I got the token ,but finally still
{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":[{"Type":"registry","Class":"","Name":"catalog","Action":"*"}]}]}
root@ygt:/# curl -v -k -u "admin:Harbor12345" https://harbor.ygt.cn/v2/_catalog
* Trying 192.168.200.222...
* Connected to harbor.ygt.cn (192.168.200.222) port 443 (#0)
* found 131 certificates in /etc/ssl/certs/ca-certificates.crt
* found 529 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384
* server certificate verification SKIPPED
* server certificate status verification SKIPPED
* common name: harbor.ygt.cn (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #1
* subject: C=CN,L=wuhan,O=ygt,CN=harbor.ygt.cn
* start date: Sat, 27 Oct 2018 00:38:21 GMT
* expire date: Sun, 27 Oct 2019 00:38:21 GMT
* issuer: C=CN,L=beijing,O=ygt,CN=harbor-registry
* compression: NULL
* ALPN, server did not agree to a protocol
* Server auth using Basic with user 'admin'
> GET /v2/_catalog HTTP/1.1
> Host: harbor.ygt.cn
> Authorization: Basic YWRtaW46SGFyYm9yMTIzNDU=
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Server: nginx/1.11.5
< Date: Sat, 27 Oct 2018 17:01:07 GMT
< Content-Type: application/json; charset=utf-8
< Content-Length: 145
< Connection: keep-alive
< Docker-Distribution-Api-Version: registry/2.0
< Www-Authenticate: Bearer realm="https://harbor.ygt.cn/service/token",service="harbor-registry",scope="registry:catalog:*"
<
{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":[{"Type":"registry","Class":"","Name":"catalog","Action":"*"}]}]}
* Connection #0 to host harbor.ygt.cn left intact
root@ygt:/# curl -v -k -u "admin:Harbor12345" https://harbor.ygt.cn/service/token?service=harbor-registry&scope=registry:catalog:*
[1] 16106
root@ygt:/# * Trying 192.168.200.222...
* Connected to harbor.ygt.cn (192.168.200.222) port 443 (#0)
* found 131 certificates in /etc/ssl/certs/ca-certificates.crt
* found 529 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384
* server certificate verification SKIPPED
* server certificate status verification SKIPPED
* common name: harbor.ygt.cn (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #1
* subject: C=CN,L=wuhan,O=ygt,CN=harbor.ygt.cn
* start date: Sat, 27 Oct 2018 00:38:21 GMT
* expire date: Sun, 27 Oct 2019 00:38:21 GMT
* issuer: C=CN,L=beijing,O=ygt,CN=harbor-registry
* compression: NULL
* ALPN, server did not agree to a protocol
* Server auth using Basic with user 'admin'
> GET /service/token?service=harbor-registry HTTP/1.1
> Host: harbor.ygt.cn
> Authorization: Basic YWRtaW46SGFyYm9yMTIzNDU=
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.11.5
