Why does my maven builds are failing with a ‘404’ error when ‘Hide Existence Of Unauthorized Resources’ is enabled?

Subject

Why does my Maven builds are failing with a '404' error when 'Hide Existence Of Unauthorized Resources' is enabled?

Description

By default, Maven support preemptive authentication, meaning that the client first sends an unauthenticated request and only when the server responds with a 401 (since the resource requires authentication), Maven then sends an authenticated request. When the 'Hide Existence of Unauthorized Resources' feature is enabled in Artifactory, the Maven client is getting a 404 response from Artifactory after the initial unauthenticated request instead of a 401 (due to the hidden resource). Once the 404 response is being returned to the Maven client, the expected authenticated request fails.

Resolution

There are two ways to overcome this behavior:

1. Disable this feature via the UI. Hit the Admin tab > Security > Security Configuration
2. Just configure your Maven client to send preemptive authentication by adding credentials to your settings.xml file, for example:

<server>
     <username>*****</username>
     <password>*****</password>
     <id>central</id>
     <configuration>
       <httpConfiguration>
         <all>
           <usePreemptive>true</usePreemptive>
         </all>
       </httpConfiguration>
     </configuration>
 </server>