Hi,
Same behaviour with proxy configuration :
- if encrypted password in settings.xml, error : /407 Proxy
Authentication Required/
- if clear password, request works
Best regards.
2015-02-16 0:13 GMT+01:00 Alix Lourme <alix.lourme@xxxxxxxxx
<mailto:alix.lourme@xxxxxxxxx>>:
Humm ... firstly : my apologies ... my previous tests took a complex
direction, without analysis things in order (but your and my last
message invited me to think correctly).
I found a working case : when I use a clear password in settings.xml.
But when I use a _encrypted password_ [1], it fails (so all
behaviours I had are logical).
=> Thread reorientation : Perhaps m2e uses password without decrypt
it before if encryption mechanism is used ?
I will confirm you tomorrow if the "from my job test case" work when
proxy password is "in clear".
[1]
http://maven.apache.org/guides/mini/guide-encryption.html#How_to_encrypt_server_passwords
Best regards.
2015-02-15 23:55 GMT+01:00 Alix Lourme <alix.lourme@xxxxxxxxx
<mailto:alix.lourme@xxxxxxxxx>>:
Hi Igor,
I tried first with AetherClientResourceFetcher because it was
more simle to initialize.
Thanks for the tips, I will check AetherRepositoryConnector.
Yes the problem is always the same : from my home the https
connection requires an authentication for pass the reverse-proxy
security appliance (no proxy host configured) and access to
intranet maven repository.
But from my job, when I configure the maven repository in https
as from internet (for test Friday), I need a proxy configuration
to go on internet before "re" come in company intranet => double
authentication used ... the 'proxy' authentication first and the
'server' authentication secondly.
In this case, I have the 407 => proxy host used correctly
(because OkHttpAetherClient throws exception when 407 and no
proxy host configured), but user/password seems not to be used
or bad.
I concede that it could be a complex network schema ... but the
security is important ^^.
Best regards.
2015-02-15 23:32 GMT+01:00 Igor Fedorenko <igor@xxxxxxxxxxxxxx
<mailto:igor@xxxxxxxxxxxxxx>>:
The code snippet you provided authenticates with repository,
which
corresponds to <server> settings.xml configuration. Are you
sure your
problem is with proxy authentication, as you originally
described?
AetherClientResourceFetcher is a helper class for
downloading Nexus
indexes. Dependency resolver uses AetherRepositoryConnector,
which
delegates lower-level http/https handling to OkHttpAetherClient.
--
Regards,
Igor
On 2015-02-15 17:04, Alix Lourme wrote:
Hi,
After checking /aether-connector-okhttp/, https
authentication should
work : many ssl unit test with JettyServer and
/OkHttpAetherClient.execute/ [1] manages retry with
authentication when
first response is 401/407.
This snippet code (used for getting index repository)
works perfectly
(with a MavenPluginActivator.__getUserAgent hack ...
eclipse Platform not
initialized in a Main).
------
AuthenticationInfo authInfos = new AuthenticationInfo();
authInfos.setUserName("foo");
authInfos.setPassword("bar");
AetherClientResourceFetcher fetcher = new
AetherClientResourceFetcher(__authInfos, null, null);
fetcher.connect(null,
"https://repository.company.__com/repository
<https://repository.company.com/repository>");
fetcher.retrieve("virtual/__junit/junit/4.12/junit-4.12.__jar",
new
File("test.jar"));
------
=> The /AetherClientResourceFetcher/ is used similary in
/DefaultMetadataResolver/ ?
[1]
https://github.com/takari/__aether-connector-okhttp/blob/__0fdc67248972a15dbddc5367c18296__64f2cbe28f/src/main/java/io/__takari/aether/okhttp/__OkHttpAetherClient.java
<https://github.com/takari/aether-connector-okhttp/blob/0fdc67248972a15dbddc5367c1829664f2cbe28f/src/main/java/io/takari/aether/okhttp/OkHttpAetherClient.java>
Best regards.
2015-02-13 18:03 GMT+01:00 Igor Fedorenko
<igor@xxxxxxxxxxxxxx <mailto:igor@xxxxxxxxxxxxxx>
<mailto:igor@xxxxxxxxxxxxxx <mailto:igor@xxxxxxxxxxxxxx>>>:
Looks like m2e does not properly handle 407 Proxy
Authentication
Required responses.
m2e is not expected to show authentication popups,
either valid
credentials are provided in settings.xml or
connection fails. Same as
during command line build.
