Artifactory 1.3.0-beta-4
We are pleased to announce the availability of Artifactory 1.3.0-beta-4.
Major Features and Changes in this Release
- Improved#LDAP Support- support for multiple DNs, for non-anonymous binding against MS Active Directory and for sub-tree searches.
- Fixed a critical issue with deployment using the lightweight HTTP wagon (RTFACT-629).
- UI and performance improvements and the usual bug fixes.
Major Features and Changes in release 1.3.0-beta-3
- Group support with an intuitive powerful UI for groups management (see:).
- Improved permissions control for including/excluding specific repository paths (e.g. disallow certain users/groups from downloading sources). Simple management - no regexp gurus required (see:).
- Support for delete permission and for preventing users from overriding exiting artifacts.
- Revised repository tree browsing using tabs and effective permissions per item view (see:).
- Improved import speed by committing binary imports asynchronously.
- Improved#upgradeprocedure.
- Better transaction management using Spring Modules for JCR.
- Even faster in-place incremental backup.
- Low-level admin-only direct webdav access to the underlying jackrabbit repository (use:http://localhost:8081/artifactory/jcr/default/to connect).
- The usual bug fixes, stability and speed improvements.
The complete release notes are available here:http://issues.jfrog.org/jira/browse/RTFACT/fixforversion/10270
Artifactory 1.3.0-beta-4 is available for immediate downloadhere.
Enjoy
The Artifactory Team
Important Notes Before You Install
安装前请仔细阅读或upgrading:
- If you are running Artifactory under JDK 1.6 you MUST useJDK 1.6u4and above due to incompatibilities with older JAXB versions embedded in previous JDK 1.6 releases. JDK 1.5 users are not affected by this.
- If you have used a previous version of Artifactory it is recommended to clear your browser's cache before using this version.
- To use the new incremental backup feature, specify
under the backup configuration. This will cause backups to be written into a permanent "0 current
" directory in a format that can be used by any incremental file-system based backup utility (such as rsync). - The M2Eclipse indexing service runs by default on all repositories every round hour. The run interval can be controlled via the
artifactory.config.xml
file, and repositories can be excluded from being indexed (similar to the configuration of the backup service). - Artifactory now includes a convenience method for specifying system properties. Instead of having to configure properties in the runtime configuration of the hosting container, you can now edit the
$ARTIFACTORY_HOME/etc/artifactory.properties
file and restart the container. As this affects the whole container VM it is recommended to use this feature for specifying Artifactory related properties only (such as repository ids substitution, etc.). - Please note that not all documentation has been updated yet to reflect the latest changes in this beta release.
Below is important information that will make its way into the final Artifactory 1.3.0 documentation.
Installing
请参考Installingsection of the current user guide, which still applies.
LDAP Support
General
Besides its own users database, Artifactory also supports authenticating users against an LDAP server.
If LDAP is configured in Artifactory configuration file, Artifactory will first attempt to authenticate the user against the LDAP server. If the LDAP authentication fails, Artifactory will try to authenticate via the internal database.
For every LDAP authenticated user Artifactory creates new user in the internal database if that user doesn't exist.
配置
LDAP Configuration is placed under the security tag in artifactory.config.xml. For example:
<安全> < anonAccessEnabled >假< / anonAccessEnabled>ldap://127.0.0.1:389/dc=jfrog,dc=org uid={0},ou=People sAMAccountName={0} true cn=ReadOnlyUser,ou=People,dc=jfrog,dc=org password
地点:
- ldapUrl- Location of the ldap server in the form of: ldap://myserver:myport/dc=sampledomain,dc=com. It should include the base DN for searching and/or authenticating users.
- authenticationPatterns- A list of user DN patterns or search criteria used to find an authenticated user. Each authentication pattern element will be tried until a user is found and authenticated. If no user is found or authentication failed, a BadCredentials exception will be thrown.
