jdknight
commented
3 months ago I was recently trying to rely on CT=1 jf rt ping to validate access to an Artifactory instance. I also realized that it was returning a success code for a configuration with no credentials set. My assumption from this was it was designed this way for the use case where one may be using the CLI for read-only access scenarios (i.e. files that can be downloaded without credentials; if a repository was configured to support this). So this might be working as expected.
I have updated my scripts to use a crude method to provide a somewhat better chance that a working state has access. First, I check if the default configuration has a password value configured (jf c show | grep Pass) -- and if so, then check if I can ping (CT=1 jf rt ping). For sure does not guarantee the client will have access to the specific repository planned for use, but I will at least know I'm checking accessibility with an authenticated user.
It would be nice to be able to explicitly check access to a specific repository, and more so even if a client has access to write to a repository. For example:
(note: this does not exist)
jf rt ping <my-repo> --access=writeAlthough this would fall under an enhancement over a bug, and no idea if the above CLI example is the "right" way to approach this.
Describe the bug
If you run
jf c addwith empty credentials and then runjf rt ping, the server returns OK.Current behavior
No debug output.
Reproduction steps
jf c rm --quietjf c addadd submit empty credentials.jf rt pingand see that it returns OKNot sure if this is intended or not. If this is intentional, please explain. Obviously cannot login to Artifactory GUI with empty credentials.
Expected behavior
I am expecting that, since there is no user with the username "" and password "", the server will return 401 for bad credentials.
JFrog CLI version
2.21.4
Operating system type and version
Windows 10
JFrog Artifactory version
7
JFrog Xray version
No response