This is an automated email from the ASF dual-hosted git repository.
cstamas pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/maven-resolver.git
The following commit(s) were added to refs/heads/master by this push:
new 5c36e0c5 [MRESOLVER-327] Allow use of system properties to configure
HttpClient (#266)
5c36e0c5 is described below
commit 5c36e0c51c6e84971a52acb57b7132fb7d2508ba
Author: Tamas Cservenak <[email protected]>
AuthorDate: Tue Mar 7 15:04:28 2023 +0100
[MRESOLVER-327] Allow use of system properties to configure HttpClient
(#266)
But do not encourage users about this, quite the opposite, drive them
toward documentation how to configure transports, for example this page:
https://maven.apache.org/guides/mini/guide-proxies.html
This is disabled by default. The only reason for this change is to make
possible exact use case like the reported in
https://issues.apache.org/jira/browse/MNG-7721 to work with transport-http,
nothing more and nothing less.
---
https://issues.apache.org/jira/browse/MRESOLVER-327
---
.../eclipse/aether/transport/http/HttpTransporter.java | 18 +++++++++++++++---
src/site/markdown/configuration.md | 1 +
2 files changed, 16 insertions(+), 3 deletions(-)
diff --git
a/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java
b/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java
index ea304f2e..573e1279 100644
---
a/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java
+++
b/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java
@@ -99,6 +99,8 @@ final class HttpTransporter extends AbstractTransporter {
static final String PREEMPTIVE_PUT_AUTH =
"aether.connector.http.preemptivePutAuth";
+ static final String USE_SYSTEM_PROPERTIES =
"aether.connector.http.useSystemProperties";
+
private static final Pattern CONTENT_RANGE_PATTERN =
Pattern.compile("\\s*bytes\\s+([0-9]+)\\s*-\\s*([0-9]+)\\s*/.*");
@@ -221,7 +223,7 @@ final class HttpTransporter extends AbstractTransporter {
DefaultHttpRequestRetryHandler retryHandler = new
DefaultHttpRequestRetryHandler(retryCount, false);
- this.client = HttpClientBuilder.create()
+ HttpClientBuilder builder = HttpClientBuilder.create()
.setUserAgent(userAgent)
.setDefaultSocketConfig(socketConfig)
.setDefaultRequestConfig(requestConfig)
@@ -230,8 +232,18 @@ final class HttpTransporter extends AbstractTransporter {
.setConnectionManager(state.getConnectionManager())
.setConnectionManagerShared(true)
.setDefaultCredentialsProvider(toCredentialsProvider(server,
repoAuthContext, proxy, proxyAuthContext))
- .setProxy(proxy)
- .build();
+ .setProxy(proxy);
+
+ final boolean useSystemProperties = ConfigUtils.getBoolean(
+ session, false, USE_SYSTEM_PROPERTIES + "." +
repository.getId(), USE_SYSTEM_PROPERTIES);
+ if (useSystemProperties) {
+ LOGGER.warn(
+ "Transport used Apache HttpClient is instructed to use
system properties: this may yield in unwanted side-effects!");
+ LOGGER.warn("Please use documented means to configure resolver
transport.");
+ builder.useSystemProperties();
+ }
+
+ this.client = builder.build();
}
private static HttpHost toHost(Proxy proxy) {
diff --git a/src/site/markdown/configuration.md
b/src/site/markdown/configuration.md
index bb286c2f..714661e4 100644
--- a/src/site/markdown/configuration.md
+++ b/src/site/markdown/configuration.md
@@ -41,6 +41,7 @@ Option | Type | Description | Default Value | Supports Repo
ID Suffix
`aether.connector.http.preemptivePutAuth` | boolean | Should HTTP client use
preemptive-authentication for HTTP PUTs only (works only w/ BASIC). By default
is enabled (same as Wagon). | `true` | yes
`aether.connector.http.retryHandler.count` | int | The maximum number of times
a request to a remote HTTP server should be retried in case of an error. | `3`
| yes
`aether.connector.http.supportWebDav` | boolean | If enabled, transport makes
best effort to deploy to WebDAV server. This mode is not recommended, better
use real Maven Repository Manager instead. | `false` | yes
+`aether.connector.http.useSystemProperties` | boolean | If enabled, underlying
Apache HttpClient will use system properties as well to configure itself
(typically used to set up HTTP Proxy via Java system properties). See <a
href="https://hc.apache.org/httpcomponents-client-4.5.x/current/httpclient/apidocs/org/apache/http/impl/client/HttpClientBuilder.html";>HttpClientBuilder</a>
for used properties. This mode is **not recommended**, better use documented
ways of configuration instead. | [...]
`aether.connector.https.cipherSuites` | String | Comma-separated list of
[Cipher
Suites](https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#ciphersuites)
which are enabled for HTTPS connections. | - (no restriction) | no
`aether.connector.https.securityMode` | String | Using this flag resolver may
set the "security mode" of HTTPS connector. Any other mode than 'default' is
NOT MEANT for production, as it is inherently not secure. Accepted values:
"default", "insecure" (ignore any kind of certificate validation errors and
hostname validation checks). | `"default"` | yes
`aether.connector.https.protocols` | String | Comma-separated list of
[Protocols](https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#jssenames)
which are enabled for HTTPS connections. | - (no restriction) | no
