Humm ... firstly : my apologies ... my previous tests took a complex direction, without analysis things in order (but your and my last message invited me to think correctly).
I found a working case : when I use a clear password in settings.xml. But when I use a *encrypted password* [1], it fails (so all behaviours I had are logical). => Thread reorientation : Perhaps m2e uses password without decrypt it before if encryption mechanism is used ? I will confirm you tomorrow if the "from my job test case" work when proxy password is "in clear". [1] http://maven.apache.org/guides/mini/guide-encryption.html#How_to_encrypt_server_passwords Best regards. 2015-02-15 23:55 GMT+01:00 Alix Lourme <[email protected]>: > Hi Igor, > > I tried first with AetherClientResourceFetcher because it was more simle > to initialize. > Thanks for the tips, I will check AetherRepositoryConnector. > > Yes the problem is always the same : from my home the https connection > requires an authentication for pass the reverse-proxy security appliance > (no proxy host configured) and access to intranet maven repository. > > But from my job, when I configure the maven repository in https as from > internet (for test Friday), I need a proxy configuration to go on internet > before "re" come in company intranet => double authentication used ... the > 'proxy' authentication first and the 'server' authentication secondly. > > In this case, I have the 407 => proxy host used correctly (because > OkHttpAetherClient throws exception when 407 and no proxy host configured), > but user/password seems not to be used or bad. > > I concede that it could be a complex network schema ... but the security > is important ^^. > > Best regards. > > 2015-02-15 23:32 GMT+01:00 Igor Fedorenko <[email protected]>: > >> The code snippet you provided authenticates with repository, which >> corresponds to <server> settings.xml configuration. Are you sure your >> problem is with proxy authentication, as you originally described? >> >> AetherClientResourceFetcher is a helper class for downloading Nexus >> indexes. Dependency resolver uses AetherRepositoryConnector, which >> delegates lower-level http/https handling to OkHttpAetherClient. >> >> -- >> Regards, >> Igor >> >> On 2015-02-15 17:04, Alix Lourme wrote: >> >>> Hi, >>> >>> After checking /aether-connector-okhttp/, https authentication should >>> work : many ssl unit test with JettyServer and >>> /OkHttpAetherClient.execute/ [1] manages retry with authentication when >>> first response is 401/407. >>> >>> This snippet code (used for getting index repository) works perfectly >>> (with a MavenPluginActivator.getUserAgent hack ... eclipse Platform not >>> initialized in a Main). >>> ------ >>> AuthenticationInfo authInfos = new AuthenticationInfo(); >>> authInfos.setUserName("foo"); >>> authInfos.setPassword("bar"); >>> AetherClientResourceFetcher fetcher = new >>> AetherClientResourceFetcher(authInfos, null, null); >>> fetcher.connect(null, "https://repository.company.com/repository";); >>> fetcher.retrieve("virtual/junit/junit/4.12/junit-4.12.jar", new >>> File("test.jar")); >>> ------ >>> >>> => The /AetherClientResourceFetcher/ is used similary in >>> /DefaultMetadataResolver/ ? >>> >>> [1] >>> https://github.com/takari/aether-connector-okhttp/blob/ >>> 0fdc67248972a15dbddc5367c1829664f2cbe28f/src/main/java/io/ >>> takari/aether/okhttp/OkHttpAetherClient.java >>> >>> Best regards. >>> >>> 2015-02-13 18:03 GMT+01:00 Igor Fedorenko <[email protected] >>> <mailto:[email protected]>>: >>> >>> Looks like m2e does not properly handle 407 Proxy Authentication >>> Required responses. >>> >>> m2e is not expected to show authentication popups, either valid >>> credentials are provided in settings.xml or connection fails. Same as >>> during command line build. >>> >>> Before you start debugging entire m2e sources, you may want to look >>> at >>> aether-connector-okhttp [1], which is http transport library m2e >>> uses. >>> This is where http protocol handling is