SBT proxy repository authentication - authentication

I'm trying to use an Artifactory server as proxy for the resolution of java/scala artifacts.
I'm referring to this documentation, where the suggestion is to put the following lines in ~/.sbt/repositories:
[repositories]
local
my-ivy-proxy-releases: http://repo.company.com/ivy-releases/, [organization]/[module]/(scala_[scalaVersion]/)(sbt_[sbtVersion]/)[revision]/[type]s/[artifact](-[classifier]).[ext]
my-maven-proxy-releases: http://repo.company.com/maven-releases/
Unfortunaely there's no mention on where I should put my authentication credentials, and
Any clue?

In the buid.sbt put the following:
credentials += Credentials("Artifactory Realm", "artifacts.schibsted.io", "username", "password")
The Artifactory Realm string is required as it is.

Related

Unable to login to keycloak using master realm credentials

I am using keycloak operator to install keycloak and i have configured keycloak to use external database (RDS instance). ==> (externalDatabase: true)
The keycloak instances are up and running without any issues.
When i tried to login to the keycloak UI with master realm credentials it is telling that the credentials are invalid, though the credentials are correct.
I am getting the credentials using the following command.
kubectl get secret credential-test -o go-template='{{range $k,$v := .data}}{{printf "%s: " $k}}{{if not $v}}{{$v}}{{else}}{{$v | base64decode}}{{end}}{{"\n"}}{{end}}'
The following is the log from the instance.
07:40:48,172 WARN [org.keycloak.events] (default task-1) type=LOGIN_ERROR, realmId=master, clientId=security-admin-console, userId=566f4e3e-c0f1-4304-bca2-686321d88b87, ipAddress=10.242.3.61, error=invalid_user_credentials, auth_method=openid-connect, auth_type=code, redirect_uri=https://test123.net/auth/admin/master/console/, code_id=5561bc9e-e2b9-41e3-836d-37add6e74c1c, username=admin, authSessionParentId=5561bc9e-e2b9-41e3-836d-37add6e74c1c, authSessionTabId=Oq-orhggRE4
Any advice or suggestion is highly appreciated.
I had this, or a similar issue as well when setting up the operator.
It appears that the external database that supposedly stores the admin username and password isn't updated when a new secret is generated if, say, the CRD for the Keycloak instance is deleted along with the secret. The steps I went through to fix it was to:
Delete the CRD.
Delete the database.
Recreate the database.
Recreate the CRD.
That way, the database should have no reason to accept the new credentials.
There is probably a better solution. But I could not find it in the docs so far.

Rally APIKEY with single sign using Pyral

Using Rally APIKEY in a single sign on environment with a proxy throws error that it can not reach rally1.rallydev.com-
Tried setting HTTPS_PROXY As well, No result.
I can reach from browser and it auto signs me up via single signon.
Did anyone try apikey authorization in single sign on proxy environment using pyral, if so can u please share how u did it?—-thank you
Having as similar issue:
rally = Rally(server=server, apikey=apikey, workspace=workspace, project=project)
pyral.context.RallyRESTAPIError: SSL certificate verification failed
my organization is not ready to give the proxy server details any other work around for the issue.
sorry was not able to add a comment so posting as answer.

SonarLint in IntelliJ works with username and password but not with token

I configure the Server in IntelliJ like this:
Name: xsonar
Server URL: https://sonar.xyz.com/
Organization:
Auth Type: Token
Token: my-on-sonar-created-token
Not using proxy
It says for the test connection:
Error testing connection: Not authorized. Please check server credentials.
However, if I use identical configuration but with my sonar login and password it works perfectly.
The documentation doesn't say anything about this: http://www.sonarlint.org/intellij/
And I didn't find similar issues.
The version of my SonarQube is 6.2.
How dangerous is it to use password and username instead of token?
We had a reversed proxy sitting in between which wouldn't let the request through using our normal proxy. So far I haven't found a good solution to work around the reversed proxy.

Unable to create a branch in subversion using TortoiseSVN

Unable to create a branch in subversion using TortoiseSVN.
I get the following error message:
SVN authorization failed: could not authenticate to proxy server: ignored basic challenge, GSSAPI authentication error
Source URL:
"http://svn.lsc.co.uk/svn/projects/CWE/CWEConfig/trunk"
Traget URL:
"http://svn.lsc.co.uk/svn/projects/CWE/CWEConfig/branches/12c"
TortoiseSVN was not passing my credentials to proxy server, hence the request was being blocked there. Supplying credentials in Network > Proxy Settings resolved the issue.
Make sure You have the read/write access for Both trunk and Branch location.

omniauth-saml as provider in gitlab

I'm trying to get omniauth-saml configured, but I'm not entirely sure what I need to put in app_id and app_secret for this configuration.
I'm using this gem: https://github.com/PracticallyGreen/omniauth-saml
If I leave those fields blank, of course I get:
Received wrong number of arguments. [nil, nil]
The documentation within the gitlab.yml file links to more documentation about gitlab and omniauth, but that document no longer exists (redirects to old README).
Any assistance would be appreciated, thanks!
https://github.com/gitlabhq/gitlab-public-wiki/wiki/Working-Custom-Omniauth-Provider-Configurations#working-cas-configuration
The working CAS configuration shows you how you skip using the standard configuration and just pass the options directly to the provider using devise.rb. That's how I would configure omniauth-saml as well.
I was able to get SAML working with Gitlab 6.2.4, but it is not the most elegant solution. I am using Okta as the IdP, but I believe the configuration is sufficiently generic and could be applied to any SAML IdP.
Added omniauth-saml to the Gemfile and ran bundle
bundle install --without development test postgres --path vendor/bundle --no-deployment
Created GITLAB/config/initializers/omniauth.rb
Devise.setup do |config|
config.omniauth :saml,
idp_cert_fingerprint: "your IdP certificate fingerprint",
idp_sso_target_url: "your IdP SAML end point"
end
Modified GITLAB/app/controllers/omniauth_callbacks_controller.rb (added this following the definition for ldap)
def saml
handle_omniauth
end
I had to manually add the callback for SAML as I was getting the same error as the original poster when I tried to properly define SAML as a provider in gitlab.yml. This is the only way I could get Gitlab to start and authenticate via SAML. This feels very hacky, so there is probably a more elegant way to implement this; however, I could not find an example anywhere.
https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations#working-saml-configuration
I managed to get it to work, so I documented the procedure on the GitLab wiki.
EDIT: It seems like SAML is now supported officially. No Single Logout yet, though… This seems to be an omniauth limitation.