Please open a bugreport in m2e bugzilla [1]. Consider providing a quality patch if you want this fixed in m2e 1.6/mars release.
[1] https://bugs.eclipse.org/bugs/enter_bug.cgi?product=m2e -- Regards, Igor On 2015-02-16 4:15, Alix Lourme wrote:
Hi, Same behaviour with proxy configuration : - if encrypted password in settings.xml, error : /407 Proxy Authentication Required/ - if clear password, request works Best regards. 2015-02-16 0:13 GMT+01:00 Alix Lourme <[email protected] <mailto:[email protected]>>: Humm ... firstly : my apologies ... my previous tests took a complex direction, without analysis things in order (but your and my last message invited me to think correctly). I found a working case : when I use a clear password in settings.xml. But when I use a _encrypted password_ [1], it fails (so all behaviours I had are logical). => Thread reorientation : Perhaps m2e uses password without decrypt it before if encryption mechanism is used ? I will confirm you tomorrow if the "from my job test case" work when proxy password is "in clear". [1] http://maven.apache.org/guides/mini/guide-encryption.html#How_to_encrypt_server_passwords Best regards. 2015-02-15 23:55 GMT+01:00 Alix Lourme <[email protected] <mailto:[email protected]>>: Hi Igor, I tried first with AetherClientResourceFetcher because it was more simle to initialize. Thanks for the tips, I will check AetherRepositoryConnector. Yes the problem is always the same : from my home the https connection requires an authentication for pass the reverse-proxy security appliance (no proxy host configured) and access to intranet maven repository. But from my job, when I configure the maven repository in https as from internet (for test Friday), I need a proxy configuration to go on internet before "re" come in company intranet => double authentication used ... the 'proxy' authentication first and the 'server' authentication secondly. In this case, I have the 407 => proxy host used correctly (because OkHttpAetherClient throws exception when 407 and no proxy host configured), but user/password seems not to be used or bad. I concede that it could be a complex network schema ... but the security is important ^^. Best regards. 2015-02-15 23:32 GMT+01:00 Igor Fedorenko <[email protected] <mailto:[email protected]>>: The code snippet you provided authenticates with repository, which corresponds to <server> settings.xml configuration. Are you sure your problem is with proxy authentication, as you originally described? AetherClientResourceFetcher is a helper class for downloading Nexus indexes. Dependency resolver uses AetherRepositoryConnector, which delegates lower-level http/https handling to OkHttpAetherClient. -- Regards, Igor On 2015-02-15 17:04, Alix Lourme wrote: Hi, After checking /aether-connector-okhttp/, https authentication should work : many ssl unit test with JettyServer and /OkHttpAetherClient.execute/ [1] manages retry with authentication when first response is 401/407. This snippet code (used for getting index repository) works perfectly (with a MavenPluginActivator.__getUserAgent hack ... eclipse Platform not initialized in a Main). ------ AuthenticationInfo authInfos = new AuthenticationInfo(); authInfos.setUserName("foo"); authInfos.setPassword("bar"); AetherClientResourceFetcher fetcher = new AetherClientResourceFetcher(__authInfos, null, null); fetcher.connect(null, "https://repository.company.__com/repository <https://repository.company.com/repository>"); fetcher.retrieve("virtual/__junit/junit/4.12/junit-4.12.__jar", new File("test.jar")); ------ => The /AetherClientResourceFetcher/ is used similary in /DefaultMetadataResolver/ ? [1] https://github.com/takari/__aether-connector-okhttp/blob/__0fdc67248972a15dbddc5367c18296__64f2cbe28f/src/main/java/io/__takari/aether/okhttp/__OkHttpAetherClient.java <https://github.com/takari/aether-connector-okhttp/blob/0fdc67248972a15dbddc5367c1829664f2cbe28f/src/main/java/io/takari/aether/okhttp/OkHttpAetherClient.java> Best regards. 2015-02-13 18:03 GMT+01:00 Igor Fedorenko <[email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>>>: Looks like m2e does not properly handle 407 Proxy Authentication Required responses. m2e is not expected to show authentication popups, either valid credentials are provided in settings.xml or connection fails. Same as during command line build. Before you start debugging entire m2e sources, you may want to look at aether-connector-okhttp [1], which is http transport library m2e uses. This is where http protocol handling is implemented. [1] https://github.com/takari/____aether-connector-okhttp <https://github.com/takari/__aether-connector-okhttp> <https://github.com/takari/__aether-connector-okhttp <https://github.com/takari/aether-connector-okhttp>> -- Regards, Igor On 2015-02-13 11:32, Alix Lourme wrote: Hi Igor, Thanks for the reply. /> [...] kind of proxy is this? [...] http/https proxies are expected to work./ Humm ... I hope network team will not see my post so I quote : - Some two headers in 401 response is "WWW-Authenticate: BASIC realm="Unspecified"" and "Server: BigIP" - Detail : the main product of this company, same name as the key of keyboard used in a browser for reload the page ^^ => Standard /> Can you confirm you get auth popup with recent m2e 1.6 build?