< Date: Sat, 27 Oct 2018 17:02:47 GMT
< Content-Type: application/json; charset=utf-8
< Content-Length: 1100
< Connection: keep-alive
< Set-Cookie: beegosessionID=defb8fdb65e7a057242ed5ddc66cd02a; Path=/; HttpOnly
<
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlVOTVg6WlVFRTpHSzJKOlRPWVI6SVY0VjpMQTVROkFPQVM6MkRQUzpKM1RNOklXUjY6N1A2VzpHTzNCIn0.eyJpc3MiOiJoYXJib3ItdG9rZW4taXNzdWVyIiwic3ViIjoiYWRtaW4iLCJhdWQiOiJoYXJib3ItcmVnaXN0cnkiLCJleHAiOjE1NDA2NjE1NjcsIm5iZiI6MTU0MDY1OTc2NywiaWF0IjoxNTQwNjU5NzY3LCJqdGkiOiIxWDVFS3RsVTdINkt5QTdrIiwiYWNjZXNzIjpudWxsfQ.ddFFpApLAPrD4Nb_ZEd3sjpPJf73UaTJEG0irC3FkFHdGuljUVej9CeZE_gAsXe6gCSXV9uz6PPoproKUSeS3ZNd15FtY0SReQrp22UJNhTOrdaykt75v13qLU8FTDi3kYjrsIUHdbtqk3wPE9wGyZYJf_2ZXmgg_Vp43fsmc4RmZI7GAHfgux2d3Sip3ZGtcx7uWH8QHnn4xxA-zHeT8sY-WBpbSRIhrh2htU4l0hpufKaVWmXPpJx_-3KcSkRl44G5jqLmRZL2YCM2nWuVURR93YUJaiQcAwPAB_QWxR8nAYQ8JatUddZbC54ku1AcmFnB2lzbrojENGM6nt6dXmkN_bX3VawRWlfvrEpbYWUp0rUcfRyIejT4jWo2-ZUIce3lZ6sxv4wFp-mS2hwuIX5qOYZLDzo9GYwA2F4ZBj6AlmwH3G63MRielu5us9A9f-Fw2_omKFMzBVLpIQoMEm7kR7y0gPQDt33ZdToLoSwVpwQpO-hz04QWtdIjfyPCBLCfAwPfRLJscE6Z2oHabjCH_htmPJynASYYwRYpIkUoNdrHUrIravllDLXieEPgaXRZ97LRxJ7OaazIywSSmRi7EkvJpNwR9gbPWgorEnWwQgHAd_WUBSdkoVAjkXIGuK9_07_UodWTe67R-RJX-gXnm1xAo1nwLA9h6vHBUrQ",
"expires_in": 1800,
"issued_at": "2018-10-27T17:02:47Z"
* Connection #0 to host harbor.ygt.cn left intact
}
[1]+ 已完成 curl -v -k -u "admin:Harbor12345" https://harbor.ygt.cn/service/token?service=harbor-registry
root@ygt:/#
``` bash
root@ygt:/# curl -v -k -u "admin:Harbor12345" -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlVOTVg6WlVFRTpHSzJKOlRPWVI6SVY0VjpMQTVROkFPQVM6MkRQUzpKM1RNOklXUjY6N1A2VzpHTzNCIn0.eyJpc3MiOiJoYXJib3ItdG9rZW4taXNzdWVyIiwic3ViIjoiYWRtaW4iLCJhdWQiOiJoYXJib3ItcmVnaXN0cnkiLCJleHAiOjE1NDA2NjE1NjcsIm5iZiI6MTU0MDY1OTc2NywiaWF0IjoxNTQwNjU5NzY3LCJqdGkiOiIxWDVFS3RsVTdINkt5QTdrIiwiYWNjZXNzIjpudWxsfQ.ddFFpApLAPrD4Nb_ZEd3sjpPJf73UaTJEG0irC3FkFHdGuljUVej9CeZE_gAsXe6gCSXV9uz6PPoproKUSeS3ZNd15FtY0SReQrp22UJNhTOrdaykt75v13qLU8FTDi3kYjrsIUHdbtqk3wPE9wGyZYJf_2ZXmgg_Vp43fsmc4RmZI7GAHfgux2d3Sip3ZGtcx7uWH8QHnn4xxA-zHeT8sY-WBpbSRIhrh2htU4l0hpufKaVWmXPpJx_-3KcSkRl44G5jqLmRZL2YCM2nWuVURR93YUJaiQcAwPAB_QWxR8nAYQ8JatUddZbC54ku1AcmFnB2lzbrojENGM6nt6dXmkN_bX3VawRWlfvrEpbYWUp0rUcfRyIejT4jWo2-ZUIce3lZ6sxv4wFp-mS2hwuIX5qOYZLDzo9GYwA2F4ZBj6AlmwH3G63MRielu5us9A9f-Fw2_omKFMzBVLpIQoMEm7kR7y0gPQDt33ZdToLoSwVpwQpO-hz04QWtdIjfyPCBLCfAwPfRLJscE6Z2oHabjCH_htmPJynASYYwRYpIkUoNdrHUrIravllDLXieEPgaXRZ97LRxJ7OaazIywSSmRi7EkvJpNwR9gbPWgorEnWwQgHAd_WUBSdkoVAjkXIGuK9_07_UodWTe67R-RJX-gXnm1xAo1nwLA9h6vHBUrQ" https://harbor.ygt.cn/v2/_catalog
- Trying 192.168.200.222...
