Hi, Same behaviour with proxy configuration : - if encrypted password in settings.xml, error : *407 Proxy Authentication Required* - if clear password, request works
Best regards. 2015-02-16 0:13 GMT+01:00 Alix Lourme <[email protected]>: > Humm ... firstly : my apologies ... my previous tests took a complex > direction, without analysis things in order (but your and my last message > invited me to think correctly). > > I found a working case : when I use a clear password in settings.xml. > > But when I use a *encrypted password* [1], it fails (so all behaviours I > had are logical). > > => Thread reorientation : Perhaps m2e uses password without decrypt it > before if encryption mechanism is used ? > > I will confirm you tomorrow if the "from my job test case" work when proxy > password is "in clear". > > [1] > http://maven.apache.org/guides/mini/guide-encryption.html#How_to_encrypt_server_passwords > > Best regards. > > 2015-02-15 23:55 GMT+01:00 Alix Lourme <[email protected]>: > >> Hi Igor, >> >> I tried first with AetherClientResourceFetcher because it was more simle >> to initialize. >> Thanks for the tips, I will check AetherRepositoryConnector. >> >> Yes the problem is always the same : from my home the https connection >> requires an authentication for pass the reverse-proxy security appliance >> (no proxy host configured) and access to intranet maven repository. >> >> But from my job, when I configure the maven repository in https as from >> internet (for test Friday), I need a proxy configuration to go on internet >> before "re" come in company intranet => double authentication used ... the >> 'proxy' authentication first and the 'server' authentication secondly. >> >> In this case, I have the 407 => proxy host used correctly (because >> OkHttpAetherClient throws exception when 407 and no proxy host configured), >> but user/password seems not to be used or bad. >> >> I concede that it could be a complex network schema ... but the security >> is important ^^. >> >> Best regards. >> >> 2015-02-15 23:32 GMT+01:00 Igor Fedorenko <[email protected]>: >> >>> The code snippet you provided authenticates with repository, which >>> corresponds to <server> settings.xml configuration. Are you sure your >>> problem is with proxy authentication, as you originally described? >>> >>> AetherClientResourceFetcher is a helper class for downloading Nexus >>> indexes. Dependency resolver uses AetherRepositoryConnector, which >>> delegates lower-level http/https handling to OkHttpAetherClient. >>> >>> -- >>> Regards, >>> Igor >>> >>> On 2015-02-15 17:04, Alix Lourme wrote: >>> >>>> Hi, >>>> >>>> After checking /aether-connector-okhttp/, https authentication should >>>> work : many ssl unit test with JettyServer and >>>> /OkHttpAetherClient.execute/ [1] manages retry with authentication when >>>> first response is 401/407. >>>> >>>> This snippet code (used for getting index repository) works perfectly >>>> (with a MavenPluginActivator.getUserAgent hack ... eclipse Platform not >>>> initialized in a Main). >>>> ------ >>>> AuthenticationInfo authInfos = new AuthenticationInfo(); >>>> authInfos.setUserName("foo"); >>>> authInfos.setPassword("bar"); >>>> AetherClientResourceFetcher fetcher = new >>>> AetherClientResourceFetcher(authInfos, null, null); >>>> fetcher.connect(null, "https://repository.company.com/repository";); >>>> fetcher.retrieve("virtual/junit/junit/4.12/junit-4.12.jar", new >>>> File("test.jar")); >>>> ------ >>>> >>>> => The /AetherClientResourceFetcher/ is used similary in >>>> /DefaultMetadataResolver/ ? >>>> >>>> [1] >>>> https://github.com/takari/aether-connector-okhttp/blob/ >>>> 0fdc67248972a15dbddc5367c1829664f2cbe28f/src/main/java/io/ >>>> takari/aether/okhttp/OkHttpAetherClient.java >>>> >>>> Best regards. >>>> >>>> 2015-02-13 18:03 GMT+01:00 Igor Fedorenko <[email protected] >>>> <mailto:[email protected]>>: >>>> >>>> Looks like m2e does not properly handle 407 Proxy Authentication >>>> Required responses. >>>> >>>> m2e is not expected to show authentication popups, either valid >>>> credentials are provided in settings.xml or connection fails. Same >>>> as >>>> during command line build. >>>> >>>> Before you start debugging entire m2e sources, you