maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Martin Formanko (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (MNG-6433) Maven does not authenticate
Date Mon, 25 Jun 2018 14:41:00 GMT

     [ https://issues.apache.org/jira/browse/MNG-6433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Martin Formanko updated MNG-6433:
---------------------------------
    Description: 
I have set the username and password in settings.xml (encrypted and also plain-text the same
behaviour). In debug logs I also see the following:

 
{code:java}
[DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for http://[censored]/artifactory/repo
with username=[censored], password=***
Downloading from repo: http://[censored]/artifactory/repo/com/[censored].pom{code}
 

 

but maven itself does not authenticate, from what I see in network dump:

 
{code:java}
GET /artifactory/[censored].pom HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.5.4 (Java 1.8.0_161; Windows 10 10.0)
Host: [censored]
Connection: Keep-Alive

HTTP/1.1 404 Not Found
Server: Artifactory/5.11.1
X-Artifactory-Id: [censored]c:-8000
Content-Type: application/json;charset=ISO-8859-1
Content-Length: 74
Date: Mon, 25 Jun 2018 14:28:17 GMT
{code}
 

So... then I am getting
{code:java}
[FATAL] Non-resolvable parent POM for [censored]: Could not find artifact{code}
Because Maven is awaiting maybe 407 authentication required or some similar status code. Is
this correct behaviour? Should our artifactory request the username/password? Because what
it does, is that it replies with 404 when authentication is not done.

My settings.xml are not important I think, because as you can see in the log, there is BasicConnector
which is using already the username/password, so the settings are correct, but maven simply
does not use any credentials at all and tries to grab artifact directly.

  was:
I have set the username and password in settings.xml (encrypted and also plain-text the same
behaviour). In debug logs I also see the following:

 
{code:java}
[DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for http://[censored]/artifactory/repo
with username=[censored], password=***
Downloading from repo: http://[censored]/artifactory/repo/com/[censored].pom{code}
 

 

but maven itself does not authenticate, from what I see in network dump:

 
{code:java}
GET /artifactory/[censored].pom HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.5.4 (Java 1.8.0_161; Windows 10 10.0)
Host: [censored]
Connection: Keep-Alive
HTTP/1.1 404 Not Found
Server: Artifactory/5.11.1
X-Artifactory-Id: [censored]c:-8000
Content-Type: application/json;charset=ISO-8859-1
Content-Length: 74
Date: Mon, 25 Jun 2018 14:28:17 GMT
{code}
 

So... then I am getting
{code:java}
[FATAL] Non-resolvable parent POM for [censored]: Could not find artifact{code}
Because Maven is awaiting maybe 407 authentication required or some similar status code. Is
this correct behaviour? Should our artifactory request the username/password? Because what
it does, is that it replies with 404 when authentication is not done.

My settings.xml are not important I think, because as you can see in the log, there is BasicConnector
which is using already the username/password, so the settings are correct, but maven simply
does not use any credentials at all and tries to grab artifact directly.


> Maven does not authenticate 
> ----------------------------
>
>                 Key: MNG-6433
>                 URL: https://issues.apache.org/jira/browse/MNG-6433
>             Project: Maven
>          Issue Type: Bug
>    Affects Versions: 3.5.4
>         Environment: Windows 10, JFrog artifactory
>            Reporter: Martin Formanko
>            Priority: Major
>
> I have set the username and password in settings.xml (encrypted and also plain-text the
same behaviour). In debug logs I also see the following:
>  
> {code:java}
> [DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for http://[censored]/artifactory/repo
with username=[censored], password=***
> Downloading from repo: http://[censored]/artifactory/repo/com/[censored].pom{code}
>  
>  
> but maven itself does not authenticate, from what I see in network dump:
>  
> {code:java}
> GET /artifactory/[censored].pom HTTP/1.1
> Cache-control: no-cache
> Cache-store: no-store
> Pragma: no-cache
> Expires: 0
> Accept-Encoding: gzip
> User-Agent: Apache-Maven/3.5.4 (Java 1.8.0_161; Windows 10 10.0)
> Host: [censored]
> Connection: Keep-Alive
> HTTP/1.1 404 Not Found
> Server: Artifactory/5.11.1
> X-Artifactory-Id: [censored]c:-8000
> Content-Type: application/json;charset=ISO-8859-1
> Content-Length: 74
> Date: Mon, 25 Jun 2018 14:28:17 GMT
> {code}
>  
> So... then I am getting
> {code:java}
> [FATAL] Non-resolvable parent POM for [censored]: Could not find artifact{code}
> Because Maven is awaiting maybe 407 authentication required or some similar status code.
Is this correct behaviour? Should our artifactory request the username/password? Because what
it does, is that it replies with 404 when authentication is not done.
> My settings.xml are not important I think, because as you can see in the log, there is
BasicConnector which is using already the username/password, so the settings are correct,
but maven simply does not use any credentials at all and tries to grab artifact directly.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message