Repository Browsing

Artifactory supports two modes to browse repositories: Tree browsing and virtual repositories browsing.

Tree Browsing

Tree browsing presents a list of repositories - first local and then remote caches, letting the user view the content of each physically managed repository. Several operations, such as viewing POM content, directly downloading artifacts, removing artifact etc. can be performed by right clicking a folder or an artifact (subject to permissions).

A dotted folder indicates that empty folders were auto-compacted to avoid tedious drill down through a chain of empty folders. The folder name is composed of the empty folder names separated by slash ('/').

Virtual Repositories

The virtual repositories view exposes a unified view of artifacts arranged in defined virtual repositories. This is similar to the way clients, such as Maven, see artifacts when the repository URL used is a virtual repository one.
After selecting a virtual repository link you can drill down into its content. On the right-hand side is a list of the physical repositories containing the artifact or folder. Clicking on the right-hand repository links will navigate directly into a lightweight view of the target physical repository (you can use also use the same browser URL to navigate the physical repository directly).

Virtual repositories provide a read-only view over an aggregation of physical repositories. You cannot use a virtual repository URL as a deployment destination - for that, you have to use a physical repository URL.

Artifacts Deployment

Artifacts can be deployed into Artifactory's local repositories. This can be done either via a web interface or a command line client.

UI-based Deployment

One of Artifactory's unique features is the ability to deploy artifacts via a web UI form. This saves a lot of hassle having to do with manually crafting deploy commands. Artifactory also tries to make smart guesses about the desired deployment attributes, using the name of the artifact and embedded metadata inside uploaded artifacts. It will even suggest creating a default POM file if non already exists in the target repository. Of course all values can be manually overridden.

CLI Deployment

Command line deployment is done the same way deployment is done in Maven using the deploy plugin and a target repository URL.
You can use the maven deploy plugin directly, for example:

mvn deploy:deploy-file -DrepositoryId=snapshots \
                    -Durl=http://localhost:8080/artifactory/libs-snapshots \
                    -DgroupId=test -DartifactId=test -Dversion=1.0-SNAPSHOT -Dpackaging=jar \
                    -Dfile=test.jar

The repositoryId snapshots should be a server id declared in Maven's settings.xml. You will receive a 401 error unless there are valid username/password provided for deploying into the repository in your settings:

<servers>
    <server>
        <id>snapshots</id>
        <username>myUsername</username>
        <password>myPassword</password>
    </server>
</servers>

Using the WebDAV Wagon

It is recommended to use the WebDAV wagon instead of the default lightweight HTTP wagon, especially when needing to deploy very large artifacts. For that, you need to configure the dav wagon in your POM and run the above command in the same directory of the POM without the url parameter.

<?xml version="1.0"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
         http://maven.apache.org/maven-v4_0_0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>org.artifactory.deploy-test</groupId>
    <artifactId>aye</artifactId>
    <version>1.0-SNAPSHOT</version>
    <packaging>jar</packaging>

    <distributionManagement>
        <repository>
            <id>snapshots</id>
            <url>dav:http://localhost:8080/artifactory/libs-snapshots</url>
        </repository>
    </distributionManagement>

    <build>
        <extensions>
            <extension>
                <groupId>org.apache.maven.wagon</groupId>
                <artifactId>wagon-webdav</artifactId>
                <version>1.0-beta-2</version>
            </extension>
        </extensions>
    </build>
</project>

Searching for Artifacts

Artifactory support extremely fast artifacts search.

You can directly download an artifact by clicking the link on its row in the search results or view its POM by clicking the rest of the displayed row data.

Security

Logging-in

Every new instance of Artifactory is pre-configured with a single global admin account with username/password of admin/password. It is highly recommended to change this as soon as you start using Artifactory.
FYI, all passwords stored in Artifactory are MD5 encrypted.

Access Control

Since version 1.2.1 of Artifactory, a new improved security model is used. The new model allows for setting permissions on targets that are a combination of a repository and a path prefix inside a repository.

