Hi, I'm having a look at the patch Thanks! Olivier On 1 October 2014 08:22, Robert Patrick <robert.patr...@oracle.com> wrote: > We filed an issue for the missing functionality that we need to support > protecting a Maven repository with an SSO solution and submitted a patch for > it (http://jira.codehaus.org/browse/WAGON-422). > > It would be great if someone could take a look at let us know if we need to > do anything else to get this included in the next release of Maven. If not, > we will be forced to fork the code and create our own wagon and that our > customers can use to access our repository. Please let us know which path > to pursue... > > Thanks, > Robert > > -- > Robert Patrick <robert.patr...@oracle.com> > VP, FMW Platform Engineering, Oracle Corporation > 7460 Warren Pkwy, Ste. 300 Office: +1.972.963.2872 > Frisco, TX 75034, USA Mobile: +1.469.556.9450 > > Professional Oracle WebLogic Server > by Robert Patrick, Gregory Nyberg, and Philip Aston > with Josh Bregman and Paul Done > Book Home Page: http://www.wrox.com/ > Kindle Version: http://www.amazon.com/ > > > -----Original Message----- > From: Stuart McCulloch [mailto:mccu...@gmail.com] > Sent: Thursday, September 25, 2014 9:13 AM > To: Maven Developers List > Subject: Re: Maven wagon-http Issue > > On 25 Sep 2014, at 03:34, Igor Fedorenko <i...@ifedorenko.com> wrote: > >> No, you are not missing anything. We don't usually use the connector >> as build extension and there appear some sisu/guice related bugs that >> result in the exception you see. > > I took a quick look and it's not actually a bug in sisu/guice causing this - > basically the issue is that the @Nullable annotation in the connector code is > not visible when it's used as an extension (due to Maven realm filtering). > This means the JVM silently removes the annotation as if it was never there, > so the code in guice which checks for @Nullable never sees it. Possible > solutions would be to add that package to the ones exported from maven core, > or use a different @Nullable annotation that is visible from the extension > (the package doesn't matter, guice will honour any annotation named @Nullable > as long as its visible), or use Provider to defer accessing the value. > >> I just released version 0.12.1 of the connector, which appears to work >> with maven 3.2.3 and I assume will work with earlier 3.2.1 versions too. >> You can get the new version from our releases repository [1] or wait >> another 15-20 minutes before the artifacts are synced to central. >> >> Please note that with pom.xml <extensions> you will still use maven >> default http/https wagon to download the connector itself. This is why >> we normally use the connector as part of custom maven distribution, >> like the one we embed in m2e, for example. >> >> [1] >> http://repository.takari.io:8081/nexus/content/repositories/releases/ >> >> -- >> Regards, >> Igor >> >> On 2014-09-24, 22:20, Mark Nelson wrote: >>> Same error with 0.12.0 - maybe I am missing some necessary configuration? >>> All I did was add a build/extension with the GAV for this wagon. >>> Is there anything else I need to do to enable it? >>> >>> Mark Nelson | Architect | 61.2.9491.1177 Platform Engineering Oracle >>> Development http://redstack.wordpress.com/ >>> >>> "Oracle BPM Suite 11g: Advanced BPMN Topics" >>> by Mark Nelson and Tanya Williams >>> http://bit.ly/UbNKLD >>> >>> On 9/25/2014 12:11 PM, Mark Nelson wrote: >>>> Thanks for the suggestion, but it still gives the same error. >>>> >>>> Mark Nelson | Architect | 61.2.9491.1177 Platform Engineering Oracle >>>> Development http://redstack.wordpress.com/ >>>> >>>> "Oracle BPM Suite 11g: Advanced BPMN Topics" >>>> by Mark Nelson and Tanya Williams >>>> http://bit.ly/UbNKLD >>>> >>>> On 9/25/2014 12:04 PM, Jason van Zyl wrote: >>>>> We updated 0.13.1 of the connector to use Aether 1.0, but 3.2.3 >>>>> still uses 0.9.0.M2 so you'll need to use the 0.13.0 version of the >>>>> connector. There were API changes in Aether. >>>>> >>>>> On Sep 24, 2014, at 9:11 PM, Mark Nelson <mark.x.nel...