ant-ivy-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Shea <m...@nitido.com>
Subject Fwd: Re: Fwd: HTTP basic auth repositories
Date Tue, 14 Sep 2010 20:23:04 GMT
Hi guys - this is the transcript of an email conversation that I just 
had - it has a bit more information in it about how to get HTTP Basic 
Auth repositories working (specifically, using Apache web server). I am 
forwarding it to this list so that it will show up in future searches 
about this sort of stuff, given that it works for me (and Mitch, who was 
asking me some questions, has found it useful as well).


Mike Shea.

-------- Original Message --------
Subject: 	Re: Fwd: HTTP basic auth repositories
Date: 	Tue, 14 Sep 2010 15:45:32 -0400
From: 	Michael Shea <mike@nitido.com>
To: 	Mitch Gitman <mgitman@gmail.com>



Hi Mitch,

In the end, I have something like this in my ivysettings.xml:

<ivysettings>
<!-- Integrate with the ant build -->
<properties file="build.properties"/>
<properties file="local.properties"/>
...
<credentials host="ivyhost.mycompany.com" username="${ivy.username}"
password="${ivy.password}" realm="Ivy Repository"/>
<resolvers>

<url name="infrastructure">
<ivy
pattern="${ivy.protocol}://ivyhost.mycompany.com/ivy/${ivy.artifact.pattern}"
/>
<artifact
pattern="${ivy.protocol}://ivyhost.mycompany.com/ivy/${ivy.artifact.pattern}"
/>
</url>

</resolvers>
</ivysettings>

The realm is related to the Apache configuration on the server hosting
the Ivy repository. Here is a snippet from the config on the Apache server:

<VirtualHost *:80>
         # Require ldap authentication for ivy.
         Alias /ivy /home/ivy
<Directory /home/ivy/>
            DAV On
<LimitExcept MKCOL GET HEAD OPTIONS PUT>
                 Allow from all
</LimitExcept>

            AuthType Basic
            AuthName "Ivy Repository"

            # Use LDAP
            AuthBasicProvider ldap

            # Authentication for connecting.
            AuthLDAPBindDN cn=[*******]
            AuthLDAPBindPassword [*******]
            AuthLDAPURL ldap://[*******]

            # Use uid to check for group membership.
            AuthLDAPGroupAttribute uniqueMember
            AuthLDAPGroupAttributeIsDN on

            # Group to check:
            Require ldap-group[******]

</Directory>
</VirtualHost>

There's other stuff in there (I'm also configuring Apache to
authenticate users against an LDAP server), but that's basically it. The
important stuff, I believe, is the "AuthType Basic" and "AuthName "Ivy
Repository"", where AuthName matches the realm that you use in your
ivysettings.xml file.

Hope this helps,


Mike.

>  Mr. Shea/Mike:
>  I was going back through the ivy-user list and came across this thread you'd
>  started. I'm running into a similar problem trying to get a UrlResolver
>  working with an SSL server. I'm seeing:
>  CLIENT ERROR: Authorization Required
>
>  I've specified:
>  <credentials host="..." username="..." passwd="..." />
>
>  You mention here that the realm attribute on the credentials element is
>  important. But what did you specify for realm to get things working?
>
>  Thanks,
>  Mitch Gitman
>
>  ---------- Forwarded message ----------
>  From: Michael Shea<mike@nitido.com>
>  Date: Mon, Mar 29, 2010 at 4:03 PM
>  Subject: Re: HTTP basic auth repositories
>  To: ivy-user@ant.apache.org
>
>
>  So apparently the "realm" parameter that I decided wasn't important actually
>  was very important. It's working now. =)
>
>
>  Mike Shea.
>
>
>
>    Hi folks,
>
>>  I am looking for some information about retrieving dependencies from an
>>  HTTP Ivy repository, using Basic Auth, from an Ant build.
>>
>>  I am using ivy-2.1.0.
>>
>>  So far, I have been unable to actually retrieve any dependencies, because I
>>  can't authenticate. At least, that's what I infer from all the error
>>  messages I get that say:
>>  CLIENT ERROR: Authorization Required url=[...]
>>  java.io.IOException The HTTP response code for [...] did not indicate a
>>  success. See log for more detail.
>>
>>  I have commons-httpclient-3.1.jar on the path that I used when I created
>>  the ivy taskdefs, so I don't think that's the problem:
>>
>>  <taskdef resource="org/apache/ivy/ant/antlib.xml"
>>  uri="antlib:org.apache.ivy.ant" classpathref="ivy.lib.path" />
>>  ... "ivy.lib.path" contains commons-httpclient-3.1.jar.
>>
>>  The information on the website is confusing. This link (
>>  http://ant.apache.org/ivy/history/latest-milestone/use/configure.html)<
>>  http://ant.apache.org/ivy/history/latest-milestone/use/configure.html>)
>>  indicates that the username and password should be defined on the
>>  ivy:configure element, but then only gives an example which uses
>>  <credentials>   sub-elements. When I actually try to use<credentials>
  as a
>>  sub-element of ivy:configure, my build blows up (apparently this is not
>>  legal). There's also the "ivy:settings" element, which does seem to support
>>  the<credentials>   sub-element, but which I am still unable to convince to
>>  work (as in, download my dependencies - at least it doesn't make the build
>>  fail when I call it, though).
>>
>>  Debugging is tricky; all I ever see is that error message telling me that
>>  authorization is required.
>>
>>  I've also found another posting that indcates that you can do the
>>  credential stuff in ivysettings.xml instead of in Ant:
>>  http://blogs.jfrog.org/2010/03/building-enterprise-repository-with.html
>>  ... I haven't yet been able to get this method to work either.
>>
>>  Oh, I've been leaving the "realm" to use for authentication out of all my
>>  configurations, since I don't think I'm using one.
>>
>>  Anybody have some pointers for me?
>>
>>  Thanks!
>>
>>
>>  Mike Shea.
>>
>>
>>
>>
>



Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message