The following permission-targets samples should make this concept clearer:

The roles of admins, deployers and readers are still applicable for this new type of permission-targets.
The admin role is fully functional for one is an admin of.

For each permission-target you can assign users to 3 types of roles:

1. Deployers - can deploy/remove (undeploy) artifacts.
2. Viewers - can download artifacts (simple browsing is still enabled for anyone), unless a repository has the <anonDownloadsAllowed> flag set to true (the default), then anyone can download regardless of whether or not he is a viewer.
3. Admins - can set permissions to other users inside the permission-target.

About Deployment and Remote Repository Caches When granting a user a deployer role on a cached repository it is important to understand the meaning of it. Deployment into caches is different than regular deployment into local repositories - it basically implies ability to store cached remote artifacts. This can only be done by triggering a request to such remote artifact that will be downloaded and eventually deployed/stored into the cache. If anonymous downloads are disabled only users that have the deployer role on a remote repository can trigger a request-download-deploy/store sequence into the that repository's cache. Other users can only download already cached artifacts. When anonymous downloads are enabled, every user can trigger storage of remote artifacts into the cache.

Global Admins

A defined user can either be a simple user or an "admin" user (similar to a root user). When a user is defined as an admin he automatically has all 3 roles for any repository or path.

Repositories Import/Export

The Import/Export feature enables dumping and loading of local repositories to and from a standard Maven 2 file-based repository layout: groupId/artifactId/version/artifactId-version-classifier.type.

Using the Import/Export feature you can create multiples trees of artifacts (ext-releases, plugins-releases, libs-releases, ...) with exactly what you need (POM, jars, ear, zip, classifier, ...) and then import each tree into a specific local repository.

It is not recommended to bulk import artifacts from Maven's user local repository, since these repositories contain different metadata than deployment repositories. If, however, you attempt to make such an import, make sure to remove any local metadata files (such as maven-metadata-*.xml) first. Nevertheless, It is strongly advised to import only file systems coming from deployment repositories.

Overcoming Path Errors

The following (or similar) error indicates POM/path consistency problems:
"Failed to import 'z/y/z' into 'repox'. Cause: The target deployment path 'x/y/z/1/p.pom' does not match the POM's expected path prefix 'x/y/z/2'. Please validate your POM's correctness and make sure the source path is a valid Maven 2 repository root. Some artifacts might have been incorrectly imported - please remove them manually.".

Artifactory tries to protect the repository from hosting broken artifacts and stops the import process. Although not recommended, you can prevent the import from stopping on consistency errors by running artifactory with the -Dartifactory.maven.suppressPomConsistencyChecks=true system property. This will suppress POM consistency checks. Error messages on broken artifacts will be written to the Artifactory's log, and you'd have to watch for them and manually remove the bad imports reported.

You can always re-import over your existing, previously imported, repositories data. This will merge the existing and imported content, overriding exiting artifacts with imported ones.

Full System Import/Export

You can export the whole Artifactory data (not just repositories content, but also security settings and other metadata) into a single archive. If you are familiar with the export feature of products such as Atlassian JIRA, you may already appreciate the usefulness of this feature. It is extremely convenient for moving Artifactory between machines and for performing seamless version upgrades.
The format exported is identical to the format created by the backup, so you can import any Artifactory backup archive to reconstruct the Artifactory instance at the time of backup.

Depending on the size of your repositories, importing and exporting may take time, so unless you have a good reason to think something is wrong (e.g. the process stopped consuming CPU), just let it run until you receive a status report on the page. Since importing will wipe everything inside Artifactory and replace it with the imported data, it is extremely important to backup Artifactory before running an import.

Remote Interfaces

WebDAV

Artifactory can be accessed using the WebDAV protocol and can be used by any remote WebDAV client.
At the moment, the following WebDAV methods are supported: OPTIONS, GET, PROPFIND, PUT, MCKOL and DELETE.