[
http://jira.codehaus.org/browse/MNG-4792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=269567#action_269567
]
Chris Tanger edited comment on MNG-4792 at 6/6/11 11:47 AM:
------------------------------------------------------------
I'm also experiencing this issue with maven 2.2.1 with a Nexus server on the
back. I have sniffed the http communications and the preemptive authentication
configuration is indeed being ignored.
Furthermore it appears that the expect 100-continue functionality isn't working
properly either. Protocol inspection reveals that even when 100-continue is
sent in the header the payload is still sent. Naturally this leads to a bad
checksum computation on the server since the first request is denied with 401
since preemptive authentication doesn't work.
Note: We are using a username and maven encrypted password in the server
section of settings.xml.
Here is an excerpt with the password altered of course.
<server>
<id>nexus-server</id>
<!-- configure windows domain username and encrypted password here
Don't forget you need to setup a settings-security.xml file too in the same
directory for password decryption purposes.
-->
<username>ctanger</username>
<!-- This may not be a valid base64 string since it was altered -->
<password>{CJ9S6SY2mSAH3w5CheexecNxNxd/nqZ3Wkef1a1a5Kg=}</password>
<configuration>
<wagonProvider>httpclient</wagonProvider>
<httpConfiguration>
<put>
<params>
<param>
<name>http.authentication.preemptive</name>
<value>%b,true</value>
</param>
</params>
</put>
</httpConfiguration>
</configuration>
</server>
was (Author: tangercp):
I'm also experiencing this issue with maven 2.2.1 with a Nexus server on
the back. I have sniffed the http communications and the preemptive
authentication configuration is indeed being ignored.
Furthermore it appears that the expect 100-continue functionality isn't working
properly either. Protocol inspection reveals that even when 100-continue is
sent in the header the payload is still sent. Naturally this leads to a bad
checksum computation on the server since the first request is denied with 401
since preemptive authentication doesn't work.
Note: We are using a username and maven encrypted password in the server
section of settings.xml.
Here is an excerpt with the password altered of course.
<server>
<id>nexus-server</id>
<!-- configure windows domain username and encrypted password here
Don't forget you need to setup a settings-security.xml file too in the same
directory for password decryption purposes.
-->
<username>ctanger</username>
<!-- This may not be a valid base64 string since it was altered -->
<password>{CJ9S6SY2mSAH3w5CheexecNxNxd/nqZ3Wkef1a1a5Kg=}</password>
<configuration>
<wagonProvider>httpclient</wagonProvider>
<httpConfiguration>
<all>
<params>
<param>
<name>http.authentication.preemptive</name>
<value>%b,true</value>
</param>
</params>
</all>
</httpConfiguration>
</configuration>
</server>
> Preemptive authentication doesn't work
> --------------------------------------
>
> Key: MNG-4792
> URL: http://jira.codehaus.org/browse/MNG-4792
> Project: Maven 2 & 3
> Issue Type: Bug
> Components: Artifacts and Repositories
> Affects Versions: 2.2.1
> Environment: Sun Java 1.6.0_21, Windows 7
> Reporter: Marcin Zajaczkowski
>
> It seems preemptive authentication in Maven using httpclient wagon provider
> doesn't work. With configuration taken form [1] Maven knock to repository
> (tested with Artifactory 2.2.5) as anonymous user.
> <server>
> <id>repo-id</id>
> <username>user</username>
> <password>pass</password>
> <configuration>
> <wagonProvider>httpclient</wagonProvider>
> <httpConfiguration>
> <put>
> <params>
> <param>
> <name>http.authentication.preemptive</name>
> <value>%b,true</value>
> </param>
> </params>
> </put>
> </httpConfiguration>
> </configuration>
> </server>
> Confirmed by independent party also with Maven 2.2.1. I can sniff http
> traffic if needed.
> [1] - http://maven.apache.org/guides/mini/guide-http-settings.html
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
