[jira] [Commented] (WAGON-538) Basic authentication fails if the password contains non-ASCII characters
[ https://issues.apache.org/jira/browse/WAGON-538?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16687617#comment-16687617 ] Aleksander Gjermundsen commented on WAGON-538: -- [~michael-o]: The WAGON-540 branch works for me. It downloads files from Nexus and the log now says: {code} 8441 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> HEAD /repository/maven-public/org/codehaus/plexus/plexus/1.0.11/plexus-1.0.11.pom HTTP/1.1 8441 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Cache-control: no-cache 8441 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Cache-store: no-store 8442 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Pragma: no-cache 8442 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> User-Agent: Apache-Maven/3.6.1-SNAPSHOT (Java 1.8.0_192; Linux 4.19.1-1-MANJARO) 8442 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Host: localhost:8081 8442 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Connection: Keep-Alive 8443 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Accept-Encoding: gzip,deflate 8443 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Authorization: Basic dXNlcsOYOnVzZXLDmA== {code} This was without http.auth.credential-charset defined in settings.xml, so simply: {code} nexus userØ userØ {code} > Basic authentication fails if the password contains non-ASCII characters > > > Key: WAGON-538 > URL: https://issues.apache.org/jira/browse/WAGON-538 > Project: Maven Wagon > Issue Type: Bug > Components: wagon-http >Affects Versions: 3.2.0 >Reporter: Aleksander Gjermundsen >Assignee: Michael Osipov >Priority: Major > Fix For: 3.3.0 > > > If the username and/or password used to authenticate to Nexus contains > non-ascii characters, the authentication fails with an access denied error. > After using Wireshark to investigate the headers being sent (in my case "Ø", > any non-ascii characters are replaced with "?". > To test, I have used the following configuration: > {code:java} > http://maven.apache.org/SETTINGS/1.0.0; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; > xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 > http://maven.apache.org/xsd/settings-1.0.0.xsd;> > ... > > > artifactory > userØ > userØ > > > ... > > > nexus > * > Local Nexus > http://localhost:8081/repository/maven-public > > > ... > {code} > The settings.xml file is saved using UTF-8 encoding and it appears that Maven > reads the username and passwords correctly into strings, but Apache > HttpClient do not encode the UTF-8 characters when encoding them into base64. > I did a quick patch of Wagon to make it work for my use case, where > HttpClient is configured to encode as UTF-8. As is mentioned in MNG-5917, it > is not completely clear from the standards how these characters are supposed > to be handled, but on my system both wget and the Chrome web browser encode > the characters the same way as after my patch and are able to download files > from Nexus. > Since Artifactory was used in MNG-5917, I also tested against that, but in > contrast to Maven it was not able to decode the username and password > correctly, however it would be broken without the patch anyway. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (WAGON-538) Basic authentication fails if the password contains non-ascii characters
[ https://issues.apache.org/jira/browse/WAGON-538?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16684272#comment-16684272 ] Aleksander Gjermundsen commented on WAGON-538: -- I tried to enable more logging (https://support.sonatype.com/hc/en-us/articles/213464088-Configuring-Maven-HTTP-Wagon-Detailed-Logging) and this is an extract of the output (used Apache HttpClient as an example project): {code} 1740 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.auth.HttpAuthenticator - Authentication required 1740 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.auth.HttpAuthenticator - localhost:8081 requested authentication 1740 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.client.TargetAuthenticationStrategy - Authentication schemes in the order of preference: [Negotiate, Kerberos, NTLM, CredSSP, Digest, Basic] 1741 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.client.TargetAuthenticationStrategy - Challenge for Negotiate authentication scheme not available 1741 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.client.TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available 1741 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.client.TargetAuthenticationStrategy - Challenge for NTLM authentication scheme not available 1742 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.client.TargetAuthenticationStrategy - Challenge for CredSSP authentication scheme not available 1742 