Before you start debugging entire m2e sources, you
may want to look at
aether-connector-okhttp [1], which is http
transport library m2e uses.
This is where http protocol handling is implemented.
[1]
https://github.com/takari/____aether-connector-okhttp
<https://github.com/takari/__aether-connector-okhttp>
<https://github.com/takari/__aether-connector-okhttp
<https://github.com/takari/aether-connector-okhttp>>
--
Regards,
Igor
On 2015-02-13 11:32, Alix Lourme wrote:
Hi Igor,
Thanks for the reply.
/> [...] kind of proxy is this? [...]
http/https proxies are
expected to
work./
Humm ... I hope network team will not see my
post so I quote :
- Some two headers in 401 response is
"WWW-Authenticate: BASIC
realm="Unspecified"" and "Server: BigIP"
- Detail : the main product of this company,
same name as the key of
keyboard used in a browser for reload the page ^^
=> Standard
/> Can you confirm you get auth popup with
recent m2e 1.6 build?/
*No* :-(. No authentication popup with
v1.6.0.20150203-1921.
In my "home" use case : internet ->
reverse-proxy -> maven
repository
(settings.xml contains only "server" configuration)
In my today "job" use case for test : intranet
-> proxy (iron
port) ->
[internet] -> reverse-proxy -> maven repository
(settings.xml
contains
only "server" & "proxy" configuration)
In this case I have the error message : "Failed
to authenticate
with proxy"
The wireshark analysis shows :
1) Https URL connect through proxy :
---
CONNECT repository.company.com:443
<http://repository.company.com:443>
<http://repository.company.__com:443
<http://repository.company.com:443>>
<http://repository.company.____com:443
<http://repository.company.__com:443
<http://repository.company.com:443>>>
HTTP/1.1
Host: repository.company.com
<http://repository.company.com>
<http://repository.company.com__>
<http://repository.company.__com__
<http://repository.company.com__>>
Proxy-Connection: Keep-Alive
User-Agent:
m2e/3.10.1.v20140909-1633/1.6.____0.20150203-1921/1.7.0_71
---
2) Proxy answer :
---
HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="[The name of]
Security Appliance"
...
---
... and nothing else.
=> *m2e is supposed to open an authentication
popup even if
user/password is defined in settings.xml ?*
If yes ... perhaps this is the root cause :
There is no (logically)
preemptive authentication (=> basic auth not in
first call) ... but
401/407 doesn't provide popup.
/> [...] Can you confirm your configuration
uses protocol https?/
Yes, I check the bug link : active=true /
protocol=https
/> [...] need to run m2e through debugger [...]
/
Humm ... ok. I will try to load m2e source and
write unit test in my
real case./
/
/
/
Thanks./
/
Best regards./
/
2015-02-13 1:28 GMT+01:00 Igor Fedorenko
<igor@xxxxxxxxxxxxxx <mailto:igor@xxxxxxxxxxxxxx>
<mailto:igor@xxxxxxxxxxxxxx
<mailto:igor@xxxxxxxxxxxxxx>>
<mailto:igor@xxxxxxxxxxxxxx
<mailto:igor@xxxxxxxxxxxxxx> <mailto:igor@xxxxxxxxxxxxxx
<mailto:igor@xxxxxxxxxxxxxx>>>>__:
What kind of proxy is this? m2e does not
support ntlm, but
standard
http/https proxies are expected to work.
Can you confirm you get auth popup with
recent m2e 1.6 build?
m2e and command line maven appear to
disagree how to handle
https proxy
configuration. More specifically, m2e
expects proxy
configuration
protocol https, while command line maven
accepts http. This
is tracked
as bug 459638 [1]. Can you confirm your
configuration uses
protocol
https?
Beyond that, you'll need to run m2e
through debugger and
see what
happens. I usually just change m2e http
transport library
(okhttp) to
print dump all traffic to console.
[1]
https://bugs.eclipse.org/bugs/______show_bug.cgi?id=459638
<https://bugs.eclipse.org/bugs/____show_bug.cgi?id=459638>
<https://bugs.eclipse.org/__bugs/__show_bug.cgi?id=459638 <https://bugs.eclipse.org/bugs/__show_bug.cgi?id=459638>>
<https://bugs.eclipse.org/____bugs/show_bug.cgi?id=459638 <https://bugs.eclipse.org/__bugs/show_bug.cgi?id=459638>
<https://bugs.eclipse.org/__bugs/show_bug.cgi?id=459638
<https://bugs.eclipse.org/bugs/show_bug.cgi?id=459638>>>
--
Regards,
Igor
On 2015-02-12 17:19, Alix Lourme wrote:
Hi,
I'm faced to a infrastructure/network
problem ... and I
can't
determine
if it's a feature not supported, a
bug, or other
(configuration ?).
