我正在尝试使用Sonateype Nexus OSS 2.11.2-06通过Active Directory对用户进行身份验证。下列的https://books.sonatype.com/nexus-book/reference/ldap-sect-mapping-active-directory.html:
- 我已经设置了"LDAP配置"设置,以便"检查身份验证"成功,当我单击"检查用户映射时,它会在"用户映射测试结果上显示我的Active Directory测试用户,并显示与用户所属组相对应的角色列表。Nice
- 我已经用与其他本地测试用户(使用Nexus web界面创建的用户)相同的权限设置了这些角色好
- 当我在"Users"页面上列出"All Authorized Users[所有授权用户]"时,它会显示具有正确角色(AD组)的Active Directory测试用户
Realm=LDAP和Status=Active太棒了
但是,当我尝试使用Maven("mvn deploy")部署工件时,它无法部署它:ReasonPhrase: Unauthorized:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy (default-deploy) on project mvntest: Failed to deploy artifacts: Could not transfer artifact edu.ub.test:mvntest:jar:1.0-20151204.135744-4 from/to repotest00rw (https://xxxxxxx.ub.edu:yyyy/nexus/content/repositories/repotest00): Failed to transfer file: https://xxxxxxx.ub.edu:yyyy/nexus/content/repositories/repotest00/edu/ub/test/mvntest/1.0-SNAPSHOT/mvntest-1.0-20151204.135744-4.jar. Return code is: 401, ReasonPhrase: Unauthorized. -> [Help 1]
如果我使用一个具有相同角色的本地测试用户(使用Nexus web界面创建的用户)(设置在".m2/settings.xml"上)(如web UI上所示),我可以毫无问题地部署工件。
我已经将"DEBUG"设置为所有记录器,但我找不到任何可以帮助我的东西,只是看起来我被当作匿名用户处理:
2015-12-04 14:49:26,969+0100 DEBUG [qtp-9795081-67] anonymous org.sonatype.sisu.goodies.eventbus.internal.DefaultEventBus - Event 'RepositoryItemEventRetrieve(sender="repotest00" [id=repotest00], repotest00:/edu/ub/test/mvntest/1.0-SNAPSHOT/maven-metadata.xml)' fired
2015-12-04 14:49:26,970+0100 DEBUG [qtp-9795081-67] anonymous org.sonatype.nexus.proxy.maven.maven2.M2Repository - repotest00 retrieveItem() :: FOUND repotest00:/edu/ub/test/mvntest/1.0-SNAPSHOT/maven-metadata.xml
2015-12-04 14:49:26,999+0100 DEBUG [qtp-9795081-58] org.apache.shiro.session.mgt.DefaultSessionManager - Unable to resolve session ID from SessionKey [org.apache.shiro.web.session.mgt.WebSessionKey@601f6170]. Returning null to indicate a session could not be found.
2015-12-04 14:49:27,000+0100 DEBUG [qtp-9795081-58] *UNKNOWN org.sonatype.nexus.content.internal.ContentAuthenticationFilter - No authorization found (header or request parameter)
2015-12-04 14:49:27,000+0100 DEBUG [qtp-9795081-58] *UNKNOWN org.sonatype.nexus.content.internal.ContentAuthenticationFilter - No authorization found (header or request parameter)
2015-12-04 14:49:27,000+0100 DEBUG [qtp-9795081-58] *UNKNOWN org.sonatype.nexus.content.internal.ContentAuthenticationFilter - No authorization found (header or request parameter)
2015-12-04 14:49:27,000+0100 DEBUG [qtp-9795081-58] *UNKNOWN org.sonatype.nexus.content.internal.ContentAuthenticationFilter - Attempting to authenticate Subject as Anonymous request...
2015-12-04 14:49:27,000+0100 DEBUG [qtp-9795081-58] *UNKNOWN org.apache.shiro.realm.AuthenticatingRealm - Looked up AuthenticationInfo [anonymous] from doGetAuthenticationInfo
有人能帮我吗?
非常感谢!
/天使
根据您的描述,您似乎没有创建外部角色映射。有关详细信息,请访问http://books.sonatype.com/nexus-book/reference/ldap-sect-external-role-mapping-config.html
此映射的目的是将外部(例如LDAP)组成员资格与Nexus内部存储库管理特定角色相匹配。
您必须将希望部署的用户角色映射到对您要部署的存储库具有写访问权限的Nexus角色。
哦,多亏了Sonatype支持团队,我们意识到我错过了8.2的步骤。启用LDAP身份验证领域。
我只是设置好了,一切都如预期。
也感谢你帮助我,曼弗雷德。
致问候,
/Ángel