implemented. >>> >>> [1] https://github.com/takari/__aether-connector-okhttp >>> >>> <https://github.com/takari/aether-connector-okhttp> >>> >>> -- >>> Regards, >>> Igor >>> >>> On 2015-02-13 11:32, Alix Lourme wrote: >>> >>> Hi Igor, >>> >>> Thanks for the reply. >>> >>> /> [...] kind of proxy is this? [...] http/https proxies are >>> expected to >>> work./ >>> >>> Humm ... I hope network team will not see my post so I quote : >>> - Some two headers in 401 response is "WWW-Authenticate: BASIC >>> realm="Unspecified"" and "Server: BigIP" >>> - Detail : the main product of this company, same name as the >>> key of >>> keyboard used in a browser for reload the page ^^ >>> => Standard >>> >>> /> Can you confirm you get auth popup with recent m2e 1.6 build?/ >>> >>> *No* :-(. No authentication popup with v1.6.0.20150203-1921. >>> >>> In my "home" use case : internet -> reverse-proxy -> maven >>> repository >>> (settings.xml contains only "server" configuration) >>> In my today "job" use case for test : intranet -> proxy (iron >>> port) -> >>> [internet] -> reverse-proxy -> maven repository (settings.xml >>> contains >>> only "server" & "proxy" configuration) >>> >>> In this case I have the error message : "Failed to authenticate >>> with proxy" >>> The wireshark analysis shows : >>> 1) Https URL connect through proxy : >>> --- >>> CONNECT repository.company.com:443 >>> <http://repository.company.com:443> >>> <http://repository.company.__com:443 >>> <http://repository.company.com:443>> >>> HTTP/1.1 >>> Host: repository.company.com <http://repository.company.com> >>> <http://repository.company.com__> >>> Proxy-Connection: Keep-Alive >>> User-Agent: m2e/3.10.1.v20140909-1633/1.6. >>> __0.20150203-1921/1.7.0_71 >>> >>> --- >>> 2) Proxy answer : >>> --- >>> HTTP/1.1 407 Proxy Authentication Required >>> Proxy-Authenticate: Basic realm="[The name of] Security >>> Appliance" >>> ... >>> --- >>> ... and nothing else. >>> >>> => *m2e is supposed to open an authentication popup even if >>> user/password is defined in settings.xml ?* >>> >>> If yes ... perhaps this is the root cause : There is no >>> (logically) >>> preemptive authentication (=> basic auth not in first call) ... >>> but >>> 401/407 doesn't provide popup. >>> >>> /> [...] Can you confirm your configuration uses protocol https?/ >>> >>> Yes, I check the bug link : active=true / protocol=https >>> >>> /> [...] need to run m2e through debugger [...] >>> >>> / >>> Humm ... ok. I will try to load m2e source and write unit test >>> in my >>> real case./ >>> / >>> / >>> / >>> Thanks./ >>> / >>> Best regards./ >>> / >>> >>> 2015-02-13 1:28 GMT+01:00 Igor Fedorenko <[email protected] >>> <mailto:[email protected]> >>> <mailto:[email protected] <mailto:[email protected]>>>: >>> >>> What kind of proxy is this? m2e does not support ntlm, but >>> standard >>> http/https proxies are expected to work. >>> >>> Can you confirm you get auth popup with recent m2e 1.6 >>> build? >>> >>> m2e and command line maven appear to disagree how to handle >>> https proxy >>> configuration. More specifically, m2e expects proxy >>> configuration >>> protocol https, while command line maven accepts http. This >>> is tracked >>> as bug 459638 [1]. Can you confirm your configuration uses >>> protocol >>> https? >>> >>> Beyond that, you'll need to run m2e through debugger and >>> see what >>> happens. I usually just change m2e http transport library >>> (okhttp) to >>> print dump all traffic to console. >>> >>> [1] >>> https://bugs.eclipse.org/bugs/____show_bug.cgi?id=459638 >>> <https://bugs.eclipse.org/bugs/__show_bug.cgi?id=459638> >>> <https://bugs.eclipse.org/__bugs/show_bug.cgi?id=459638 >>> <https://bugs.eclipse.org/bugs/show_bug.cgi?id=459638>> >>> >>> -- >>> Regards, >>> Igor >>> >>> On 2015-02-12 17:19, Alix Lourme wrote: >>> >>> Hi, >>> >>> I'm faced to a infrastructure/network problem ... and I >>> can't >>> determine >>> if it's a feature not supported, a bug, or other >>> (configuration ?). >>> >>> _Environment_ : >>> - Eclipse Kepler SR2 & m2e 1.4.0 or Luna SR1 & m2e 1.6.0 >>> - External Maven v3.2.3 configured as "Installation" >>> - A settings.xml configured as global/user "User >>> Settings" (and used >>> with previous Maven) >>> - settings.xml defines a master https company repository >>> (repository & >>> pluginRepository) >>> - settings.xml defines "server" credendials with >>> password encryption >>> (settings-security.xml usage) >>> - id of server/repository/____pluginRepository is the >>> same in >>> settings.xml >>> >>> _Use case_ : >>> - My company provides a Maven repository for internal >>> developments >>> - This repository can be accessed from internet (https) >>> for external >>> developments (at home ^^, no VPN configured, ...) via an >>> infrastructure >>> reverse proxy >>> >>> _Problem_ : >>> - The dependencies resolution works in Maven command >>> line, but not >>> through m2e plugin (only when dependency doesn't exist >>> in local >>> repository, classpath configuration works perfectly >>> when dependency >>> exists in local repository) >>> - Error is : Access denied to >>> https://repository.my-company.____com/repository/virtual/ >>> com/__my-__company/my-artifact/1.0.__0-__SNAPSHOT/maven-metadata.__xml >>> >>> <https://repository.my-__company.com/repository/__ >>> virtual/com/my-company/my-__artifact/1.0.0-SNAPSHOT/maven-__metadata.xml >>> >>> <https://repository.my-company.com/repository/ >>> virtual/com/my-company/my-artifact/1.0.0-SNAPSHOT/maven-metadata.xml>>. >>> Error code 401, Unauthorized >>> >>> It is minor, but with m2e, I have lost the practice to >>> use maven >>> command >>> line ^^. >>> >>> The error seems to be the same as the direct url access >>> via a >>> browser. >>> This direct http call contains the (logically) response >>> header >>> 'WWW-Authenticate: "BASIC realm="Unspecified""', and >>> authentication >>> popup appears. >>> (I can't simply catch m2e http call, wireshark analysis >>> on https >>> is not >>> trivial). >>> >>> => _Hypothesis_ : >>> >>> - m2e doesn't use server credentials defined in >>> settings.xml >>> - m2e doesn't know re-send the http call with >>> credentials when >>> reverse >>> proxy answers 401 >>> >>> I note that in the m2e plugin configuration, the maven >>> embedded >>> is used >>> for dependencies resolution ... but if settings.xml >>> used, it >>> "should" >>> work ... >>> >>> Plugin seems to configure server credentials >>> >>> (org.eclipse.m2e.core.____internal.repository.____ >>> RepositoryRegistry), >>> so some >>> java properties about native proxy configuration in >>> addition to >>> settings.xml are not 'required' (i'm not facing to an >>> outgoing >>> proxy). >>> So ... I'm a little lost :-) >>> >>> This feature is supposed to be supported ? Or I'm wrong >>> in >>> somewhere ? >>> Any idea are welcome. >>> >>> Thank you in advance (and globally for your work, m2e >>> is simply >>> magic >>> and wonderful). >>> >>> Complete stack for information (with m2e 1.6.0) : >>> org.eclipse.aether.transfer.__ >>> __MetadataTransferException: >>> [previous error] >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultUpdateCheckManager.____newException(____ >>> DefaultUpdateCheckManager.____java:363) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultUpdateCheckManager.____checkMetadata(____ >>> DefaultUpdateCheckManager.____java:320) >>> at >>> >>> org.eclipse.aether.internal.____impl. >>> DefaultMetadataResolver.____resolve(____DefaultMetadataResolver.java:_ >>> ___332) >>> at >>> >>> org.eclipse.aether.internal.____impl. >>> DefaultMetadataResolver.____resolveMetadata(____ >>> DefaultMetadataResolver.java:____205) >>> at >>> >>> org.apache.maven.repository.____internal.____ >>> DefaultVersionResolver.____resolveVersion(____ >>> DefaultVersionResolver.java:____250) >>> at >>> >>> org.apache.maven.repository.____internal.____ >>> DefaultArtifactDescriptorReade____r.loadPom(____ >>> DefaultArtifactDescriptorReade____r.java:258) >>> at >>> >>> org.apache.maven.repository.____internal.