/ *No* :-(. No authentication popup with v1.6.0.20150203-1921. In my "home" use case : internet -> reverse-proxy -> maven repository (settings.xml contains only "server" configuration) In my today "job" use case for test : intranet -> proxy (iron port) -> [internet] -> reverse-proxy -> maven repository (settings.xml contains only "server" & "proxy" configuration) In this case I have the error message : "Failed to authenticate with proxy" The wireshark analysis shows : 1) Https URL connect through proxy : --- CONNECT repository.company.com:443 <http://repository.company.com:443> <http://repository.company.__com:443 <http://repository.company.com:443>> <http://repository.company.____com:443 <http://repository.company.__com:443 <http://repository.company.com:443>>> HTTP/1.1 Host: repository.company.com <http://repository.company.com> <http://repository.company.com__> <http://repository.company.__com__ <http://repository.company.com__>> Proxy-Connection: Keep-Alive User-Agent: m2e/3.10.1.v20140909-1633/1.6.____0.20150203-1921/1.7.0_71 --- 2) Proxy answer : --- HTTP/1.1 407 Proxy Authentication Required Proxy-Authenticate: Basic realm="[The name of] Security Appliance" ... --- ... and nothing else. => *m2e is supposed to open an authentication popup even if user/password is defined in settings.xml ?* If yes ... perhaps this is the root cause : There is no (logically) preemptive authentication (=> basic auth not in first call) ... but 401/407 doesn't provide popup. /> [...] Can you confirm your configuration uses protocol https?/ Yes, I check the bug link : active=true / protocol=https /> [...] need to run m2e through debugger [...] / Humm ... ok. I will try to load m2e source and write unit test in my real case./ / / / Thanks./ / Best regards./ / 2015-02-13 1:28 GMT+01:00 Igor Fedorenko <[email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>> <mailto:[email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>>>>__: What kind of proxy is this? m2e does not support ntlm, but standard http/https proxies are expected to work. Can you confirm you get auth popup with recent m2e 1.6 build? m2e and command line maven appear to disagree how to handle https proxy configuration. More specifically, m2e expects proxy configuration protocol https, while command line maven accepts http. This is tracked as bug 459638 [1]. Can you confirm your configuration uses protocol https? Beyond that, you'll need to run m2e through debugger and see what happens. I usually just change m2e http transport library (okhttp) to print dump all traffic to console. [1] https://bugs.eclipse.org/bugs/______show_bug.cgi?id=459638 <https://bugs.eclipse.org/bugs/____show_bug.cgi?id=459638> <https://bugs.eclipse.org/__bugs/__show_bug.cgi?id=459638 <https://bugs.eclipse.org/bugs/__show_bug.cgi?id=459638>> <https://bugs.eclipse.org/____bugs/show_bug.cgi?id=459638 <https://bugs.eclipse.org/__bugs/show_bug.cgi?id=459638> <https://bugs.eclipse.org/__bugs/show_bug.cgi?id=459638 <https://bugs.eclipse.org/bugs/show_bug.cgi?id=459638>>> -- Regards, Igor On 2015-02-12 17:19, Alix Lourme wrote: Hi, I'm faced to a infrastructure/network problem ... and I can't determine if it's a feature not supported, a bug, or other (configuration ?). _Environment_ : - Eclipse Kepler SR2 & m2e 1.4.0 or Luna SR1 & m2e 1.6.0 - External Maven v3.2.3 configured as "Installation" - A settings.xml configured as global/user "User Settings" (and used with previous Maven) - settings.xml defines a master https company repository (repository & pluginRepository) - settings.xml defines "server" credendials with password encryption (settings-security.xml usage) - id of server/repository/______pluginRepository is the same in settings.xml _Use case_ : - My company provides a Maven repository for internal developments - This repository can be accessed from internet (https) for external developments (at home ^^, no VPN configured, ...) via an infrastructure reverse proxy _Problem_ : - The dependencies resolution works in Maven command line, but not through m2e plugin (only when dependency doesn't exist in local repository, classpath configuration works perfectly when dependency exists in local repository) - Error is : Access denied to https://repository.my-company.______com/repository/virtual/__com/__my-__company/my-__artifact/1.0.__0-__SNAPSHOT/__maven-metadata.