- Connected to harbor.ygt.cn (192.168.200.222) port 443 (#0)
- found 131 certificates in /etc/ssl/certs/ca-certificates.crt
- found 529 certificates in /etc/ssl/certs
- ALPN, offering http/1.1
- SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384
- server certificate verification SKIPPED
- server certificate status verification SKIPPED
- common name: harbor.ygt.cn (matched)
- server certificate expiration date OK
- server certificate activation date OK
- certificate public key: RSA
- certificate version: #1
- subject: C=CN,L=wuhan,O=ygt,CN=harbor.ygt.cn
- start date: Sat, 27 Oct 2018 00:38:21 GMT
- expire date: Sun, 27 Oct 2019 00:38:21 GMT
- issuer: C=CN,L=beijing,O=ygt,CN=harbor-registry
- compression: NULL
- ALPN, server did not agree to a protocol
GET /v2/_catalog HTTP/1.1
Host: harbor.ygt.cn
User-Agent: curl/7.47.0
Accept: /
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlVOTVg6WlVFRTpHSzJKOlRPWVI6SVY0VjpMQTVROkFPQVM6MkRQUzpKM1RNOklXUjY6N1A2VzpHTzNCIn0.eyJpc3MiOiJoYXJib3ItdG9rZW4taXNzdWVyIiwic3ViIjoiYWRtaW4iLCJhdWQiOiJoYXJib3ItcmVnaXN0cnkiLCJleHAiOjE1NDA2NjE1NjcsIm5iZiI6MTU0MDY1OTc2NywiaWF0IjoxNTQwNjU5NzY3LCJqdGkiOiIxWDVFS3RsVTdINkt5QTdrIiwiYWNjZXNzIjpudWxsfQ.ddFFpApLAPrD4Nb_ZEd3sjpPJf73UaTJEG0irC3FkFHdGuljUVej9CeZE_gAsXe6gCSXV9uz6PPoproKUSeS3ZNd15FtY0SReQrp22UJNhTOrdaykt75v13qLU8FTDi3kYjrsIUHdbtqk3wPE9wGyZYJf_2ZXmgg_Vp43fsmc4RmZI7GAHfgux2d3Sip3ZGtcx7uWH8QHnn4xxA-zHeT8sY-WBpbSRIhrh2htU4l0hpufKaVWmXPpJx_-3KcSkRl44G5jqLmRZL2YCM2nWuVURR93YUJaiQcAwPAB_QWxR8nAYQ8JatUddZbC54ku1AcmFnB2lzbrojENGM6nt6dXmkN_bX3VawRWlfvrEpbYWUp0rUcfRyIejT4jWo2-ZUIce3lZ6sxv4wFp-mS2hwuIX5qOYZLDzo9GYwA2F4ZBj6AlmwH3G63MRielu5us9A9f-Fw2_omKFMzBVLpIQoMEm7kR7y0gPQDt33ZdToLoSwVpwQpO-hz04QWtdIjfyPCBLCfAwPfRLJscE6Z2oHabjCH_htmPJynASYYwRYpIkUoNdrHUrIravllDLXieEPgaXRZ97LRxJ7OaazIywSSmRi7EkvJpNwR9gbPWgorEnWwQgHAd_WUBSdkoVAjkXIGuK9_07_UodWTe67R-RJX-gXnm1xAo1nwLA9h6vHBUrQ< HTTP/1.1 401 Unauthorized
< Server: nginx/1.11.5
< Date: Sat, 27 Oct 2018 17:04:07 GMT
< Content-Type: application/json; charset=utf-8
< Content-Length: 145
< Connection: keep-alive
< Docker-Distribution-Api-Version: registry/2.0
< Www-Authenticate: Bearer realm="https://harbor.ygt.cn/service/token",service="harbor-registry",scope="registry:catalog:",error="insufficient_scope"
<
{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":[{"Type":"registry","Class":"","Name":"catalog","Action":""}]}]}
- Connection #0 to host harbor.ygt.cn left intact
root@ygt:/#
version: harbor 1.1.2
``` bash
