NuGet Server HTTP Authentication

I am having trouble understanding http authentication as it applies to the nuget server.

My scenario is that I use TeamCity to create NuGet packages and we are deploying to AppHarbor.
To reduce the size of our repos, we enable package restore on our solutions so that we don't store the packages in our local git repos.

When deploying to AppHarbor, TeamCity has to be exposed publically so that the AppHarbor build can pull any missing packages.
I don't want to enable guest login to use the NuGet server since its public and can be easily found, so I thought to use httpAuth.

I was under the impression that http auth allowed the username and password in the url i.e.

http://testuser:testpassword@mybuildserver.com/httpAuth/app/nuget/v1/FeedService.svc

but this appears to not be working as I am still prompted for the username and password.

The problem therefore is that I have to have TeamCity public but I don't want to enable a guest login because I need to keep our artifacts private, but I need a way to download the nuget packages from AppHarbor.

Any ideas on how to make this work?

Thanks,
Joe

4 comments
Comment actions Permalink

Joe Young,

The problem therefore is that I have to have TeamCity public but I don't want to enable a guest login because I need to keep our artifacts private, but I need a way to download the nuget packages from AppHarbor.
Any ideas on how to make this work?


I just wonder: I didn't have luck with TeamCity pulling its own packages
from itself -- the Agent always tries using the guest login url.

--
/\/\arkus.

0
Comment actions Permalink

Instead of having MSBuild pulling down the packages from TeamCity, I added a NuGet Installer Build Configuration. You can tell it to get its sources from NuGet.org or TeamCity itself and then MSBuild does not have to update the packages.

See the attached screenshot for how I have it hooked up.



Attachment(s):
Capture.PNG
0
Comment actions Permalink


that's exactly what I was speaking about: %teamcity.nuget.feed.server%
returns the guest login url which is disabled and which I don't want to
have enabled.

--
/\/\arkus.

0
Comment actions Permalink

Looks like there are some problems with NuGet to support this. There is a conversation on it here http://youtrack.jetbrains.com/issue/TW-20764.
I ended up having to enable guestAuth, it sucks, but hopefully a fix will be available soon.

0

Please sign in to leave a comment.