[ https://issues.apache.org/jira/browse/IVY-1168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12832248#action_12832248 ]
Maarten Coene commented on IVY-1168: ------------------------------------ Thanks for the report Sven, however, could you attach your changes as a patch file? This makes it easier to see what your chances are. > Authentication won't work in some situations > -------------------------------------------- > > Key: IVY-1168 > URL: https://issues.apache.org/jira/browse/IVY-1168 > Project: Ivy > Issue Type: Bug > Components: Ant > Affects Versions: 2.1.0 > Reporter: Sven Walter > Priority: Minor > Attachments: changes.zip > > > Hi, > Regarding a requirement to publish an artifact (Hudson -> ivy (v.2.1.0)) only > after a successful authentication against Archiva and LDAP I tried to realize > it with the tag "credential" which is part of the ivysettings.xml. > Unfortunately, it was quite hard to get this finally done. Different forum > discussions did not provide enough help to solve my problems. After > investigation and debugging of the ivy code I found the following > issues/problems: > 1. IvyAuthenticator was sometimes not the default: > We have a very complex build process which includes some sub-ant calls. This > leads to the problem that the default Authenticator will be changed to the > java default or at least not the IvyAuthenticator. To ensure that the right > one will be used I changed the BasicURLHandler and set the default before > establishing the connection and publishing or retrieving an artifact. > ... > public void upload(...) { ... > Authenticator.setDefault(IvyAuthenticator.INSTANCE); ... } > ... > 2. Unexpected realm information > By using the HttpClient the realm won't be considered. We have different > repositories in our Archiva (and only one host). The implementation adds the > credential twice (key=re...@host and key=host). The last one will win because > the HttpClient does not get the realm information. I think a better approach > in this situation is to authenticate without the realm > (HttpClientHandler.java). The current implementation works only if you have > one repository or the last defined credential is always the right one. > ... > new AuthScope(c.getHost(), AuthScope.ANY_PORT, AuthScope.ANY_REALM) ... > ... > 3. The mystery of the realm > The documentation is not very clear about the realm. It is hard to find out > what the right realm is. To get a better overview I extend the class > CredentialsStore with additional logging information to get more light into > the dark. > ... > public Credentials getCredentials(...) { Message.debug("try to get > credentials for: " + realm + "@" + host); ... } > ... > > I build a new ivy.jar including all of my changes and now, it works. To avoid > further costs in the future (by upgrading ivy) and supporting ivy I want to > incorporate my changes into one of the next ivy releases. Is this possible or > in general what do you think about the changes? > Best regards, > Sven Walter -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.