When using all external authentication methods, for example, SAML or LDAP, basic authentication will be disabled by default starting from Artifactrory version 7.104.0. This means that Basic authentication is disabled for both UI and REST API, and that all forms of automations, scripts, and plugins using basic authentication are also disabled.
We recommend to leave basic authentication disabled, in order to avoid double authentication with a less secure password-based method. However, if you need to continue using it, you can continue using it using the following method:
Go to Security > General and find the Basic Authentication section
Deselect the Disable Basic Authentication for JFrog Platform Internal Users checkbox
Before Disabling Basic Authentication
Before disabling, do the following to ensure the external users have the necessary permissions and prevent a system lockout:
Warning
If an external system admin is not configured before basic authentication is disabled, the system will be left without administrators. If this occurs and the system is locked out, contact JFrog Support for assistance.
Configure an external authentication method
Create a user group for the external users, and provide the users with Admin permissions
(Optional) Set one or more users with basic authentication permissions as a failsafe, so that the system will not be locked out
Disable the basic authentication method
Set Individual Basic Authentication Permissions
When disabling basic authentication, you can assign permissions to specific users in your environment to continue using basic authentication:
In the Administration tab, go to Security > General, and find the Basic Authentication section.
In the Internal users allowed to use basic authentication field, enter the users you would like to assign basic authentication permissions to from the drop-down menu
Click Save.
Re-enable Basic Authentication
If you have disabled basic authentication without enabling an external authentication method and were blocked from using the platform, you can take these steps:
For Cloud users, contact JFrog Support for assistance
For Self-Hosted users, use the following workaround:
To re-enable basic authentication:
Go to the YAML file
/opt/jfrog/artifactory/var/etc/access/access.config.latest.yml
and find this section:security: authentication: basic-authentication-enabled: false
Copy the file with the new name
access.config.import.yml
:cp access.config.latest.yml access.config.import.yml
Edit this new
access.config.import.yml
file and set thebasic-authentication-enabled
parameter to true:security: authentication: basic-authentication-enabled: true
Restart Artifactory.