We have a local Artifactory Pro server that serves nuget packages and uses LDAP to authenticate all users. Using the Artifactory-NuGet from cmdline works perfectly, but when trying to use the package manager from Visual Studio, authentication fails.
What I noticed is that Visual Studio tries to add a domain prefix after the first failed authentication attempt: Trying to login as 'user' fails, and then the login authentication windows contains 'DOMAIN\user' as username.
I am not sure if the source of the problem is within Visual Studio or within Artifactory. I noticed that the web access to Artifactory does not accept usernames in the form "DOMAIN\user", even though I feel it should.
So my question is: How do I authenticate to an LDAP-backed, Artifactory-provided authenticated NuGet server from within Visual Studio?
Using the Artifactory-NuGet from cmdline works perfectly, but when trying to use the package manager from Visual Studio, authentication fails.
You can override the default behavior by setting the Force Authentication checkbox in the New or Edit Repository dialog. When set, Artifactory will first request authentication parameters from the NuGet client before trying to access this repository. For .NET and Visual Studio Users: Announcement on Changes to Microsoft’s NuGet V3 API.
Thank you. The NuGet Visual Studio Extension 3.6+ supports credential providers, which enable NuGet to work with authenticated feeds. After you install a NuGet credential provider for Visual Studio, the NuGet Visual Studio extension will automatically acquire and refresh credentials for authenticated feeds as necessary.
NuGet clients' authentication extensibility For the various NuGet clients, the private feed provider itself is responsible for authentication. All NuGet clients have extensibility methods to support this. These are either a Visual Studio extension or a plugin that can communicate with NuGet to retrieve credentials.
Make sure that you've typed your username (LDAP username) and your encrypted password, the one you can get through the artifactory webapp
I have the same issue, but i am able to dowload via a browser of the NuGet command line.
I looked at the different traffic with fiddler, and it appears the VS is not adding the security token following the authentication. When i download with a browser the traffic shows an additional cookie following the authentication, which is not present in the VS request.
Browser
Request = https://server/repo/artifact.pkg
Responce = 401 not authrised
{user prompted for username and password}
Request = http TUNNEL encryped basic login
Responce = 200 encrypted security token
Request = https://server/repo/artifact.pkg + security token
Responce = 200 the pkg file
Visual studio
Request = https://server/repo/$metadata
Responce = 401 not authrised
{user prompted for username and password}
Request = http TUNNEL encryped basic login
Responce = 200 encrypted security token
Request = https://server/repo/$metadata + security token
Responce = 200 <edmx> list of artifacts
Request = https://server/repo/artifact.pkg
Responce = 401 not authrised
{user prompted for username and password}
Request = http TUNNEL encryped basic login
Responce = 200 encrypted security token
Request = https://server/repo/artifact.pkg
Responce = 301 its moved to "https://server/repo/artifact.pkg"
looks like VS is broken and the cookie is not being stored and sent in the subsequent request. Its probabley using the very horrible Browser component in windows forms, and not retaining the cookie container between request. Might want to report to MS.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With