@oracle.com> >>>>> wrote: >>>>> >>>>>> I tired 3.2.1 and 3.2.3. >>>>>> >>>>>> Mark Nelson | Architect | 61.2.9491.1177 Platform Engineering >>>>>> Oracle Development http://redstack.wordpress.com/ >>>>>> >>>>>> "Oracle BPM Suite 11g: Advanced BPMN Topics" >>>>>> by Mark Nelson and Tanya Williams >>>>>> http://bit.ly/UbNKLD >>>>>> >>>>>> On 9/25/2014 11:09 AM, Igor Fedorenko wrote: >>>>>>> What maven version do you use? >>>>>>> >>>>>>> On September 24, 2014 9:00:00 PM EDT, Mark Nelson >>>>>>> <mark.x.nel...@oracle.com> wrote: >>>>>>>> Hi Igor, >>>>>>>> >>>>>>>> I am trying to use this okhttp-based wagon, but it is giving me >>>>>>>> an odd error that I have not seen before. >>>>>>>> I tried different versions of Maven and Java (7 and 8), and I >>>>>>>> went through the code to see if I could find any configuration >>>>>>>> properties that I needed to set in a build/plugin/configuration >>>>>>>> entry, but I could >>>>>>>> >>>>>>>> not find anything. >>>>>>>> >>>>>>>> I added the wagon like this: >>>>>>>> >>>>>>>> <extension> >>>>>>>> <groupId>io.takari.aether</groupId> >>>>>>>> <artifactId>aether-connector-okhttp</artifactId> >>>>>>>> <version>0.13.1</version> >>>>>>>> </extension> >>>>>>>> >>>>>>>> And the error is below. >>>>>>>> >>>>>>>> Would very much appreciate if you could point out anything I am >>>>>>>> missing/doing wrong. >>>>>>>> >>>>>>>> >>>>>>>> [INFO] >>>>>>>> ---------------------------------------------------------------- >>>>>>>> -------- >>>>>>>> >>>>>>>> [INFO] BUILD FAILURE >>>>>>>> [INFO] >>>>>>>> ---------------------------------------------------------------- >>>>>>>> -------- >>>>>>>> >>>>>>>> [INFO] Total time: 0.595 s >>>>>>>> [INFO] Finished at: 2014-09-25T10:49:50+10:00 [INFO] Final >>>>>>>> Memory: 5M/288M [INFO] >>>>>>>> ---------------------------------------------------------------- >>>>>>>> -------- >>>>>>>> >>>>>>>> [ERROR] Internal error: com.google.inject.ProvisionException: >>>>>>>> Guice provision errors: >>>>>>>> [ERROR] >>>>>>>> [ERROR] 1) null returned by binding at >>>>>>>> org.eclipse.sisu.wire.LocatorWiring >>>>>>>> [ERROR] but parameter 1 of >>>>>>>> io.takari.aether.connector.AetherRepositoryConnectorFactory.<ini >>>>>>>> t>() >>>>>>>> is >>>>>>>> >>>>>>>> not @Nullable >>>>>>>> [ERROR] while locating javax.net.ssl.SSLSocketFactory [ERROR] >>>>>>>> for parameter 1 at >>>>>>>> io.takari.aether.connector.AetherRepositoryConnectorFactory.<ini >>>>>>>> t>(Unknown >>>>>>>> >>>>>>>> >>>>>>>> Source) >>>>>>>> [ERROR] while locating >>>>>>>> io.takari.aether.connector.AetherRepositoryConnectorFactory >>>>>>>> [ERROR] at >>>>>>>> ClassRealm[extension>io.takari.aether:aether-connector-okhttp:0. >>>>>>>> 13.1, >>>>>>>> parent: sun.misc.Launcher$AppClassLoader@5c647e05] >>>>>>>> [ERROR] at >>>>>>>> ClassRealm[extension>io.takari.aether:aether-connector-okhttp:0. >>>>>>>> 13.1, >>>>>>>> parent: sun.misc.Launcher$AppClassLoader@5c647e05] >>>>>>>> [ERROR] while locating >>>>>>>> org.eclipse.aether.spi.connector.RepositoryConnectorFactory >>>>>>>> annotated with @com.google.inject.name.Named(value= >>>>>>>> okhttp) >>>>>>>> [ERROR] >>>>>>>> [ERROR] 1 error >>>>>>>> [ERROR] -> [Help 1] >>>>>>>> org.apache.maven.InternalErrorException: Internal error: >>>>>>>> com.google.inject.ProvisionException: Guice provision errors: >>>>>>>> >>>>>>>> 1) null returned by binding at >>>>>>>> org.eclipse.sisu.wire.LocatorWiring >>>>>>>> but parameter 1 of >>>>>>>> io.takari.aether.connector.AetherRepositoryConnectorFactory.