may want to look >>>> at >>>> aether-connector-okhttp [1], which is http transport library m2e >>>> uses. >>>> This is where http protocol handling is implemented. >>>> >>>> [1] https://github.com/takari/__aether-connector-okhttp >>>> >>>> <https://github.com/takari/aether-connector-okhttp> >>>> >>>> -- >>>> Regards, >>>> Igor >>>> >>>> On 2015-02-13 11:32, Alix Lourme wrote: >>>> >>>> Hi Igor, >>>> >>>> Thanks for the reply. >>>> >>>> /> [...] kind of proxy is this? [...] http/https proxies are >>>> expected to >>>> work./ >>>> >>>> Humm ... I hope network team will not see my post so I quote : >>>> - Some two headers in 401 response is "WWW-Authenticate: BASIC >>>> realm="Unspecified"" and "Server: BigIP" >>>> - Detail : the main product of this company, same name as the >>>> key of >>>> keyboard used in a browser for reload the page ^^ >>>> => Standard >>>> >>>> /> Can you confirm you get auth popup with recent m2e 1.6 >>>> build?/ >>>> >>>> *No* :-(. No authentication popup with v1.6.0.20150203-1921. >>>> >>>> In my "home" use case : internet -> reverse-proxy -> maven >>>> repository >>>> (settings.xml contains only "server" configuration) >>>> In my today "job" use case for test : intranet -> proxy (iron >>>> port) -> >>>> [internet] -> reverse-proxy -> maven repository (settings.xml >>>> contains >>>> only "server" & "proxy" configuration) >>>> >>>> In this case I have the error message : "Failed to authenticate >>>> with proxy" >>>> The wireshark analysis shows : >>>> 1) Https URL connect through proxy : >>>> --- >>>> CONNECT repository.company.com:443 >>>> <http://repository.company.com:443> >>>> <http://repository.company.__com:443 >>>> <http://repository.company.com:443>> >>>> HTTP/1.1 >>>> Host: repository.company.com <http://repository.company.com> >>>> <http://repository.company.com__> >>>> Proxy-Connection: Keep-Alive >>>> User-Agent: m2e/3.10.1.v20140909-1633/1.6. >>>> __0.20150203-1921/1.7.0_71 >>>> >>>> --- >>>> 2) Proxy answer : >>>> --- >>>> HTTP/1.1 407 Proxy Authentication Required >>>> Proxy-Authenticate: Basic realm="[The name of] Security >>>> Appliance" >>>> ... >>>> --- >>>> ... and nothing else. >>>> >>>> => *m2e is supposed to open an authentication popup even if >>>> user/password is defined in settings.xml ?* >>>> >>>> If yes ... perhaps this is the root cause : There is no >>>> (logically) >>>> preemptive authentication (=> basic auth not in first call) ... >>>> but >>>> 401/407 doesn't provide popup. >>>> >>>> /> [...] Can you confirm your configuration uses protocol >>>> https?/ >>>> >>>> Yes, I check the bug link : active=true / protocol=https >>>> >>>> /> [...] need to run m2e through debugger [...] >>>> >>>> / >>>> Humm ... ok. I will try to load m2e source and write unit test >>>> in my >>>> real case./ >>>> / >>>> / >>>> / >>>> Thanks./ >>>> / >>>> Best regards./ >>>> / >>>> >>>> 2015-02-13 1:28 GMT+01:00 Igor Fedorenko <[email protected] >>>> <mailto:[email protected]> >>>> <mailto:[email protected] <mailto:[email protected]>>>: >>>> >>>> What kind of proxy is this? m2e does not support ntlm, but >>>> standard >>>> http/https proxies are expected to work. >>>> >>>> Can you confirm you get auth popup with recent m2e 1.6 >>>> build? >>>> >>>> m2e and command line maven appear to disagree how to handle >>>> https proxy >>>> configuration. More specifically, m2e expects proxy >>>> configuration >>>> protocol https, while command line maven accepts http. This >>>> is tracked >>>> as bug 459638 [1]. Can you confirm your configuration uses >>>> protocol >>>> https? >>>> >>>> Beyond that, you'll need to run m2e through debugger and >>>> see what >>>> happens. I usually just change m2e http transport library >>>> (okhttp) to >>>> print dump all traffic to console. >>>> >>>> [1] >>>> https://bugs.eclipse.org/bugs/____show_bug.cgi?id=459638 >>>> <https://bugs.eclipse.org/bugs/__show_bug.cgi?id=459638> >>>> <https://bugs.eclipse.org/__bugs/show_bug.cgi?id=459638 >>>> <https://bugs.eclipse.org/bugs/show_bug.cgi?id=459638>> >>>> >>>> -- >>>> Regards, >>>> Igor >>>> >>>> On 2015-02-12 17:19, Alix Lourme wrote: >>>> >>>> Hi, >>>> >>>> I'm faced to a infrastructure/network problem ... and I >>>> can't >>>> determine >>>> if it's