_Environment_ :
- Eclipse Kepler SR2 & m2e 1.4.0 or
Luna SR1 & m2e 1.6.0
- External Maven v3.2.3 configured as
"Installation"
- A settings.xml configured as
global/user "User
Settings" (and used
with previous Maven)
- settings.xml defines a master https
company repository
(repository &
pluginRepository)
- settings.xml defines "server"
credendials with
password encryption
(settings-security.xml usage)
- id of
server/repository/______pluginRepository is the
same in
settings.xml
_Use case_ :
- My company provides a Maven
repository for internal
developments
- This repository can be accessed from
internet (https)
for external
developments (at home ^^, no VPN
configured, ...) via an
infrastructure
reverse proxy
_Problem_ :
- The dependencies resolution works in
Maven command
line, but not
through m2e plugin (only when
dependency doesn't exist
in local
repository, classpath configuration
works perfectly
when dependency
exists in local repository)
- Error is : Access denied to
https://repository.my-company.______com/repository/virtual/__com/__my-__company/my-__artifact/1.0.__0-__SNAPSHOT/__maven-metadata.__xml
<https://repository.my-____company.com/repository/____virtual/com/my-company/my-____artifact/1.0.0-SNAPSHOT/maven-____metadata.xml
<https://repository.my-__company.com/repository/__virtual/com/my-company/my-__artifact/1.0.0-SNAPSHOT/maven-__metadata.xml>
<https://repository.my-__company.com/repository/__virtual/com/my-company/my-__artifact/1.0.0-SNAPSHOT/maven-__metadata.xml
<https://repository.my-company.com/repository/virtual/com/my-company/my-artifact/1.0.0-SNAPSHOT/maven-metadata.xml>>>.
Error code 401, Unauthorized
It is minor, but with m2e, I have lost
the practice to
use maven
command
line ^^.
The error seems to be the same as the
direct url access
via a
browser.
This direct http call contains the
(logically) response
header
'WWW-Authenticate: "BASIC
realm="Unspecified""', and
authentication
popup appears.
(I can't simply catch m2e http call,
wireshark analysis
on https
is not
trivial).
=> _Hypothesis_ :
- m2e doesn't use server credentials
defined in
settings.xml
- m2e doesn't know re-send the http
call with
credentials when
reverse
proxy answers 401
I note that in the m2e plugin
configuration, the maven
embedded
is used
for dependencies resolution ... but if
settings.xml
used, it
"should"
work ...
Plugin seems to configure server
credentials
(org.eclipse.m2e.core.______internal.repository.______RepositoryRegistry),
so some
java properties about native proxy
configuration in
addition to
settings.xml are not 'required' (i'm
not facing to an
outgoing
proxy).
So ... I'm a little lost :-)
This feature is supposed to be
supported ? Or I'm wrong in
somewhere ?
Any idea are welcome.
Thank you in advance (and globally for
your work, m2e
is simply
magic
and wonderful).