root@ygt:/opt/harbor# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6394d659c7b4 vmware/nginx:1.11.5-patched "nginx -g 'daemon ..." 5 hours ago Up 2 hours 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx
68c8d11b6451 vmware/harbor-jobservice:v1.1.2 "/harbor/harbor_jo..." 5 hours ago Up 2 hours harbor-jobservice
18449c810a3b vmware/harbor-ui:v1.1.2 "/harbor/harbor_ui" 5 hours ago Up 2 hours harbor-ui
f845a329c8fe vmware/harbor-adminserver:v1.1.2 "/harbor/harbor_ad..." 5 hours ago Up 2 hours harbor-adminserver
84978947f4bc vmware/registry:2.6.1-photon "/entrypoint.sh se..." 5 hours ago Up 2 hours 5000/tcp registry
d36d0a22b9e9 vmware/harbor-db:v1.1.2 "docker-entrypoint..." 5 hours ago Up 2 hours 3306/tcp harbor-db
c2785ef9c1ba vmware/harbor-log:v1.1.2 "/bin/sh -c 'crond..." 5 hours ago Up 2 hours 127.0.0.1:1514->514/tcp harbor-log
root@ygt:/opt/harbor# docker-compose ps
Name Command State Ports
------------------------------------------------------------------------------------------------------------------------------
harbor-adminserver /harbor/harbor_adminserver Up
harbor-db docker-entrypoint.sh mysqld Up 3306/tcp
harbor-jobservice /harbor/harbor_jobservice Up
harbor-log /bin/sh -c crond && rm -f ... Up 127.0.0.1:1514->514/tcp
harbor-ui /harbor/harbor_ui Up
nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:80->80/tcp
registry /entrypoint.sh serve /etc/ ... Up 5000/tcp
root@ygt:/opt/harbor#
lurenjia528
All 4 comments
I can use docker login/push/pull successfully,but docker api not,bucause auth ,the IdentityToken=""
curl -u "admin:Harbor12345" -X POST http://harbor.ygt.cn:4243/auth -d '{"username": "admin","password": "Harbor12345","serveraddress": "https://harbor.ygt.cn"}'
{"IdentityToken":"","Status":"Login Succeeded"}
Escape the & used in the token requesting API call with \&, refer to https://github.com/goharbor/harbor/wiki/Harbor-FAQs#api
ywk253100
on 29 Oct 2018
@ywk253100 thank you!
closed #6159
lurenjia528
on 29 Oct 2018
curl -u "admin:Harbor12345" -X POST http://harbor.ygt.cn:4243/auth -d '{"username": "admin","password": "Harbor12345","serveraddress": "https://harbor.ygt.cn"}'
@lurenjia528 How did you call auth endpoint ? Is there a different conf in here? I am trying to call that endpoint. I am always getting 405 Not Allowed. By the way, other endpoints which are related docker registry is working fine.
gklp
on 28 May 2019
Related issues
reasonerjt
·
3Comments
Poil
·
3Comments
272909106
·
4Comments
izhichao
·
3Comments
a-kinder
·
3Comments
Most helpful comment
Escape the
&used in the token requesting API call with\&, refer to https://github.com/goharbor/harbor/wiki/Harbor-FAQs#api