__xml <https://repository.my-____company.com/repository/____virtual/com/my-company/my-____artifact/1.0.0-SNAPSHOT/maven-____metadata.xml <https://repository.my-__company.com/repository/__virtual/com/my-company/my-__artifact/1.0.0-SNAPSHOT/maven-__metadata.xml> <https://repository.my-__company.com/repository/__virtual/com/my-company/my-__artifact/1.0.0-SNAPSHOT/maven-__metadata.xml <https://repository.my-company.com/repository/virtual/com/my-company/my-artifact/1.0.0-SNAPSHOT/maven-metadata.xml>>>. Error code 401, Unauthorized It is minor, but with m2e, I have lost the practice to use maven command line ^^. The error seems to be the same as the direct url access via a browser. This direct http call contains the (logically) response header 'WWW-Authenticate: "BASIC realm="Unspecified""', and authentication popup appears. (I can't simply catch m2e http call, wireshark analysis on https is not trivial). => _Hypothesis_ : - m2e doesn't use server credentials defined in settings.xml - m2e doesn't know re-send the http call with credentials when reverse proxy answers 401 I note that in the m2e plugin configuration, the maven embedded is used for dependencies resolution ... but if settings.xml used, it "should" work ... Plugin seems to configure server credentials (org.eclipse.m2e.core.______internal.repository.______RepositoryRegistry), so some java properties about native proxy configuration in addition to settings.xml are not 'required' (i'm not facing to an outgoing proxy). So ... I'm a little lost :-) This feature is supposed to be supported ? Or I'm wrong in somewhere ? Any idea are welcome. Thank you in advance (and globally for your work, m2e is simply magic and wonderful). Complete stack for information (with m2e 1.6.0) : org.eclipse.aether.transfer.______MetadataTransferException: [previous error] at org.eclipse.aether.internal.______impl.______DefaultUpdateCheckManager.______newException(______DefaultUpdateCheckManager.______java:363) at org.eclipse.aether.internal.______impl.______DefaultUpdateCheckManager.______checkMetadata(______DefaultUpdateCheckManager.______java:320) at org.eclipse.aether.internal.______impl.__DefaultMetadataResolver.______resolve(______DefaultMetadataResolver.java:______332) at org.eclipse.aether.internal.______impl.__DefaultMetadataResolver.______resolveMetadata(______DefaultMetadataResolver.java:______205) at org.apache.maven.repository.______internal.______DefaultVersionResolver.______resolveVersion(______DefaultVersionResolver.java:______250) at org.apache.maven.repository.______internal.______DefaultArtifactDescriptorReade______r.loadPom(______DefaultArtifactDescriptorReade______r.java:258) at org.apache.maven.repository.______internal.______DefaultArtifactDescriptorReade______r.readArtifactDescriptor(________DefaultArtifactDescriptorReade______r.java:217) at org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.________resolveCachedArtifactDescripto______r(____DefaultDependencyCollector.______java:525) at org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______getArtifactDescriptorResult(______DefaultDependencyCollector.______java:509) at org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______processDependency(______DefaultDependencyCollector.______java:409) at org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______processDependency(______DefaultDependencyCollector.______java:363) at org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______process(______DefaultDependencyCollector.______java:351) at org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______doRecurse(______DefaultDependencyCollector.______java:494) at org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______processDependency(______DefaultDependencyCollector.______java:458) at org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______processDependency(______DefaultDependencyCollector.______java:363) at org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______process(______DefaultDependencyCollector.______java:351) at org.eclipse.aether.internal.______impl.______DefaultDependencyCollector.______collectDependencies(______DefaultDependencyCollector.______java:254) at org.eclipse.aether.internal.______impl.__DefaultRepositorySystem.______collectDependencies(______DefaultRepositorySystem.java:______316) at org.apache.maven.project.______DefaultProjectDependenciesReso______lver.resolve(______DefaultProjectDependenciesReso______lver.java:172) at org.apache.maven.project.______DefaultProjectBuilder.______resolveDependencies(______DefaultProjectBuilder.java:______213) at org.apache.maven.project.______DefaultProjectBuilder.build(______DefaultProjectBuilder.java:______186) at org.apache.maven.project.______DefaultProjectBuilder.build(______DefaultProjectBuilder.java:______118) at org.eclipse.m2e.core.internal.______embedder.MavenImpl.______readMavenProject(MavenImpl.______java:634) at org.eclipse.m2e.core.internal.______project.registry.______DefaultMavenDependencyResolver______.__resolveProjectDependencies(__________DefaultMavenDependencyResolver______.java:63) at org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager.______refreshPhase2(______ProjectRegistryManager.java:______529) at org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager$3.call(______ProjectRegistryManager.__java:____491) at org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager$3.call(______ProjectRegistryManager.__java:__1) at org.eclipse.m2e.core.internal.______embedder.______MavenExecutionContext.______executeBare(______MavenExecutionContext.java:______176) at org.eclipse.m2e.core.internal.______embedder.______MavenExecutionContext.execute(______MavenExecutionContext.