[
https://issues.apache.org/jira/browse/IVY-1168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12832248#action_12832248
]
Maarten Coene commented on IVY-1168:
------------------------------------
Thanks for the report Sven,
however, could you attach your changes as a patch file? This makes it easier to
see what your chances are.
> Authentication won't work in some situations
> --------------------------------------------
>
> Key: IVY-1168
> URL: https://issues.apache.org/jira/browse/IVY-1168
> Project: Ivy
> Issue Type: Bug
> Components: Ant
> Affects Versions: 2.1.0
> Reporter: Sven Walter
> Priority: Minor
> Attachments: changes.zip
>
>
> Hi,
> Regarding a requirement to publish an artifact (Hudson -> ivy (v.2.1.0)) only
> after a successful authentication against Archiva and LDAP I tried to realize
> it with the tag "credential" which is part of the ivysettings.xml.
> Unfortunately, it was quite hard to get this finally done. Different forum
> discussions did not provide enough help to solve my problems. After
> investigation and debugging of the ivy code I found the following
> issues/problems:
> 1. IvyAuthenticator was sometimes not the default:
> We have a very complex build process which includes some sub-ant calls. This
> leads to the problem that the default Authenticator will be changed to the
> java default or at least not the IvyAuthenticator. To ensure that the right
> one will be used I changed the BasicURLHandler and set the default before
> establishing the connection and publishing or retrieving an artifact.
> ...
> public void upload(...) { ...
> Authenticator.setDefault(IvyAuthenticator.INSTANCE); ... }
> ...
> 2. Unexpected realm information
> By using the HttpClient the realm won't be considered. We have different
> repositories in our Archiva (and only one host). The implementation adds the
> credential twice (key=re...@host and key=host). The last one will win because
> the HttpClient does not get the realm information. I think a better approach
> in this situation is to authenticate without the realm
> (HttpClientHandler.java). The current implementation works only if you have
> one repository or the last defined credential is always the right one.
> ...
> new AuthScope(c.getHost(), AuthScope.ANY_PORT, AuthScope.ANY_REALM) ...
> ...
> 3. The mystery of the realm
> The documentation is not very clear about the realm. It is hard to find out
> what the right realm is. To get a better overview I extend the class
> CredentialsStore with additional logging information to get more light into
> the dark.
> ...
> public Credentials getCredentials(...) { Message.debug("try to get
> credentials for: " + realm + "@" + host); ... }
> ...
>
> I build a new ivy.jar including all of my changes and now, it works. To avoid
> further costs in the future (by upgrading ivy) and supporting ivy I want to
> incorporate my changes into one of the next ivy releases. Is this possible or
> in general what do you think about the changes?
> Best regards,
> Sven Walter
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