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.client.TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available 1748 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.auth.HttpAuthenticator - Selected authentication options: [BASIC [complete=true]] 1749 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.conn.DefaultManagedHttpClientConnection - http-outgoing-0: set socket timeout to 180 1749 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.execchain.MainClientExec - Executing request HEAD /repository/maven-public/org/apache/httpcomponents/httpcomponents-parent/11/httpcomponents-parent-11.pom HTTP/1.1 1750 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.execchain.MainClientExec - Target auth state: CHALLENGED 1750 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.auth.HttpAuthenticator - Generating response to an authentication challenge using basic scheme 1754 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.impl.execchain.MainClientExec - Proxy auth state: UNCHALLENGED 1755 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> HEAD /repository/maven-public/org/apache/httpcomponents/httpcomponents-parent/11/httpcomponents-parent-11.pom HTTP/1.1 1756 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Cache-control: no-cache 1756 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Cache-store: no-store 1757 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Pragma: no-cache 1757 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> User-Agent: Apache-Maven/3.6.1-SNAPSHOT (Java 1.8.0_192; Linux 4.19.1-1-MANJARO) 1758 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Host: localhost:8081 1759 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Connection: Keep-Alive 1759 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Accept-Encoding: gzip,deflate 1760 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.headers - http-outgoing-0 >> Authorization: Basic dXNlcj86dXNlcj8= 1760 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.wire - http-outgoing-0 >> "HEAD /repository/maven-public/org/apache/httpcomponents/httpcomponents-parent/11/httpcomponents-parent-11.pom HTTP/1.1[\r][\n]" 1761 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.wire - http-outgoing-0 >> "Cache-control: no-cache[\r][\n]" 1761 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.wire - http-outgoing-0 >> "Cache-store: no-store[\r][\n]" 1762 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.wire - http-outgoing-0 >> "Pragma: no-cache[\r][\n]" 1762 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.wire - http-outgoing-0 >> "User-Agent: Apache-Maven/3.6.1-SNAPSHOT (Java 1.8.0_192; Linux 4.19.1-1-MANJARO)[\r][\n]" 1763 [main] [DEBUG] org.apache.maven.wagon.providers.http.httpclient.wire - http-outgoing-0 >> "Host:
[jira] [Commented] (WAGON-538) Basic authentication fails if the password contains non-ascii characters
[ https://issues.apache.org/jira/browse/WAGON-538?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16682974#comment-16682974 ] Aleksander Gjermundsen commented on WAGON-538: -- I had not considered your comment in WAGON-487. That would accomplish what I need to do, if I could get it to work. I tried the following in settings.xml, but it did not make a difference to the header that was sent: {code} nexus userØ userØ http.auth.credential-charset UTF-8 {code} Looking at the documentation for HttpClient, I can see that property mentioned here for version 4.2: https://hc.apache.org/httpcomponents-client-4.2.x/tutorial/html/authentication.html But then for version 4.5 that Wagon uses it is no longer mentioned (or any other properties for that matter): https://hc.apache.org/httpcomponents-client-4.5.x/tutorial/html/authentication.html I based my fix on this Stackoverflow post: https://stackoverflow.com/questions/27955067/use-of-non-ascii-credentials-not-working-in-httpclient-4-3-x It suggests that the encoding scheme no longer can be configured globally? Not sure if this is the Oleg that is one of the core commiters on HttpClient. > Basic authentication fails if the password contains non-ascii characters > > > Key: WAGON-538 > URL: https://issues.apache.org/jira/browse/WAGON-538 > Project: Maven Wagon > Issue Type: Bug >Reporter: Aleksander Gjermundsen >Priority: Major > > If the username and/or password used to authenticate to Nexus contains > non-ascii characters, the authentication fails with an access denied error. > After using Wireshark to investigate the headers being sent (in my case "Ø", > any non-ascii characters are replaced with "?". > To test, I have used the following configuration: > {code:java} > http://maven.apache.org/SETTINGS/1.0.0; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; > xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 > http://maven.apache.org/xsd/settings-1.0.0.xsd;> > ... > > > artifactory > userØ > userØ > > > ... > > > nexus > * > Local Nexus > http://localhost:8081/repository/maven-public > > > ... > {code} > The settings.xml file is saved using UTF-8 encoding and it appears that Maven > reads the username and passwords correctly into strings, but Apache > HttpClient do not encode the UTF-8 characters when encoding them into base64. > I did a quick patch of Wagon to make it work for my use case, where > HttpClient is configured to encode as UTF-8. As is mentioned in MNG-5917, it > is not completely clear from the standards how these characters are supposed > to be handled, but on my system both wget and the Chrome web browser encode > the characters the same way as after my patch and are able to download files > from Nexus. > Since Artifactory was used in MNG-5917, I also tested against that, but in > contrast to Maven it was not able to decode the username and password > correctly, however it would be broken without the patch anyway. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6514) Basic authentication fails if the password contains non-ascii characters
[ https://issues.apache.org/jira/browse/MNG-6514?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16682912#comment-16682912 ] Aleksander Gjermundsen commented on MNG-6514: - https://github.com/apache/maven-wagon/pull/52 > Basic authentication fails if the password contains non-ascii characters > > > Key: MNG-6514 > URL: https://issues.apache.org/jira/browse/MNG-6514 > Project: Maven > Issue Type: Bug >Reporter: Aleksander Gjermundsen >Priority: Major > > If the username and/or password used to authenticate to Nexus contains > non-ascii characters, the authentication fails with an access denied error. > After using Wireshark to investigate the headers being sent (in my case "Ø", > any non-ascii characters are replaced with "?". > To test, I have used the following configuration: > {code:java} > http://maven.apache.org/SETTINGS/1.0.0; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; > xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 > http://maven.apache.org/xsd/settings-1.0.0.xsd;> > ... > > > artifactory > userØ > userØ > > > ... > > > nexus > * > Local Nexus > http://localhost:8081/repository/maven-public > > > ... > {code} > The settings.xml file is saved using UTF-8 encoding and it appears that Maven > reads the username and passwords correctly into strings, but Apache > HttpClient do not encode the UTF-8 characters when encoding them into base64. > I did a quick patch of Wagon to make it work for my use case, where > HttpClient is configured to encode as UTF-8. As is mentioned in MNG-5917, it > is not completely clear from the standards how these characters are supposed > to be handled, but on my system both wget and the Chrome web browser encode > the characters the same way as after my patch and are able to download files > from Nexus. > Since Artifactory was used in MNG-5917, I also tested against that, but in > contrast to Maven it was not able to decode the username and password > correctly, however it would be broken without the patch anyway. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (MNG-6514) Basic authentication fails if the password contains non-ascii characters
Aleksander Gjermundsen created MNG-6514: --- Summary: Basic authentication fails if the password contains non-ascii characters Key: MNG-6514 URL: https://issues.apache.org/jira/browse/MNG-6514 Project: Maven Issue Type: Bug Reporter: Aleksander Gjermundsen If the username and/or password used to authenticate to Nexus contains non-ascii characters, the authentication fails with an access denied error. After using Wireshark to investigate the headers being sent (in my case "Ø", any non-ascii characters are replaced with "?". To test, I have used the following configuration: {code:java} http://maven.apache.org/SETTINGS/1.0.0; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd;> ... artifactory userØ userØ ... nexus * Local Nexus http://localhost:8081/repository/maven-public ... {code} The settings.xml file is saved using UTF-8 encoding and it appears that Maven reads the username and passwords correctly into strings, but Apache HttpClient do not encode the UTF-8 characters when encoding them into base64. I did a quick patch of Wagon to make it work for my use case, where HttpClient is configured to encode as UTF-8. As is mentioned in MNG-5917, it is not completely clear from the standards how these characters are supposed to be handled, but on my system both wget and the Chrome web browser encode the characters the same way as after my patch and are able to download files from Nexus. Since Artifactory was used in MNG-5917, I also tested against that, but in contrast to Maven it was not able to decode the username and password correctly, however it would be broken without the patch anyway. -- This message was sent by Atlassian JIRA (v7.6.3#76005)