Authentication to NuGet on Artifactory from within Visual Studio

6
votes

We have a local Artifactory Pro server that serves nuget packages and uses LDAP to authenticate all users. Using the Artifactory-NuGet from cmdline works perfectly, but when trying to use the package manager from Visual Studio, authentication fails.

What I noticed is that Visual Studio tries to add a domain prefix after the first failed authentication attempt: Trying to login as 'user' fails, and then the login authentication windows contains 'DOMAIN\user' as username.

I am not sure if the source of the problem is within Visual Studio or within Artifactory. I noticed that the web access to Artifactory does not accept usernames in the form "DOMAIN\user", even though I feel it should.

So my question is: How do I authenticate to an LDAP-backed, Artifactory-provided authenticated NuGet server from within Visual Studio?

2
visual-studioldapnugetvisual-studio-2013artifactory
Do you definitely need every user to authenticate as 'themselves'? If the repo is internal, can you just allow open read access and perhaps a single write account?Matthew Skelton
Unfortunately, that's not possible, as our developers are in multiple locations and we cannot just replicate all servers, and cannot just allow downloads without auth.Wilbert
I suggest you speak to the guys at JFrog - they are really helpful and keen.Matthew Skelton
I did that but they couldn't help me.Wilbert
Wilbert, you say "Visual Studio tries to add a domain prefix after the first failed authentication attempt", but why does the initial login attempt fail? What is the exact difference between the HTTP call from the nuget command-line compared to Visual Studio? You can use Fiddler to inspect the HTTP traffic.Matthew Skelton

2 Answers

4
votes

Make sure that you've typed your username (LDAP username) and your encrypted password, the one you can get through the artifactory webapp

1
votes

I have the same issue, but i am able to dowload via a browser of the NuGet command line.

I looked at the different traffic with fiddler, and it appears the VS is not adding the security token following the authentication. When i download with a browser the traffic shows an additional cookie following the authentication, which is not present in the VS request. 

Browser
Request = https://server/repo/artifact.pkg
Responce = 401 not authrised
{user prompted for username and password}
Request = http TUNNEL encryped basic login
Responce = 200 encrypted security token
Request = https://server/repo/artifact.pkg + security token
Responce = 200 the pkg file


Visual studio
Request = https://server/repo/$metadata
Responce = 401 not authrised
{user prompted for username and password}
Request = http TUNNEL encryped basic login
Responce = 200 encrypted security token
Request = https://server/repo/$metadata + security token
Responce = 200 <edmx> list of artifacts
Request = https://server/repo/artifact.pkg
Responce = 401 not authrised
{user prompted for username and password}
Request = http TUNNEL encryped basic login
Responce = 200 encrypted security token
Request = https://server/repo/artifact.pkg
Responce = 301 its moved to "https://server/repo/artifact.pkg"

looks like VS is broken and the cookie is not being stored and sent in the subsequent request. Its probabley using the very horrible Browser component in windows forms, and not retaining the cookie container between request. Might want to report to MS.