[
http://jira.codehaus.org/browse/MANTTASKS-177?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=209868#action_209868
]
Ross Mellgren commented on MANTTASKS-177:
-----------------------------------------
Er, I get authentication errors every time I use <artifact:dependencies>:
[INFO] snapshot net.liftweb:lift-actor:2.0-SNAPSHOT: checking for updates from
paytronix-public
[WARNING] repository metadata for: 'snapshot
net.liftweb:lift-actor:2.0-SNAPSHOT' could not be retrieved from repository:
paytronix-public due to an error: Authorization failed: Access denied to:
http://greylock.corp.paytronix.com/nexus/content/groups/public/net/liftweb/lift-actor/2.0-SNAPSHOT/maven-metadata.xml
[INFO] Repository 'paytronix-public' will be blacklisted
Using the given .m2/settings.xml
> artifact:dependencies ignores settings-security.xml and sends password hash
> to repository
> -----------------------------------------------------------------------------------------
>
> Key: MANTTASKS-177
> URL: http://jira.codehaus.org/browse/MANTTASKS-177
> Project: Maven 2.x Ant Tasks
> Issue Type: Bug
> Components: dependencies task
> Affects Versions: 2.1.0
> Environment: Mac OS X, Ant 1.7.1, Maven 2.2.1, maven-ant-tasks 2.1.0,
> Sonatype Nexus Open Source Edition 1.5.0
> Reporter: Ross Mellgren
>
> I have a mirror repository configured in .m2/settings.xml, and its <server>
> entry uses an encrypted password in <password>, using the master password set
> in .m2/settings-security.xml.
> I followed this guide:
> http://maven.apache.org/guides/mini/guide-encryption.html
> I get authentication errors every time i use <?xml version="1.0" ?>
> <settings>
> <mirrors>
> <mirror>
> <id>paytronix-public</id>
>
> <url>https://greylock.corp.paytronix.com/nexus/content/groups/public</url>
> <mirrorOf>*</mirrorOf>
> </mirror>
> </mirrors>
> <servers>
> <server>
> <id>paytronix-public</id>
> <username>rmellgren</username>
> <!-- <password> element omitted -->
> </server>
> </servers>
> </settings>
> I switched to http and then used tcpdump to watch the request, then decoded
> the Authorization header. The {mumblemumble} password hash was sent not the
> decrypted password.
> Looking into maven-ant-tasks.jar, I see a META-INF/plexus/components.xml
> which does not include plexus-sec-dispatcher from maven-core. I tried
> spinning my own copy of maven-ant-tasks with the appropriate component for
> plexus-sec-dispatcher added, but it didn't work, so I think I'm out of my
> depth in the troubleshooting/rectification department.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
