Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

'jf rt ping' returns OK if you send empty credentials #1704

Closed
stjohnfinn opened this issue Sep 26, 2022 · 2 comments
Closed

'jf rt ping' returns OK if you send empty credentials #1704

stjohnfinn opened this issue Sep 26, 2022 · 2 comments
Labels
bug Something isn't working

Comments

@stjohnfinn
Copy link

stjohnfinn commented Sep 26, 2022
edited
Loading

Describe the bug

If you run jf c add with empty credentials and then run jf rt ping, the server returns OK.

Current behavior

No debug output.

Reproduction steps

  1. Run jf c rm --quiet
  2. Run jf c add add submit empty credentials.
  3. Run jf rt ping and see that it returns OK

Not sure if this is intended or not. If this is intentional, please explain.
Obviously cannot login to Artifactory GUI with empty credentials.

Expected behavior

I am expecting that, since there is no user with the username "" and password "", the server will return 401 for bad credentials.

JFrog CLI version

2.21.4

Operating system type and version

Windows 10

JFrog Artifactory version

7

JFrog Xray version

No response
@stjohnfinn stjohnfinn added the bug Something isn't working label Sep 26, 2022
@jdknight
Copy link

jdknight commented Apr 3, 2024

I was recently trying to rely on CT=1 jf rt ping to validate access to an Artifactory instance. I also realized that it was returning a success code for a configuration with no credentials set. My assumption from this was it was designed this way for the use case where one may be using the CLI for read-only access scenarios (i.e. files that can be downloaded without credentials; if a repository was configured to support this). So this might be working as expected.

I have updated my scripts to use a crude method to provide a somewhat better chance that a working state has access. First, I check if the default configuration has a password value configured (jf c show | grep Pass) -- and if so, then check if I can ping (CT=1 jf rt ping). For sure does not guarantee the client will have access to the specific repository planned for use, but I will at least know I'm checking accessibility with an authenticated user.

It would be nice to be able to explicitly check access to a specific repository, and more so even if a client has access to write to a repository. For example:

(note: this does not exist)
jf rt ping <my-repo> --access=write

Although this would fall under an enhancement over a bug, and no idea if the above CLI example is the "right" way to approach this.

@stjohnfinn
Copy link
Author

Closing because I don't care anymore.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jdknight @stjohnfinn