请求进入,但我能看到的唯一人工日志条目在 request.log 中:
20170626192333|262|REQUEST|217.33.228.150|anonymous|GET|/libs-release/|HTTP/1.0|
200|0
有趣的是,当我输入“坏的; repo ( http://ziath.com/artifactory/libs-releasexx/ ) 我收到回复:
{
"errors" : [ {
"status" : 404,
"message" : "/artifactory/libs-releasexx/"
} ]
}
日志消息也出现在 artifactory.log 中:
2017-06-26 19:21:54,726 [TP-Processor7] [WARN ] (o.a.w.s.RequestUtils:132) - Request /libs-releasexx/ should be a repo request and does not match any repo key
所以看起来 artifactory 确实正在接受请求,但随后返回 403,尽管我找不到超过 request.log 条目的任何日志。
不用多说;现在是 20:30,我被困住了 - 请问有人对我有什么建议吗?
顺便说一句;我尝试了 Artifactory 5.1.4,但我需要在我自己的 tomcat 实例中运行(不是专用于 artifactory 的实例),当我尝试 5.1.4 时,它反复说它无法连接到 derby 实例 - 即使我尝试过进行全新安装。
谢谢;提前寻求您的帮助。
附录 - 根据建议,我去了本地邮箱并使用 curl 获取详细信息;命令
给出响应
* About to connect() to localhost port 8080 (#0)
* Trying 127.0.0.1...
* connected
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /artifactory/libs-release HTTP/1.1
> User-Agent: curl/7.26.0
> Host: localhost:8080
> Accept: */*
>
* additional stuff not fine transfer.c:1037: 0 0
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 302 Found
< Server: Artifactory/3.9.2
< X-Artifactory-Id: 0e44c1983dacd590:4572b75b:15ce5fb3a3f:-8000
< Location: http://localhost:8080/artifactory/libs-release/
< Content-Length: 0
< Date: Fri, 30 Jun 2017 13:25:06 GMT
<
* Connection #0 to host localhost left intact
* Closing connection #0
我们知道 curl 有效,因为如果您输入错误的存储库地址,您会得到:
curl -vv http://localhost:8080/artifactory/libs-releasexx
返回
* About to connect() to localhost port 8080 (#0)
* Trying 127.0.0.1...
* connected
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /artifactory/libs-releasexx HTTP/1.1
> User-Agent: curl/7.26.0
> Host: localhost:8080
> Accept: */*
>
* additional stuff not fine transfer.c:1037: 0 0
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 404 Not Found
< Server: Artifactory/3.9.2
< X-Artifactory-Id: 0e44c1983dacd590:4572b75b:15ce5fb3a3f:-8000
< Content-Type: application/json
< Content-Length: 92
< Date: Fri, 30 Jun 2017 13:26:29 GMT
<
{
"errors" : [ {
"status" : 404,
"message" : "/artifactory/libs-releasexx"
} ]
* Connection #0 to host localhost left intact
}* Closing connection #0
如果我们按“目录”而不是存储库名称搜索,我们会得到:
curl -vv http://localhost:8080/artifactory/libs-release/
返回
* About to connect() to localhost port 8080 (#0)
* Trying 127.0.0.1...
* connected
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /artifactory/libs-release/ HTTP/1.1
> User-Agent: curl/7.26.0
> Host: localhost:8080
> Accept: */*
>
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 200 OK
< Server: Artifactory/3.9.2
< X-Artifactory-Id: 0e44c1983dacd590:4572b75b:15ce5fb3a3f:-8000
< Set-Cookie: JSESSIONID=94DCD54787E6A1A928B7B0C08C66EA8D; Path=/artifactory
< Date: Fri, 30 Jun 2017 13:27:27 GMT
< Expires: Thu, 01 Jan 1970 00:00:00 GMT
< Pragma: no-cache
< Cache-Control: no-cache, no-store
< Content-Type: text/html;charset=UTF-8
< Transfer-Encoding: chunked
<
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<title>Index of libs-release/</title>
</head>
<body>
<h1>Index of libs-release/</h1>
<pre>Name Last modified Size</pre>
<hr/>
<pre><a href="com/">com/</a> 05-Oct-2016 12:27 -
</pre>
<hr/>
<address style="font-size:small;">Artifactory/3.9.2 Server at localhost Port 8080</address>
</body>
</html>
* Connection #0 to host localhost left intact
* Closing connection #0
有趣的是,这似乎给出了 repos 的索引,但是当它通过 apache 运行时,我们得到:
禁止
您无权访问此服务器上的/artifactory/libs-release/。
因此我们在 apache 上得到的响应与 artifactory 上的响应不同。
干杯,
尼尔
最佳答案
最后放弃了 - 买了一个新盒子并从头开始安装
关于apache - Artifactory 403 匿名访问,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44767353/