The anonymous user will be assigned with the permissions of every existing group with “Automatically Join New Users to this Group” option checked. By default, a group called “Readers” exists which allows associated users to view all existing artifacts:
Due to this, it is very important to make sure that no group with this option enabled exists in your platform prior to creating customized anonymous user permissions. This may be done via the UI by navigating to the Platform Configuration tab, User Management, “Groups”, and applying the filter “Auto Join” -
Alternatively, this can be done via REST APIs, using a script that uses the Get Groups API to gather the existing groups and the Get Group Details API to identify if the value of “auto_join” set to “true” for the individual group.
Below is an example of such a script:
Example output -
Due to this, it is very important to make sure that no group with this option enabled exists in your platform prior to creating customized anonymous user permissions. This may be done via the UI by navigating to the Platform Configuration tab, User Management, “Groups”, and applying the filter “Auto Join” -
Alternatively, this can be done via REST APIs, using a script that uses the Get Groups API to gather the existing groups and the Get Group Details API to identify if the value of “auto_join” set to “true” for the individual group.
Below is an example of such a script:
#!/bin/bash
# make sure to update the variables with an admin username {USER}, password {PASSWORD}, and the JFrog URL {JFROG-URL}.
USER=
PASSWORD=
JFROG-URL=
# Make the initial API call to get the list of groups
GROUPS_RESPONSE=$(curl -s -u "${USER}:${PASSWORD}" https://${JFROG-URL}/artifactory/api/security/groups)
# Extract group names using JQ and handle spaces
GROUP_NAMES=($(echo "$GROUPS_RESPONSE" | jq -r '.[].name' | tr -d ' '))
# Check if there are no groups
if [ ${#GROUP_NAMES[@]} -eq 0 ]; then
echo "No groups found."
exit 1
fi
# Array to store groups with auto join
AUTO_JOIN_GROUPS=()
# Iterate over each group and make a call to the specific group API
for GROUP_NAME in "${GROUP_NAMES[@]}"; do
GROUP_INFO=$(curl -s -u "${USER}:${PASSWORD}" "https://${JFROG-URL}/artifactory/api/security/groups/$GROUP_NAME")
# Extract the autoJoin value using jq
AUTO_JOIN=$(echo "$GROUP_INFO" | jq -r '.autoJoin')
# Print debugging information
echo "Group Name: $GROUP_NAME, Auto Join: $AUTO_JOIN"
# If autoJoin is true, add the group name to the array
if [ "$AUTO_JOIN" == "true" ]; then
AUTO_JOIN_GROUPS+=("$GROUP_NAME")
fi
done
# Print groups with auto join separated by commas
if [ ${#AUTO_JOIN_GROUPS[@]} -eq 0 ]; then
echo ""
echo "No groups found with auto join."
else
echo ""
IFS=',' # Set internal field separator to comma
echo "Groups with auto join: ${AUTO_JOIN_GROUPS[*]}"
IFS=' ' # Reset internal field separator
fi Example output -