Complete stack for information (with
m2e 1.6.0) :
org.eclipse.aether.transfer.______MetadataTransferException:
[previous error]
at
org.eclipse.aether.internal.______impl.______DefaultUpdateCheckManager.______newException(______DefaultUpdateCheckManager.______java:363)
at
org.eclipse.aether.internal.______impl.______DefaultUpdateCheckManager.______checkMetadata(______DefaultUpdateCheckManager.______java:320)
at
org.eclipse.aether.internal.______impl.__DefaultMetadataResolver.______resolve(______DefaultMetadataResolver.java:______332)
at
org.eclipse.aether.internal.______impl.__DefaultMetadataResolver.______resolveMetadata(______DefaultMetadataResolver.java:______205)
at
org.apache.maven.repository.______internal.______DefaultVersionResolver.______resolveVersion(______DefaultVersionResolver.java:______250)
at
org.apache.maven.repository.______internal.______DefaultArtifactDescriptorReade______r.loadPom(______DefaultArtifactDescriptorReade______r.java:258)
at
org.apache.maven.repository.______internal.______DefaultArtifactDescriptorReade______r.readArtifactDescriptor(________DefaultArtifactDescriptorReade______r.java:217)
at
org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.________resolveCachedArtifactDescripto______r(____DefaultDependencyCollector.______java:525)
at
org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______getArtifactDescriptorResult(______DefaultDependencyCollector.______java:509)
at
org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______processDependency(______DefaultDependencyCollector.______java:409)
at
org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______processDependency(______DefaultDependencyCollector.______java:363)
at
org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______process(______DefaultDependencyCollector.______java:351)
at
org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______doRecurse(______DefaultDependencyCollector.______java:494)
at
org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______processDependency(______DefaultDependencyCollector.______java:458)
at
org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______processDependency(______DefaultDependencyCollector.______java:363)
at
org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______process(______DefaultDependencyCollector.______java:351)
at
org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______collectDependencies(______DefaultDependencyCollector.______java:254)
at
org.eclipse.aether.internal.______impl.__DefaultRepositorySystem.______collectDependencies(______DefaultRepositorySystem.java:______316)
at
org.apache.maven.project.______DefaultProjectDependenciesReso______lver.resolve(______DefaultProjectDependenciesReso______lver.java:172)
at
org.apache.maven.project.______DefaultProjectBuilder.______resolveDependencies(______DefaultProjectBuilder.java:______213)
at
org.apache.maven.project.______DefaultProjectBuilder.build(______DefaultProjectBuilder.java:______186)
at
org.apache.maven.project.______DefaultProjectBuilder.build(______DefaultProjectBuilder.java:______118)
at
org.eclipse.m2e.core.internal.______embedder.MavenImpl.______readMavenProject(MavenImpl.______java:634)
at
org.eclipse.m2e.core.internal.______project.registry.______DefaultMavenDependencyResolver______.__resolveProjectDependencies(__________DefaultMavenDependencyResolver______.java:63)
at
org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager.______refreshPhase2(______ProjectRegistryManager.java:______529)
at
org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager$3.call(______ProjectRegistryManager.__java:____491)
at
org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager$3.call(______ProjectRegistryManager.__java:__1)
at
org.eclipse.m2e.core.internal.______embedder.______MavenExecutionContext.______executeBare(______MavenExecutionContext.java:______176)
at
org.eclipse.m2e.core.internal.______embedder.______MavenExecutionContext.execute(______MavenExecutionContext.__java:____151)
at
org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager.______refresh(______ProjectRegistryManager.java:______495)
at
org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager.______refresh(______ProjectRegistryManager.java:______350)
at
org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager.______refresh(______ProjectRegistryManager.java:______297)
at
org.eclipse.m2e.core.internal.______project.______ProjectConfigurationManager.______configureNewMavenProjects(______ProjectConfigurationManager.______java:253)
at
org.eclipse.m2e.core.internal.______project.______ProjectConfigurationManager$1.______call(______ProjectConfigurationManager.______java:169)
at
org.eclipse.m2e.core.internal.______project.______ProjectConfigurationManager$1.______call(______ProjectConfigurationManager.______java:1)
at