__java:____151) at org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager.______refresh(______ProjectRegistryManager.java:______495) at org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager.______refresh(______ProjectRegistryManager.java:______350) at org.eclipse.m2e.core.internal.______project.registry.______ProjectRegistryManager.______refresh(______ProjectRegistryManager.java:______297) at org.eclipse.m2e.core.internal.______project.______ProjectConfigurationManager.______configureNewMavenProjects(______ProjectConfigurationManager.______java:253) at org.eclipse.m2e.core.internal.______project.______ProjectConfigurationManager$1.______call(______ProjectConfigurationManager.______java:169) at org.eclipse.m2e.core.internal.______project.______ProjectConfigurationManager$1.______call(______ProjectConfigurationManager.______java:1) at org.eclipse.m2e.core.internal.______embedder.______MavenExecutionContext.______executeBare(______MavenExecutionContext.java:______176) at org.eclipse.m2e.core.internal.______embedder.______MavenExecutionContext.execute(______MavenExecutionContext.__java:____151) at org.eclipse.m2e.core.internal.______embedder.______MavenExecutionContext.execute(______MavenExecutionContext.__java:__99) at org.eclipse.m2e.core.internal.______embedder.MavenImpl.__execute(____MavenImpl.java:__1353) at org.eclipse.m2e.core.internal.______project.______ProjectConfigurationManager.______importProjects(______ProjectConfigurationManager.______java:137) at org.eclipse.m2e.core.ui.______internal.wizards.______ImportMavenProjectsJob$1.______doCreateMavenProjects(______ImportMavenProjectsJob.java:______73) at org.eclipse.m2e.core.ui.______internal.wizards.______AbstractCreateMavenProjectsOpe______ration.run(______AbstractCreateMavenProjectsOpe______ration.java:62) at org.eclipse.m2e.core.ui.______internal.wizards.______ImportMavenProjectsJob.______runInWorkspace(______ImportMavenProjectsJob.java:______82) at org.eclipse.core.internal.______resources.______InternalWorkspaceJob.run(______InternalWorkspaceJob.java:38) at org.eclipse.core.internal.______jobs.Worker.run(Worker.java:______54) -- Alix Lourme _____________________________________________________ m2e-users mailing list [email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>> <mailto:[email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>>__> To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/______mailman/listinfo/m2e-users <https://dev.eclipse.org/____mailman/listinfo/m2e-users> <https://dev.eclipse.org/____mailman/listinfo/m2e-users <https://dev.eclipse.org/__mailman/listinfo/m2e-users>> <https://dev.eclipse.org/____mailman/listinfo/m2e-users <https://dev.eclipse.org/__mailman/listinfo/m2e-users> <https://dev.eclipse.org/__mailman/listinfo/m2e-users <https://dev.eclipse.org/mailman/listinfo/m2e-users>>> _____________________________________________________ m2e-users mailing list [email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>> <mailto:[email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>>__> To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/______mailman/listinfo/m2e-users <https://dev.eclipse.org/____mailman/listinfo/m2e-users> <https://dev.eclipse.org/____mailman/listinfo/m2e-users <https://dev.eclipse.org/__mailman/listinfo/m2e-users>> <https://dev.eclipse.org/____mailman/listinfo/m2e-users <https://dev.eclipse.org/__mailman/listinfo/m2e-users> <https://dev.eclipse.org/__mailman/listinfo/m2e-users <https://dev.eclipse.org/mailman/listinfo/m2e-users>>> -- Alix Lourme ___________________________________________________ m2e-users mailing list [email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>> To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/____mailman/listinfo/m2e-users <https://dev.eclipse.org/__mailman/listinfo/m2e-users> <https://dev.eclipse.org/__mailman/listinfo/m2e-users <https://dev.eclipse.org/mailman/listinfo/m2e-users>> ___________________________________________________ m2e-users mailing list [email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>> To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/____mailman/listinfo/m2e-users <https://dev.eclipse.org/__mailman/listinfo/m2e-users> <https://dev.eclipse.org/__mailman/listinfo/m2e-users <https://dev.eclipse.org/mailman/listinfo/m2e-users>> -- Alix Lourme _________________________________________________ m2e-users mailing list [email protected] <mailto:[email protected]> To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/__mailman/listinfo/m2e-users <https://dev.eclipse.org/mailman/listinfo/m2e-users> _________________________________________________ m2e-users mailing list [email protected] <mailto:[email protected]> To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/__mailman/listinfo/m2e-users <https://dev.eclipse.org/mailman/listinfo/m2e-users> -- Alix Lourme -- Alix Lourme -- Alix Lourme _______________________________________________ m2e-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/m2e-users
_______________________________________________ m2e-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/m2e-users