a feature not supported, a bug, or other >>>> (configuration ?). >>>> >>>> _Environment_ : >>>> - Eclipse Kepler SR2 & m2e 1.4.0 or Luna SR1 & m2e >>>> 1.6.0 >>>> - External Maven v3.2.3 configured as "Installation" >>>> - A settings.xml configured as global/user "User >>>> Settings" (and used >>>> with previous Maven) >>>> - settings.xml defines a master https company >>>> repository >>>> (repository & >>>> pluginRepository) >>>> - settings.xml defines "server" credendials with >>>> password encryption >>>> (settings-security.xml usage) >>>> - id of server/repository/____pluginRepository is the >>>> same in >>>> settings.xml >>>> >>>> _Use case_ : >>>> - My company provides a Maven repository for internal >>>> developments >>>> - This repository can be accessed from internet (https) >>>> for external >>>> developments (at home ^^, no VPN configured, ...) via >>>> an >>>> infrastructure >>>> reverse proxy >>>> >>>> _Problem_ : >>>> - The dependencies resolution works in Maven command >>>> line, but not >>>> through m2e plugin (only when dependency doesn't exist >>>> in local >>>> repository, classpath configuration works perfectly >>>> when dependency >>>> exists in local repository) >>>> - Error is : Access denied to >>>> https://repository.my-company.____com/repository/virtual/ >>>> com/__my-__company/my-artifact/1.0.__0-__SNAPSHOT/maven-metadata.__xml >>>> >>>> <https://repository.my-__company.com/repository/__ >>>> virtual/com/my-company/my-__artifact/1.0.0-SNAPSHOT/maven- >>>> __metadata.xml >>>> >>>> <https://repository.my-company.com/repository/ >>>> virtual/com/my-company/my-artifact/1.0.0-SNAPSHOT/maven-metadata.xml>>. >>>> Error code 401, Unauthorized >>>> >>>> It is minor, but with m2e, I have lost the practice to >>>> use maven >>>> command >>>> line ^^. >>>> >>>> The error seems to be the same as the direct url access >>>> via a >>>> browser. >>>> This direct http call contains the (logically) response >>>> header >>>> 'WWW-Authenticate: "BASIC realm="Unspecified""', and >>>> authentication >>>> popup appears. >>>> (I can't simply catch m2e http call, wireshark analysis >>>> on https >>>> is not >>>> trivial). >>>> >>>> => _Hypothesis_ : >>>> >>>> - m2e doesn't use server credentials defined in >>>> settings.xml >>>> - m2e doesn't know re-send the http call with >>>> credentials when >>>> reverse >>>> proxy answers 401 >>>> >>>> I note that in the m2e plugin configuration, the maven >>>> embedded >>>> is used >>>> for dependencies resolution ... but if settings.xml >>>> used, it >>>> "should" >>>> work ... >>>> >>>> Plugin seems to configure server credentials >>>> >>>> (org.eclipse.m2e.core.____internal.repository.____ >>>> RepositoryRegistry), >>>> so some >>>> java properties about native proxy configuration in >>>> addition to >>>> settings.xml are not 'required' (i'm not facing to an >>>> outgoing >>>> proxy). >>>> So ... I'm a little lost :-) >>>> >>>> This feature is supposed to be supported ? Or I'm >>>> wrong in >>>> somewhere ? >>>> Any idea are welcome. >>>> >>>> Thank you in advance (and globally for your work, m2e >>>> is simply >>>> magic >>>> and wonderful). >>>> >>>> Complete stack for information (with m2e 1.6.0) : >>>> org.eclipse.aether.transfer.__ >>>> __MetadataTransferException: >>>> [previous error] >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultUpdateCheckManager.____newException(____ >>>> DefaultUpdateCheckManager.____java:363) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultUpdateCheckManager.____checkMetadata(____ >>>> DefaultUpdateCheckManager.____java:320) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl. >>>> DefaultMetadataResolver.____resolve(____DefaultMetadataResolver.java:_ >>>> ___332) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl. >>>> DefaultMetadataResolver.____resolveMetadata(____ >>>> DefaultMetadataResolver.java:____205) >>>> at >>>> >>>> org.apache.maven.repository.____internal.____ >>>> DefaultVersionResolver.____resolveVersion(____ >>>> DefaultVersionResolver.java:____250) >>>> at >>>> >>>> org.apache.maven.repository.____internal.____ >>>> DefaultArtifactDescriptorReade____r.loadPom(____ >>>> DefaultArtifactDescriptorReade____r.java:258) >>>> at >>>> >>>> org.apache.maven.repository.