Authentication against artifactory

we use gradle to build our projects and use JFrog Artifactory as jar cache an for the build results.

For security reasons we have anonymous access disabled on some local stored jars in Artifactory.
Remote an local repositories are summarized in a virtual repo on Artifactory.
In the artifactory log we see the rejected requests even though the credentials are stored in the gradel config.


#Artifactory properties

artifactory request log

access free:


access only with authentication:


It looks like there is no authentication against artifactory to login for that requests.

When i access the files via browser i got an authentication dialog.

Is this a bug, or I have something misconfigured?


Are you using the Artifactory plugin? In any case, I don’t believe it reads credentials from You’ll have to configure this using the DSL, or at least refer to these properties in your build script.

yes we use the Artifactory plugin in our central Atlassian Bamboo system (only to upload the results, the build process is an gradlew system call),
but we also use gradlew on our local dev systems an the problem is also there.

just for clarification, of course we make use of the
gradle.proerties by means oft the Gradle DSL, i.e.

allprojects { /*....*/ 
   repositories {
        maven {
            credentials {
                username artifactory_user
                password artifactory_password
            url    System.getProperty('ARTIFACTORY_CONTEXT_URL',artifactory_contextUrl)

If the properties won’t be taken into account, we won’t
see an access to the artifactory server at all. It seems to be, that anonymous
access takes precedence over authenticated access and that access failures
during an anonymous access cause to abort the retrieval. Please could someone
double-check whether this could be an issue.

If you configure credentials we will attempt to authenticate when challenged. If you are getting a 403 that usually means you are authenticated, but don’t have the correct permissions. You can potentially use --debug to troubleshoot what is going on on the Gradle side. You should be able to confirm that we are indeed sending credentials.