<ini >>>>>>>> t>() >>>>>>>> is >>>>>>>> >>>>>>>> not @Nullable >>>>>>>> while locating javax.net.ssl.SSLSocketFactory >>>>>>>> for parameter 1 at >>>>>>>> io.takari.aether.connector.AetherRepositoryConnectorFactory.<ini >>>>>>>> t>(Unknown >>>>>>>> >>>>>>>> >>>>>>>> Source) >>>>>>>> while locating >>>>>>>> io.takari.aether.connector.AetherRepositoryConnectorFactory >>>>>>>> at >>>>>>>> ClassRealm[extension>io.takari.aether:aether-connector-okhttp:0. >>>>>>>> 13.1, >>>>>>>> parent: sun.misc.Launcher$AppClassLoader@5c647e05] >>>>>>>> at >>>>>>>> ClassRealm[extension>io.takari.aether:aether-connector-okhttp:0. >>>>>>>> 13.1, >>>>>>>> parent: sun.misc.Launcher$AppClassLoader@5c647e05] >>>>>>>> while locating >>>>>>>> org.eclipse.aether.spi.connector.RepositoryConnectorFactory >>>>>>>> annotated with @com.google.inject.name.Named(value=okhttp >>>>>>>> ) >>>>>>>> >>>>>>>> 1 error >>>>>>>> at >>>>>>>> org.apache.maven.lifecycle.internal.builder.BuilderCommon.handle >>>>>>>> BuildError(BuilderCommon.java:147) >>>>>>>> >>>>>>>> at >>>>>>>> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.build >>>>>>>> Project(LifecycleModuleBuilder.java:129) >>>>>>>> >>>>>>>> at >>>>>>>> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.build >>>>>>>> Project(LifecycleModuleBuilder.java:80) >>>>>>>> >>>>>>>> at >>>>>>>> org.apache.maven.lifecycle.internal.builder.singlethreaded.Singl >>>>>>>> eThreadedBuilder.build(SingleThreadedBuilder.java:51) >>>>>>>> >>>>>>>> at >>>>>>>> org.apache.maven.lifecycle.internal.LifecycleStarter.execute(Lif >>>>>>>> ecycleStarter.java:120) >>>>>>>> >>>>>>>> at >>>>>>>> org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:347) >>>>>>>> at >>>>>>>> org.apache.maven.DefaultMaven.execute(DefaultMaven.java:154) >>>>>>>> at org.apache.maven.cli.MavenCli.execute(MavenCli.java:582) >>>>>>>> at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:214) >>>>>>>> at org.apache.maven.cli.MavenCli.main(MavenCli.java:158) >>>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native >>>>>>>> Method) >>>>>>>> at >>>>>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor >>>>>>>> Impl.java:62) >>>>>>>> >>>>>>>> at >>>>>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod >>>>>>>> AccessorImpl.java:43) >>>>>>>> >>>>>>>> at java.lang.reflect.Method.invoke(Method.java:483) >>>>>>>> at >>>>>>>> org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced >>>>>>>> (Launcher.java:289) >>>>>>>> >>>>>>>> at >>>>>>>> org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launche >>>>>>>> r.java:229) >>>>>>>> >>>>>>>> at >>>>>>>> org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCo >>>>>>>> de(Launcher.java:415) >>>>>>>> >>>>>>>> at >>>>>>>> org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher. >>>>>>>> java:356) >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Mark Nelson | Architect | 61.2.9491.1177 Platform Engineering >>>>>>>> Oracle Development http://redstack.wordpress.com/ >>>>>>>> >>>>>>>> "Oracle BPM Suite 11g: Advanced BPMN Topics" >>>>>>>> by Mark Nelson and Tanya Williams http://bit.ly/UbNKLD >>>>>>>> >>>>>>>> On 9/25/2014 7:54 AM, Igor Fedorenko wrote: >>>>>>>>> There