org.eclipse.m2e.core.internal.______embedder.______MavenExecutionContext.______executeBare(______MavenExecutionContext.java:______176)
at
org.eclipse.m2e.core.internal.______embedder.______MavenExecutionContext.execute(______MavenExecutionContext.__java:____151)
at
org.eclipse.m2e.core.internal.______embedder.______MavenExecutionContext.execute(______MavenExecutionContext.__java:__99)
at
org.eclipse.m2e.core.internal.______embedder.MavenImpl.__execute(____MavenImpl.java:__1353)
at
org.eclipse.m2e.core.internal.______project.______ProjectConfigurationManager.______importProjects(______ProjectConfigurationManager.______java:137)
at
org.eclipse.m2e.core.ui.______internal.wizards.______ImportMavenProjectsJob$1.______doCreateMavenProjects(______ImportMavenProjectsJob.java:______73)
at
org.eclipse.m2e.core.ui.______internal.wizards.______AbstractCreateMavenProjectsOpe______ration.run(______AbstractCreateMavenProjectsOpe______ration.java:62)
at
org.eclipse.m2e.core.ui.______internal.wizards.______ImportMavenProjectsJob.______runInWorkspace(______ImportMavenProjectsJob.java:______82)
at
org.eclipse.core.internal.______resources.______InternalWorkspaceJob.run(______InternalWorkspaceJob.java:38)
at
org.eclipse.core.internal.______jobs.Worker.run(Worker.java:______54)
--
Alix Lourme
_____________________________________________________
m2e-users mailing list
m2e-users@xxxxxxxxxxx <mailto:m2e-users@xxxxxxxxxxx>
<mailto:m2e-users@xxxxxxxxxxx
<mailto:m2e-users@xxxxxxxxxxx>>
<mailto:m2e-users@xxxxxxxxxxx
<mailto:m2e-users@xxxxxxxxxxx>
<mailto:m2e-users@xxxxxxxxxxx
<mailto:m2e-users@xxxxxxxxxxx>>__>
To change your delivery options,
retrieve your password, or
unsubscribe from this list, visit
https://dev.eclipse.org/______mailman/listinfo/m2e-users
<https://dev.eclipse.org/____mailman/listinfo/m2e-users>
<https://dev.eclipse.org/____mailman/listinfo/m2e-users
<https://dev.eclipse.org/__mailman/listinfo/m2e-users>>
<https://dev.eclipse.org/____mailman/listinfo/m2e-users <https://dev.eclipse.org/__mailman/listinfo/m2e-users>
<https://dev.eclipse.org/__mailman/listinfo/m2e-users
<https://dev.eclipse.org/mailman/listinfo/m2e-users>>>
_____________________________________________________
m2e-users mailing list
m2e-users@xxxxxxxxxxx <mailto:m2e-users@xxxxxxxxxxx>
<mailto:m2e-users@xxxxxxxxxxx
<mailto:m2e-users@xxxxxxxxxxx>>
<mailto:m2e-users@xxxxxxxxxxx
<mailto:m2e-users@xxxxxxxxxxx>
<mailto:m2e-users@xxxxxxxxxxx
<mailto:m2e-users@xxxxxxxxxxx>>__>
To change your delivery options, retrieve
your password, or
unsubscribe from this list, visit
https://dev.eclipse.org/______mailman/listinfo/m2e-users
<https://dev.eclipse.org/____mailman/listinfo/m2e-users>
<https://dev.eclipse.org/____mailman/listinfo/m2e-users
<https://dev.eclipse.org/__mailman/listinfo/m2e-users>>
<https://dev.eclipse.org/____mailman/listinfo/m2e-users <https://dev.eclipse.org/__mailman/listinfo/m2e-users>
<https://dev.eclipse.org/__mailman/listinfo/m2e-users
<https://dev.eclipse.org/mailman/listinfo/m2e-users>>>
--
Alix Lourme
___________________________________________________
m2e-users mailing list
m2e-users@xxxxxxxxxxx <mailto:m2e-users@xxxxxxxxxxx>
<mailto:m2e-users@xxxxxxxxxxx
<mailto:m2e-users@xxxxxxxxxxx>>
To change your delivery options, retrieve your
password, or
unsubscribe from this list, visit
https://dev.eclipse.org/____mailman/listinfo/m2e-users
<https://dev.eclipse.org/__mailman/listinfo/m2e-users>
<https://dev.eclipse.org/__mailman/listinfo/m2e-users
<https://dev.eclipse.org/mailman/listinfo/m2e-users>>
___________________________________________________
m2e-users mailing list
m2e-users@xxxxxxxxxxx <mailto:m2e-users@xxxxxxxxxxx>
<mailto:m2e-users@xxxxxxxxxxx
<mailto:m2e-users@xxxxxxxxxxx>>
To change your delivery options, retrieve your
password, or
unsubscribe from this list, visit
https://dev.eclipse.org/____mailman/listinfo/m2e-users
<https://dev.eclipse.org/__mailman/listinfo/m2e-users>
<https://dev.eclipse.org/__mailman/listinfo/m2e-users
<https://dev.eclipse.org/mailman/listinfo/m2e-users>>
--
Alix Lourme
_________________________________________________
m2e-users mailing list
m2e-users@xxxxxxxxxxx <mailto:m2e-users@xxxxxxxxxxx>
To change your delivery options, retrieve your password,
or unsubscribe from this list, visit
https://dev.eclipse.org/__mailman/listinfo/m2e-users
<https://dev.eclipse.org/mailman/listinfo/m2e-users>
_________________________________________________
m2e-users mailing list
m2e-users@xxxxxxxxxxx <mailto:m2e-users@xxxxxxxxxxx>
To change your delivery options, retrieve your password, or
unsubscribe from this list, visit
https://dev.eclipse.org/__mailman/listinfo/m2e-users
<https://dev.eclipse.org/mailman/listinfo/m2e-users>
--
Alix Lourme
--
Alix Lourme
--
Alix Lourme
_______________________________________________
m2e-users mailing list
m2e-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/m2e-users