- authenticationPattern- An authentication pattern can include either a userDnPattern for "direct" authentication or searchFilter for user "search" (after binding with a manager DN) and then authentication of the found user. ThemanagerDnandmanagerPasswordare not used for "direct" DN authentication.
- userDnPattern- A DN pattern that can used to directly login users to the LDAP database. This pattern is used for creating a DN string for "direct" user authentication, where the pattern is relative to the base DN in the ldapUrl. The pattern argument {0} will be replace with the username in runtime. This will work only if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory).
Example:uid={0},ou=People
- searchFilter- The filter expression used for searching a user. This is an LDAP search filter (as defined in 'RFC 2254'faqs.orgietf) with optional arguments. See the documentation for the
search
method ofjavax.naming.directory.DirContext
为更多的信息。将ca的搜索方法lled withsearchBaseasname
, a singlefilterArg
containing the username, afilterExpr
with thissearchFiltervalue and searchcons
affected by the value ofsearchSubTree. Authentication to LDAP will be done from the DN found.
Possible examples are:sAMAccountName={0
}, for use with Active Directory, oruid={0
}, for use with other LDAP servers. - searchBase- Context name to search in, relative to the base DN in the ldapUrl. This is parameter is optional.
- searchSubTree- Flag to enable deep search through the sub tree of the ldapUrl + searchBase. True by default.
- managerDn- Used only with "search" authentication method. It is the DN of the user who will bind to the LDAP server to perform the search.
- managerPassword- Used only with "search" authentication method. It is the password of the user who will bind to the LDAP server to perform the search.
Upgrading from 1.3.0-beta-3 to 1.3.0-beta-4
Shutdown Artifactory and replace the war. If you are on Tomcat make sure the remove thewebapps/artifactory
expanded folder as well.
Upgrading from 1.2.2-rc0 through 1.3.0-beta-2 to 1.3.0-beta-4
To upgrade from older versions you first need to dump the data from you old Artifactory into a 1.3 compatible format and then import it to the new Artifactory.
We expect that with 1.3.0 and above upgrading can be done directly on an exiting repository without the need to export it first.
Dumping the old version
Since Artifactory 1.3.0-beta-1, JFrog provides a command line tool:artdump
for dumping (previously:artifactoryExport
).
Theartdump
tool can be found inside thebin
artifactory-update-1.3.x.zip
archive, downloadable fromhere.
Important Information for Running the Dump
- By default cached repositories (e.g. repo1) arenot exported. To export cached repositories pass the
--caches
parameter. - You should shut down the old Artifactory before executing the export.
- It is recommended to work on a copy of the old
$ARTIFACTORY_HOME
folder (that, even though the export should be a read only process). - Running the update creates a
tmpExport
folder (if you did not specify a destination folder with--dest
option) under the current execution directory, where it exports all data from your old Artifactory. ThistmpExport
folder is next used to do a full system import to the new Artifactory.
Step by Step Instructions
Here are step by step instructions for running the full upgrade process:
- Stop the old Artifactory.
- Optional: Copy the
$ARTIFACTORY_HOME
folder to a new location. - If you created a copy and wish the old Artifactory to keep serving requests while performing the export, you can start it now.
- Execute the#artdumpon the old
$ARTIFACTORY_HOME
or on a copy of it, by runningartdump --home $ARTIFACTORY_HOME
. This will generate atmpExport
folder if you did not specify a destination folder with--dest
option. - Perform a new clean server installation of Artifactory 1.3. It should not contains repositories data or your specific Artifactory configuration xml file.
- Start Artifactory 1.3. Note: If in step 3 you chose to restart your old Artifactory and you installed the Artifactory 1.3 on the same machine, you will need to alter the listening port number inside
$ARTIFACTORY_HOME/etc/jetty.xml
. It is also highly recommended to use a different port in order to perform the upgrade on a "silent" instance that is not being hit by user requests in parallel. - The import can be done in 2 ways:
- Import with the
artadmin
command line (highly recommended):- Execute
#artadmin--username username --password password --import tmpExport
. Please note that theartadmin
tool needs to be run with JDK 1.6. - The
artadmin
output will display the progress of the import. NOTE: If theartadmin
process is killed the import will still run in Artifactory.