____ >>> DefaultArtifactDescriptorReade____r.readArtifactDescriptor(____ >>> DefaultArtifactDescriptorReade____r.java:217) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultDependencyCollector.____resolveCachedArtifactDescripto____r(__ >>> DefaultDependencyCollector.____java:525) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultDependencyCollector.____getArtifactDescriptorResult(_ >>> ___DefaultDependencyCollector.____java:509) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultDependencyCollector.____processDependency(____ >>> DefaultDependencyCollector.____java:409) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultDependencyCollector.____processDependency(____ >>> DefaultDependencyCollector.____java:363) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultDependencyCollector.____process(____ >>> DefaultDependencyCollector.____java:351) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultDependencyCollector.____doRecurse(____ >>> DefaultDependencyCollector.____java:494) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultDependencyCollector.____processDependency(____ >>> DefaultDependencyCollector.____java:458) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultDependencyCollector.____processDependency(____ >>> DefaultDependencyCollector.____java:363) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultDependencyCollector.____process(____ >>> DefaultDependencyCollector.____java:351) >>> at >>> >>> org.eclipse.aether.internal.____impl.____ >>> DefaultDependencyCollector.____collectDependencies(____ >>> DefaultDependencyCollector.____java:254) >>> at >>> >>> org.eclipse.aether.internal.____impl. >>> DefaultRepositorySystem.____collectDependencies(____ >>> DefaultRepositorySystem.java:____316) >>> at >>> >>> org.apache.maven.project.____DefaultProjectDependenciesReso >>> ____lver.resolve(____DefaultProjectDependenciesReso____lver.java:172) >>> at >>> >>> org.apache.maven.project.____DefaultProjectBuilder.____ >>> resolveDependencies(____DefaultProjectBuilder.java:____213) >>> at >>> >>> org.apache.maven.project.____DefaultProjectBuilder.build(__ >>> __DefaultProjectBuilder.java:____186) >>> at >>> >>> org.apache.maven.project.____DefaultProjectBuilder.build(__ >>> __DefaultProjectBuilder.java:____118) >>> at >>> >>> org.eclipse.m2e.core.internal.____embedder.MavenImpl.____ >>> readMavenProject(MavenImpl.____java:634) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.registry.____ >>> DefaultMavenDependencyResolver____.resolveProjectDependencies(______ >>> DefaultMavenDependencyResolver____.java:63) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.registry.____ >>> ProjectRegistryManager.____refreshPhase2(____ >>> ProjectRegistryManager.java:____529) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.registry.____ >>> ProjectRegistryManager$3.call(____ProjectRegistryManager.java:____491) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.registry.____ >>> ProjectRegistryManager$3.call(____ProjectRegistryManager.java:__1) >>> at >>> >>> org.eclipse.m2e.core.internal.____embedder.____ >>> MavenExecutionContext.____executeBare(____MavenExecutionContext.java:___ >>> _176) >>> at >>> >>> org.eclipse.m2e.core.internal.____embedder.____ >>> MavenExecutionContext.execute(____MavenExecutionContext.java:____151) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.registry.____ >>> ProjectRegistryManager.____refresh(____ProjectRegistryManager.java:__ >>> __495) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.registry.____ >>> ProjectRegistryManager.____refresh(____ProjectRegistryManager.java:__ >>> __350) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.registry.____ >>> ProjectRegistryManager.____refresh(____ProjectRegistryManager.java:__ >>> __297) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.____ >>> ProjectConfigurationManager.____configureNewMavenProjects(__ >>> __ProjectConfigurationManager.____java:253) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.____ >>> ProjectConfigurationManager$1.____call(____ >>> ProjectConfigurationManager.____java:169) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.