is yet another http connector implementation [1] (the >>>>>>>>> more the merrier, right? :-) ). It is based on square okhttp >>>>>>>>> client and is >>>>>>>> pretty >>>>>>>>> simple. I didn't try redirects, but auth credentials are not >>>>>>>>> scoped >>>>>>>> to a >>>>>>>>> specific url, so there is a chance this connector may work. >>>>>>>>> >>>>>>>>> This is the connector used in m2e, so it should be reasonable >>>>>>>>> well tested at this point. >>>>>>>>> >>>>>>>>> [1] https://github.com/tesla/aether-connector-okhttp >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Regards, >>>>>>>>> Igor >>>>>>>>> >>>>>>>>> On 2014-09-24, 17:46, Robert Patrick wrote: >>>>>>>>>> Hi, >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Sorry if this isn't worthy of the developers list but I >>>>>>>>>> believe that it is appropriate. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> We are trying to stand up a highly-available Maven repository >>>>>>>>>> that >>>>>>>> is >>>>>>>>>> protected by an SSO solution using Basic Auth over SSL. The >>>>>>>>>> architecture is as follows: >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> 1.) Maven clients connect over the internet to the repository >>>>>>>>>> using maven.example.com >>>>>>>>>> >>>>>>>>>> 2.) maven.example.com is a hardware load balancer DNS alias that >>>>>>>>>> uses HTTP 301 to redirect to repo.example.com >>>>>>>>>> >>>>>>>>>> 3.) repo.example.com uses HTTP 302 to redirect the request to >>>>>>>>>> login.example.com >>>>>>>>>> >>>>>>>>>> 4.) login.example.com sends back HTTP 401 to require >>>>>>>> authentication >>>>>>>>>> 5.) The client returns the request with the Authorization header >>>>>>>>>> and login.example.com uses HTTP 302 to redirect the request >>>>>>>>>> back to repo.example.com with the proper Authorization header >>>>>>>>>> and retrieve the artifact. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> We define the repository in settings.xml with a url of >>>>>>>>>> https://maven.example.com. The problem we are running into is >>>>>>>>>> that the Maven HTTP Wagon code is setting the AuthScope based >>>>>>>>>> on the Repository URL's host (and port, if supplied). >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Credentials creds = new >>>>>>>> UsernamePasswordCredentials( >>>>>>>>>> username, password ); >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> String host = getRepository().getHost(); >>>>>>>>>> >>>>>>>>>> int port = getRepository().getPort() > -1 ? >>>>>>>>>> getRepository().getPort() : AuthScope.ANY_PORT; >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> credentialsProvider.setCredentials( new >>>>>>>>>> AuthScope( host, port ), creds ); >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> As such, the AuthScope is created with "maven.example.com" and "-1" >>>>>>>>>> (i.e., AuthScope.ANY_PORT). This causes the Authorization >>>>>>>>>> header to not be returned in response to the HTTP 401 >>>>>>>>>> challenge and Maven simply moves on to try to retrieve the >>>>>>>>>> artifact from Maven Central (but the artifact isn't there.). >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> From reading the code, there doesn't appear to be any way of >>>>>>>> telling >>>>>>>>>> Maven to set the AuthScope realm to a value that we specify >>>>>>>>>> (and the AuthScope host to AuthScope.ANY_HOST). Are we >>>>>>>>>> missing something obvious or, as we believe, do we need to >>>>>>>>>> enhance Maven to support this type of configuration? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> We really need for this to work so what do you suggest? We >>>>>>>>>> had this mostly working with the >>>>>>>>>> org.sonatype.maven:wagon-ahc:1.2.1 wagon but we were running >>>>>>>>>> into an issue where Maven was dropping the Authorization >>>>>>>>>> header when fetching the artifact's checksum file, which made >>>>>>>>>> that solution unworkable. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Thanks, >>>>>>>>>> >>>>>>>>>> Robert >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> >>>>>>>>>> Robert Patrick <HYPERLINK >>>>>>>>>> "mailto:robert.patr...@oracle.com"robert.patr...@oracle.com> >>>>>>>>>> >>>>>>>>>> VP, FMW Platform Engineering, Oracle Corporation >>>>>>>>>> >>>>>>>>>> 7460 Warren Pkwy, Ste. 300 Office: +1.972.963.2872 >>>>>>>>>> >>>>>>>>>> Frisco, TX 75034, USA Mobile: +1.469.556.9450 >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> HYPERLINK >>>>>>>>>> >>>>>>>> "http://www.amazon.com/Professional-Oracle-WebLogic-Server-Patri >>>>>>>> ck/dp/0470484306/"Professional >>>>>>>> >>>>>>>> >>>>>>>>>> Oracle WebLogic Server >>>>>>>>>> >>>>>>>>>> by Robert Patrick, Gregory Nyberg, and Philip Aston >>>>>>>>>> >>>>>>>>>> with Josh Bregman and Paul Done >>>>>>>>>> >>>>>>>>>> Book Home Page: HYPERLINK >>>>>>>>>> >>>>>>>> "http://www.wrox.com/WileyCDA/WroxTitle/Professional-Oracle-WebL >>>>>>>> ogic-Server.productCd-0470484306.html"http://www.wrox.com/ >>>>>>>> >>>>>>>>>> Kindle Version: HYPERLINK >>>>>>>>>> >>>>>>>> "http://www.amazon.com/Professional-Oracle-WebLogic-Server-ebook >>>>>>>> /dp/B004HD69J2/"http://www.amazon.com/ >>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> --------------------------------------------------------------- >>>>>>>>> ------ >>>>>>>>> >>>>>>>>> To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For >>>>>>>>> additional commands, e-mail: dev-h...@maven.apache.org >>>>>>>>> >>>>>>>> ---------------------------------------------------------------- >>>>>>>> ----- To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org >>>>>>>> For additional commands, e-mail: dev-h...@maven.apache.org >>>>>> >>>>>> ------------------------------------------------------------------ >>>>>> --- To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For >>>>>> additional commands, e-mail: dev-h...@maven.apache.org >>>>>> >>>>> Thanks, >>>>> >>>>> Jason >>>>> >>>>> ---------------------------------------------------------- >>>>> Jason van Zyl >>>>> Founder, Apache Maven >>>>> http://twitter.com/jvanzyl >>>>> http://twitter.com/takari_io >>>>> --------------------------------------------------------- >>>>> >>>>> To do two things at once is to do neither. >>>>> -- Publilius Syrus, Roman slave, first century B.C. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> -------------------------------------------------------------------- >>>> - To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For >>>> additional commands, e-mail: dev-h...@maven.apache.org >>>> >>>> >>>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For >>> additional commands, e-mail: dev-h...@maven.apache.org >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For >> additional commands, e-mail: dev-h...@maven.apache.org >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For additional > commands, e-mail: dev-h...@maven.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org > For additional commands, e-mail: dev-h...@maven.apache.org >
-- Olivier Lamy http://twitter.com/olamy | http://linkedin.com/in/olamy --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For additional commands, e-mail: dev-h...@maven.apache.org