Unable to deploy artifact using encrypted password with LDAP enabled

Question

We are using Artifactory Version 4.7.0. I have configured LDAP for Artifactory and i am able to login successfully. When i am trying to use encrypted password for deploying artifacts, it's not working. In Artifacts tab, i clicked on "Set Me Up" and generated Maven settings after entering my credentials. I then downloaded the settings.xml file which had the following content:

<?xml version="1.0" encoding="UTF-8"?>
<settings xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd" xmlns="http://maven.apache.org/SETTINGS/1.1.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <servers>
    <server>
      <username>${security.getCurrentUsername()}</username>
      <password>${security.getEscapedEncryptedPassword()!"*** Insert encrypted password here ***"}</password>
      <id>central</id>
    </server>
    <server>
      <username>${security.getCurrentUsername()}</username>
      <password>${security.getEscapedEncryptedPassword()!"*** Insert encrypted password here ***"}</password>
      <id>snapshots</id>
    </server>
  </servers>
  <profiles>
    <profile>
      <repositories>
        <repository>
          <snapshots>
            <enabled>false</enabled>
          </snapshots>
          <id>central</id>
          <name>libs-release</name>
          <url>http://artifactory:9090/libs-release</url>
        </repository>
        <repository>
          <snapshots />
          <id>snapshots</id>
          <name>libs-snapshot</name>
          <url>http://artifactory:9090/libs-snapshot</url>
        </repository>
      </repositories>
      <pluginRepositories>
        <pluginRepository>
          <snapshots>
            <enabled>false</enabled>
          </snapshots>
          <id>central</id>
          <name>plugins-release</name>
          <url>http://artifactory:9090/plugins-release</url>
        </pluginRepository>
        <pluginRepository>
          <snapshots />
          <id>snapshots</id>
          <name>plugins-snapshot</name>
          <url>http://artifactory:9090/plugins-snapshot</url>
        </pluginRepository>
      </pluginRepositories>
      <id>artifactory</id>
    </profile>
  </profiles>
  <activeProfiles>
    <activeProfile>artifactory</activeProfile>
  </activeProfiles>
</settings>

Then i went to my profile, entered password and copied the Encrypted Password as shown below:

I copied this password in my settings.xml as shown below:

    <server>
      <username>${security.getCurrentUsername()}</username>
      <password>${security.getEscapedEncryptedPassword()!"AP6FcvsVawZhcfEdZB2PCTrCUZa"}</password>
      <id>central</id>
    </server>
    <server>
      <username>${security.getCurrentUsername()}</username>  
      <password>${security.getEscapedEncryptedPassword()!"AP6FcvsVawZhcfEdZB2PCTrCUZa"}</password>
      <id>snapshots</id>
    </server>

and then when i tried deploying an artifact, i get the following error:

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy (default-deploy) on project more-maven-examples: Failed to deploy artifac
ts: Could not transfer artifact com.infiniteskills.maven:more-maven-examples:jar:1.0 from/to central (http://artifactory:9090/libs-release-local):
Failed to transfer file: http://artifactory:9090/libs-release-local/com/infiniteskills/maven/more-maven-examples/1.0/more-maven-examples-1.0.jar. R
eturn code is: 401, ReasonPhrase: Unauthorized. -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.

Entry in request.log file for the failed attempt:

20160525143037|9526|REQUEST|10.20.55.124|non_authenticated_user|PUT|/libs-release-local/com/infiniteskills/maven/more-maven-examples/1.0/more-maven-examples-1.0.jar|HTTP/1.1|401|2981
20160525143037|2|REQUEST|10.20.55.124|non_authenticated_user|PUT|/libs-release-local/com/infiniteskills/maven/more-maven-examples/1.0/more-maven-examples-1.0.pom|HTTP/1.1|401|1235

In Security > General > Password Encryption Policy is set to SUPPORTED. Also, Passwords Encryption is set to encrypted.

Surprisingly, when i hard-code my name and LDAP password in the settings.xml file in the same <server> block, it works fine.

Am i doing something wrong or is it a bug?

Answer 1

Replace the entire line with your credentials

<username>actual-username-here</username>  
<password>your-encrypted-password-here</password>

Tried it now. works a treat.

Answer 2

You <password/> section should be something like:

<password>{COQLCE6DU6GtcS5P=}</password>

Have a look at the Maven Encryption Guide.