____ >>> ProjectConfigurationManager$1.____call(____ >>> ProjectConfigurationManager.____java:1) >>> at >>> >>> org.eclipse.m2e.core.internal.____embedder.____ >>> MavenExecutionContext.____executeBare(____MavenExecutionContext.java:___ >>> _176) >>> at >>> >>> org.eclipse.m2e.core.internal.____embedder.____ >>> MavenExecutionContext.execute(____MavenExecutionContext.java:____151) >>> at >>> >>> org.eclipse.m2e.core.internal.____embedder.____ >>> MavenExecutionContext.execute(____MavenExecutionContext.java:__99) >>> at >>> >>> org.eclipse.m2e.core.internal.____embedder.MavenImpl. >>> execute(____MavenImpl.java:1353) >>> at >>> >>> org.eclipse.m2e.core.internal.____project.____ >>> ProjectConfigurationManager.____importProjects(____ >>> ProjectConfigurationManager.____java:137) >>> at >>> >>> org.eclipse.m2e.core.ui.____internal.wizards.____ >>> ImportMavenProjectsJob$1.____doCreateMavenProjects(____ >>> ImportMavenProjectsJob.java:____73) >>> at >>> >>> org.eclipse.m2e.core.ui.____internal.wizards.____ >>> AbstractCreateMavenProjectsOpe____ration.run(____ >>> AbstractCreateMavenProjectsOpe____ration.java:62) >>> at >>> >>> org.eclipse.m2e.core.ui.____internal.wizards.____ >>> ImportMavenProjectsJob.____runInWorkspace(____ >>> ImportMavenProjectsJob.java:____82) >>> at >>> >>> org.eclipse.core.internal.____resources.____ >>> InternalWorkspaceJob.run(____InternalWorkspaceJob.java:38) >>> at >>> >>> org.eclipse.core.internal.____jobs.Worker.run(Worker.java:__ >>> __54) >>> >>> -- >>> Alix Lourme >>> >>> >>> ___________________________________________________ >>> m2e-users mailing list >>> [email protected] <mailto:[email protected]> >>> <mailto:[email protected] <mailto:[email protected]>> >>> To change your delivery options, retrieve your >>> password, or >>> unsubscribe from this list, visit >>> https://dev.eclipse.org/____mailman/listinfo/m2e-users >>> <https://dev.eclipse.org/__mailman/listinfo/m2e-users> >>> <https://dev.eclipse.org/__mailman/listinfo/m2e-users >>> <https://dev.eclipse.org/mailman/listinfo/m2e-users>> >>> >>> ___________________________________________________ >>> m2e-users mailing list >>> [email protected] <mailto:[email protected]> >>> <mailto:[email protected] <mailto:[email protected]>> >>> To change your delivery options, retrieve your password, or >>> unsubscribe from this list, visit >>> https://dev.eclipse.org/____mailman/listinfo/m2e-users >>> <https://dev.eclipse.org/__mailman/listinfo/m2e-users> >>> >>> <https://dev.eclipse.org/__mailman/listinfo/m2e-users >>> <https://dev.eclipse.org/mailman/listinfo/m2e-users>> >>> >>> >>> >>> >>> -- >>> Alix Lourme >>> >>> >>> _________________________________________________ >>> m2e-users mailing list >>> [email protected] <mailto:[email protected]> >>> To change your delivery options, retrieve your password, or >>> unsubscribe from this list, visit >>> https://dev.eclipse.org/__mailman/listinfo/m2e-users >>> <https://dev.eclipse.org/mailman/listinfo/m2e-users> >>> >>> _________________________________________________ >>> m2e-users mailing list >>> [email protected] <mailto:[email protected]> >>> To change your delivery options, retrieve your password, or >>> unsubscribe from this list, visit >>> https://dev.eclipse.org/__mailman/listinfo/m2e-users >>> <https://dev.eclipse.org/mailman/listinfo/m2e-users> >>> >>> >>> >>> >>> -- >>> Alix Lourme >>> >>> >>> _______________________________________________ >>> m2e-users mailing list >>> [email protected] >>> To change your delivery options, retrieve your password, or unsubscribe >>> from this list, visit >>> https://dev.eclipse.org/mailman/listinfo/m2e-users >>> >>> _______________________________________________ >> m2e-users mailing list >> [email protected] >> To change your delivery options, retrieve your password, or unsubscribe >> from this list, visit >> https://dev.eclipse.org/mailman/listinfo/m2e-users >> > > > > -- > Alix Lourme > -- Alix Lourme
_______________________________________________ m2e-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/m2e-users