____internal.____ >>>> DefaultArtifactDescriptorReade____r.readArtifactDescriptor(____ >>>> DefaultArtifactDescriptorReade____r.java:217) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultDependencyCollector.____resolveCachedArtifactDescripto____r(__ >>>> DefaultDependencyCollector.____java:525) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultDependencyCollector.____getArtifactDescriptorResult(_ >>>> ___DefaultDependencyCollector.____java:509) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultDependencyCollector.____processDependency(____ >>>> DefaultDependencyCollector.____java:409) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultDependencyCollector.____processDependency(____ >>>> DefaultDependencyCollector.____java:363) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultDependencyCollector.____process(____ >>>> DefaultDependencyCollector.____java:351) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultDependencyCollector.____doRecurse(____ >>>> DefaultDependencyCollector.____java:494) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultDependencyCollector.____processDependency(____ >>>> DefaultDependencyCollector.____java:458) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultDependencyCollector.____processDependency(____ >>>> DefaultDependencyCollector.____java:363) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultDependencyCollector.____process(____ >>>> DefaultDependencyCollector.____java:351) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl.____ >>>> DefaultDependencyCollector.____collectDependencies(____ >>>> DefaultDependencyCollector.____java:254) >>>> at >>>> >>>> org.eclipse.aether.internal.____impl. >>>> DefaultRepositorySystem.____collectDependencies(____ >>>> DefaultRepositorySystem.java:____316) >>>> at >>>> >>>> org.apache.maven.project.____DefaultProjectDependenciesReso >>>> ____lver.resolve(____DefaultProjectDependenciesReso____lver.java:172) >>>> at >>>> >>>> org.apache.maven.project.____DefaultProjectBuilder.____ >>>> resolveDependencies(____DefaultProjectBuilder.java:____213) >>>> at >>>> >>>> org.apache.maven.project.____DefaultProjectBuilder.build(__ >>>> __DefaultProjectBuilder.java:____186) >>>> at >>>> >>>> org.apache.maven.project.____DefaultProjectBuilder.build(__ >>>> __DefaultProjectBuilder.java:____118) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____embedder.MavenImpl.____ >>>> readMavenProject(MavenImpl.____java:634) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.registry.____ >>>> DefaultMavenDependencyResolver____.resolveProjectDependencies(______ >>>> DefaultMavenDependencyResolver____.java:63) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.registry.____ >>>> ProjectRegistryManager.____refreshPhase2(____ >>>> ProjectRegistryManager.java:____529) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.registry.____ >>>> ProjectRegistryManager$3.call(____ProjectRegistryManager.java:____491) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.registry.____ >>>> ProjectRegistryManager$3.call(____ProjectRegistryManager.java:__1) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____embedder.____ >>>> MavenExecutionContext.____executeBare(____ >>>> MavenExecutionContext.java:____176) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____embedder.____ >>>> MavenExecutionContext.execute(____MavenExecutionContext.java:____151) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.registry.____ >>>> ProjectRegistryManager.____refresh(____ProjectRegistryManager.java:__ >>>> __495) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.registry.____ >>>> ProjectRegistryManager.____refresh(____ProjectRegistryManager.java:__ >>>> __350) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.registry.____ >>>> ProjectRegistryManager.____refresh(____ProjectRegistryManager.java:__ >>>> __297) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.____ >>>> ProjectConfigurationManager.____configureNewMavenProjects(__ >>>> __ProjectConfigurationManager.____java:253) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.____ >>>> ProjectConfigurationManager$1.____call(____ >>>> ProjectConfigurationManager.____java:169) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.