I am using nexus as a Docker container, with tag sonatype/nexus3:3.14.0. Also, I connect nexus with LDAP for user better user management it is helpful for group and role management.
For my case, I create a blog-store and create two docker registry repository, one hosted and one group. I try to log in, on hosted and it works fine. But when I tried to connect into the grouped repository I get
401 Unauthorized. I also tried to connect with admin credentials but I get the same error too,
Error response from daemon: login attempt to https:///v2/ failed with status: 401 Unauthorized.
I set up the LDAP correctly. When I am login into nexus UI I can see the grouped Docker registry repository. The problem is when I try to connet into it with docker login command. I get the
following error.
Error response from daemon: login attempt to https://myrepo:port/v2/ failed with status: 401 Unauthorized.
The same problem I am getting when I am try to connect with nexus-admin, which is very odd.
Did anyone find a solution?
I created a simple docker (hosted) repository.
I can see it when I $ curl -X GET http://IP:port/v2/_catalog
But, I cannot login. It keeps rejecting the admin:admin123
I also configured the docker client (/etc/docker/daemon.json) to accept this registry as insecure.
Whatever I do I keep getting the unauthorized.
It is a simple case, it shouldn’t be so hard, don’t you think?
P.S.: Still wondering why there’s nowhere else this information and how all these guys who make tutorial videos don’t say anything about this conf.
Does anyone know if the ordering makes a difference for the active realms? Docker Bearer Token is there however it is bottom of the list (they’re all in the Active column).
Thanks
@ben_jones2 the ordering only matters if there’s a conflict. For example if you have an ldap user named “joe” and a NXRM user named “joe”. Other than that the ordering is just used for accessibility. Because of this, we recommend the services that are logged in most frequently are higher. We also generally recommend the NXRM internal realms remain first in case there’s a problem with the external systems you’ll still be able to login locally and troubleshoot.
Thank you, enabling the Docker Bearer Token Realm allowed the login to start working.
I agree with @gioargyr when he wonders why Sonatype makes videos and documentation and NOWHERE for setting up Docker repo does it mention to do this. @rseddon please review the steps and provide a response to this issue higher up the thread. As a “Sonatyper” it’s a little disconcerting to hear you know nothing about this, and somebody else had to resolve it.
Thanks.
Thanks for the feedback. We have some work in progress to make it easier to find the “correct” answers in any given Topic thread, stay tuned for that.
The Community is a place where everyone can help each other, not just Sonatypers providing the answers. Kudos to @pawel.skarzynski for helping out here. Sonatypers obviously can’t know all the answers all the time, especially in the context of a community post.
Remember, if you are a licensed user for Nexus Repo Pro and/or IQ Server then you have access to our full support team over at support.sonatype.com. The team will be able to go much more in depth over there to help with any issues.
Thanks a lot for that fix. Their documentation is not complete for this feature. I spent hours going over it and making sure I didn’t miss a setting. Such a simple fix.
This page has been moved, it’s now Docker Authentication. Since I’ve corrected twice now, hopefully people believe it’s there and search around if this link also changes.