Mailing-List: contact notifications-help@ant.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@ant.apache.org
Message-ID: <628559959.266681268664627346.JavaMail.jira@brutus.apache.org>
Date: Mon, 15 Mar 2010 14:50:27 +0000 (UTC)
From: "Sven Walter (JIRA)" <jira@apache.org>
To: notifications@ant.apache.org
Subject: [jira] Commented: (IVY-1168) Authentication won't work in some
 situations
In-Reply-To: <983608600.132191265665648080.JavaMail.jira@brutus.apache.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


    [ https://issues.apache.org/jira/browse/IVY-1168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12845339#action_12845339 ] 

Sven Walter commented on IVY-1168:
----------------------------------

Hi Maarten,

today, I checked the changes in our environment and it works. Thanks!

Best regards,
Sven

> Authentication won't work in some situations
> --------------------------------------------
>
>                 Key: IVY-1168
>                 URL: https://issues.apache.org/jira/browse/IVY-1168
>             Project: Ivy
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 2.1.0
>            Reporter: Sven Walter
>            Assignee: Maarten Coene
>            Priority: Minor
>             Fix For: trunk
>
>         Attachments: changes.zip, patch_from_trunk.patch
>
>
> Hi,
> Regarding a requirement to publish an artifact (Hudson -> ivy (v.2.1.0)) only after a successful authentication against Archiva and LDAP I tried to realize it with the tag "credential" which is part of the ivysettings.xml. Unfortunately, it was quite hard to get this finally done. Different forum discussions did not provide enough help to solve my problems. After investigation and debugging of the ivy code I found the following issues/problems:
> 1. IvyAuthenticator was sometimes not the default:
> We have a very complex build process which includes some sub-ant calls. This leads to the problem that the default Authenticator will be changed to the java default or at least not the IvyAuthenticator. To ensure that the right one will be used I changed the BasicURLHandler and set the default before establishing the connection and publishing or retrieving an artifact.
> ...
> public void upload(...) { ... Authenticator.setDefault(IvyAuthenticator.INSTANCE); ... }
> ...
> 2. Unexpected realm information
> By using the HttpClient the realm won't be considered. We have different repositories in our Archiva (and only one host). The implementation adds the credential twice (key=realm@host and key=host). The last one will win because the HttpClient does not get the realm information. I think a better approach in this situation is to authenticate without the realm (HttpClientHandler.java). The current implementation works only if you have one repository or the last defined credential is always the right one. 
> ...
> new AuthScope(c.getHost(), AuthScope.ANY_PORT, AuthScope.ANY_REALM) ...
> ...
> 3. The mystery of the realm
> The documentation is not very clear about the realm. It is hard to find out what the right realm is. To get a better overview I extend the class CredentialsStore with additional logging information to get more light into the dark.
> ...
> public Credentials getCredentials(...) { Message.debug("try to get credentials for: " + realm + "@" + host); ... }
> ...
> 	
> I build a new ivy.jar including all of my changes and now, it works. To avoid further costs in the future (by upgrading ivy) and supporting ivy I want to incorporate my changes into one of the next ivy releases. Is this possible or in general what do you think about the changes?
> Best regards,
> Sven Walter

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.