____ >>>> ProjectConfigurationManager$1.____call(____ >>>> ProjectConfigurationManager.____java:1) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____embedder.____ >>>> MavenExecutionContext.____executeBare(____ >>>> MavenExecutionContext.java:____176) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____embedder.____ >>>> MavenExecutionContext.execute(____MavenExecutionContext.java:____151) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____embedder.____ >>>> MavenExecutionContext.execute(____MavenExecutionContext.java:__99) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____embedder.MavenImpl. >>>> execute(____MavenImpl.java:1353) >>>> at >>>> >>>> org.eclipse.m2e.core.internal.____project.____ >>>> ProjectConfigurationManager.____importProjects(____ >>>> ProjectConfigurationManager.____java:137) >>>> at >>>> >>>> org.eclipse.m2e.core.ui.____internal.wizards.____ >>>> ImportMavenProjectsJob$1.____doCreateMavenProjects(____ >>>> ImportMavenProjectsJob.java:____73) >>>> at >>>> >>>> org.eclipse.m2e.core.ui.____internal.wizards.____ >>>> AbstractCreateMavenProjectsOpe____ration.run(____ >>>> AbstractCreateMavenProjectsOpe____ration.java:62) >>>> at >>>> >>>> org.eclipse.m2e.core.ui.____internal.wizards.____ >>>> ImportMavenProjectsJob.____runInWorkspace(____ >>>> ImportMavenProjectsJob.java:____82) >>>> at >>>> >>>> org.eclipse.core.internal.____resources.____ >>>> InternalWorkspaceJob.run(____InternalWorkspaceJob.java:38) >>>> at >>>> >>>> org.eclipse.core.internal.____jobs.Worker.run(Worker.java:__ >>>> __54) >>>> >>>> -- >>>> Alix Lourme >>>> >>>> >>>> ___________________________________________________ >>>> m2e-users mailing list >>>> [email protected] <mailto:[email protected]> >>>> <mailto:[email protected] <mailto:[email protected]>> >>>> To change your delivery options, retrieve your >>>> password, or >>>> unsubscribe from this list, visit >>>> https://dev.eclipse.org/____mailman/listinfo/m2e-users >>>> <https://dev.eclipse.org/__mailman/listinfo/m2e-users> >>>> <https://dev.eclipse.org/__mailman/listinfo/m2e-users >>>> <https://dev.eclipse.org/mailman/listinfo/m2e-users>> >>>> >>>> ___________________________________________________ >>>> m2e-users mailing list >>>> [email protected] <mailto:[email protected]> >>>> <mailto:[email protected] <mailto:[email protected]>> >>>> To change your delivery options, retrieve your password, or >>>> unsubscribe from this list, visit >>>> https://dev.eclipse.org/____mailman/listinfo/m2e-users >>>> <https://dev.eclipse.org/__mailman/listinfo/m2e-users> >>>> >>>> <https://dev.eclipse.org/__mailman/listinfo/m2e-users >>>> <https://dev.eclipse.org/mailman/listinfo/m2e-users>> >>>> >>>> >>>> >>>> >>>> -- >>>> Alix Lourme >>>> >>>> >>>> _________________________________________________ >>>> m2e-users mailing list >>>> [email protected] <mailto:[email protected]> >>>> To change your delivery options, retrieve your password, or >>>> unsubscribe from this list, visit >>>> https://dev.eclipse.org/__mailman/listinfo/m2e-users >>>> <https://dev.eclipse.org/mailman/listinfo/m2e-users> >>>> >>>> _________________________________________________ >>>> m2e-users mailing list >>>> [email protected] <mailto:[email protected]> >>>> To change your delivery options, retrieve your password, or >>>> unsubscribe from this list, visit >>>> https://dev.eclipse.org/__mailman/listinfo/m2e-users >>>> <https://dev.eclipse.org/mailman/listinfo/m2e-users> >>>> >>>> >>>> >>>> >>>> -- >>>> Alix Lourme >>>> >>>> >>>> _______________________________________________ >>>> m2e-users mailing list >>>> [email protected] >>>> To change your delivery options, retrieve your password, or unsubscribe >>>> from this list, visit >>>> https://dev.eclipse.org/mailman/listinfo/m2e-users >>>> >>>> _______________________________________________ >>> m2e-users mailing list >>> [email protected] >>> To change your delivery options, retrieve your password, or unsubscribe >>> from this list, visit >>> https://dev.eclipse.org/mailman/listinfo/m2e-users >>> >> >> >> >> -- >> Alix Lourme >> > > > > -- > Alix Lourme > -- Alix Lourme
_______________________________________________ m2e-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/m2e-users