- Execute
- Import via the Web UI:
- Logon with admin/password and go to "Export & Import" page, then into the "Full System" panel.
- Enter the export directory into the "System zip file or directory" field and click the "Import" button.
- The import will run and may take some time to complete, depending on the size of your database.
- Import with the
- Once the import process completes successfully you can switch to using Artifactory 1.3. You can switch back the port number if you did so in step 6.
Important information about the import process
During the import binary artifacts are copied over into a working copy and are imported into Arifactory in by a background thread. This speeds up the import process dramatically and makes Artifactory ready for serving requests as soon as possible. The background import process will take some time to completes, depending on the size of your repository. During this time Artifactory might perform more slowly than usual, but it will still serve any artifact immediately. The log does provide visible information about the progress of this process.
Repeating the upgrade process
Should you wish to repeat the upgrade process from scratch, make sure to remove the
$ARTIFACTORY_HOME/data
folder from your new Artifactory installation before doing so.
artdump
command line usage:
artdump --help : displays this usage message --home [old Artifactory home] : mandatory - the home folder of the old Artifactory --dest [destination folder] : the destination folder for the new export files. Default value: tmpExport --version [version name] : the actual version of the old Artifactory if the Update Manager cannot find it --repo [repo names separated by ':'] : export only a specified list of repositories. Default value: all-non-cached --norepo : does not export the repositories, just convert config and security --convert : activate the Local and Virtual repository names conversion --noconvert : does not activate the Local and Virtual repository names conversion during a full export --security : only export the security file from DB, and set the norepo flag --caches : include cached repositories in the export (by default caches are not exported). If repo option is passed this option will be ignored The parameter --home is mandatory. The Artifactory version will be extracted from ${artifactory.home}/webapps/artifactory.war if present If the war file is not located there, please do one of the following: 1) Link or copy it into this location, or - 2) Pass one of the following version identifiers as second parameter: 1.2.2-rc0 1.2.2-rc1 1.2.2-rc2 1.2.2 1.2.5-rc0 1.2.5-rc1 1.2.5-rc2 1.2.5-rc3 1.2.5-rc4 1.2.5-rc5 1.2.5-rc6 1.2.5 1.2.5u1 1.3.0-beta-1 1.3.0-beta-2
- The
--home
parameter is the old$ARTIFACTORY_HOME
folder (the old Artifactory should not be running). If that folder also contains awebapps
subfolder with the old Artifactory war file, the update manager will automatically determine the old version from it. If the update manager cannot determine a valid version an error message will appear with a list of valid versions and you'd need to manually specify the version of your old Artifactory as a second parameter toartdump
.
artadmin
command line usage:
artadmin --info : Display general system information about Artifactory --import [import from path] : Activate full system import from a designated path --export [export to path] : Activate full system export to path --server [the server host or ip] : The remote Artifactory server IP or host name with optional port number. The default is localhost:8081 --ssl : Activate https instead of http. Default is false --timeout [timeout in seconds] : Set the timeout of the HTTP connection. --url [root url to rest api] : The root URL of the Artifactry REST API. The default is http://[servername]/artifactory/api --username [username] : Optional username to use when connecting to the remote Artifactory --password [password] : The users's clear text password --noMetadata : Exclude metadata information when importing/exporting --symlinks : Use symbolic links to the original import path file (no file copying) --syncImport : Import directly into Artifactory without using the background import process --bypassFiltering : Avoid using exiting repository filtering rules during the export process --createArchive : Zip the resulting folder after the export (slow) You need to specify one of the following parameters: --info, --import or --export
- When used with the
--symlinks
option the import, process can perform much faster (usually by a factor of 3-5). Note that when using this option your imported path effectively becomes an integral part of Artifactory and you should not move/remove it until the background import process has completed. This is indicated by the log message:Working copy commit done (0 files).