You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "nicolas de loof (JIRA)" <ji...@codehaus.org> on 2011/08/22 18:53:32 UTC
[jira] Created: (WAGON-346) LightWeight http wagon not thread-safe
LightWeight http wagon not thread-safe
--------------------------------------
Key: WAGON-346
URL: https://jira.codehaus.org/browse/WAGON-346
Project: Maven Wagon
Issue Type: Bug
Components: wagon-http-lightweight
Affects Versions: 1.0
Environment: maven 3 with Aether
Reporter: nicolas de loof
Aether (maven3) by default parallelized metadata resolution on 4 threads (aether.metadataResolver.threads) and artifacts downloading on 5 (maven.artifact.threads).
In such context, Wagon is not used sequentially.
LightWeightHttpWagon is designed for mono-thread, sequential usage. It rely on system properties and on setting/resetting java.net.Authenticator singleton.
The result is that, in some cases (typically : when settings defines many repositories with various credentials), credentials may not apply and download will fail
A potential fix is
- to use Java5 URL.openConnection(Proxy) instead of using system properties
- to use a shared, singleton java.net.Authenticator that lookup repositories to match the requested URL
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (WAGON-346) LightWeight http wagon not
thread-safe
Posted by "nicolas de loof (JIRA)" <ji...@codehaus.org>.
[ https://jira.codehaus.org/browse/WAGON-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=277264#comment-277264 ]
nicolas de loof commented on WAGON-346:
---------------------------------------
Fixed on 2.x branch, I'll now try to find a workaround on 1.x branch
> LightWeight http wagon not thread-safe
> --------------------------------------
>
> Key: WAGON-346
> URL: https://jira.codehaus.org/browse/WAGON-346
> Project: Maven Wagon
> Issue Type: Bug
> Components: wagon-http-lightweight
> Affects Versions: 1.0
> Environment: maven 3 with Aether
> Reporter: nicolas de loof
>
> Aether (maven3) by default parallelized metadata resolution on 4 threads (aether.metadataResolver.threads) and artifacts downloading on 5 (maven.artifact.threads).
> In such context, Wagon is not used sequentially.
> LightWeightHttpWagon is designed for mono-thread, sequential usage. It rely on system properties and on setting/resetting java.net.Authenticator singleton.
> The result is that, in some cases (typically : when settings defines many repositories with various credentials), credentials may not apply and download will fail
> A potential fix is
> - to use Java5 URL.openConnection(Proxy) instead of using system properties
> - to use a shared, singleton java.net.Authenticator that lookup repositories to match the requested URL
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Closed: (WAGON-346) LightWeight http wagon not thread-safe
Posted by "nicolas de loof (JIRA)" <ji...@codehaus.org>.
[ https://jira.codehaus.org/browse/WAGON-346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
nicolas de loof closed WAGON-346.
---------------------------------
Resolution: Fixed
Fix Version/s: 2.0
1.x
Fixed in 1.x using a class level synchronized block
> LightWeight http wagon not thread-safe
> --------------------------------------
>
> Key: WAGON-346
> URL: https://jira.codehaus.org/browse/WAGON-346
> Project: Maven Wagon
> Issue Type: Bug
> Components: wagon-http-lightweight
> Affects Versions: 1.0
> Environment: maven 3 with Aether
> Reporter: nicolas de loof
> Fix For: 1.x, 2.0
>
>
> Aether (maven3) by default parallelized metadata resolution on 4 threads (aether.metadataResolver.threads) and artifacts downloading on 5 (maven.artifact.threads).
> In such context, Wagon is not used sequentially.
> LightWeightHttpWagon is designed for mono-thread, sequential usage. It rely on system properties and on setting/resetting java.net.Authenticator singleton.
> The result is that, in some cases (typically : when settings defines many repositories with various credentials), credentials may not apply and download will fail
> A potential fix is
> - to use Java5 URL.openConnection(Proxy) instead of using system properties
> - to use a shared, singleton java.net.Authenticator that lookup repositories to match the requested URL
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (WAGON-346) LightWeight http wagon not
thread-safe
Posted by "Mark Struberg (JIRA)" <ji...@codehaus.org>.
[ https://jira.codehaus.org/browse/WAGON-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=276717#comment-276717 ]
Mark Struberg commented on WAGON-346:
-------------------------------------
+1 for using URL.openConnection(Proxy)
wagon-2.0 (current trunk) got upgraded to java5 already. So all necessary requirements should be met.
> LightWeight http wagon not thread-safe
> --------------------------------------
>
> Key: WAGON-346
> URL: https://jira.codehaus.org/browse/WAGON-346
> Project: Maven Wagon
> Issue Type: Bug
> Components: wagon-http-lightweight
> Affects Versions: 1.0
> Environment: maven 3 with Aether
> Reporter: nicolas de loof
>
> Aether (maven3) by default parallelized metadata resolution on 4 threads (aether.metadataResolver.threads) and artifacts downloading on 5 (maven.artifact.threads).
> In such context, Wagon is not used sequentially.
> LightWeightHttpWagon is designed for mono-thread, sequential usage. It rely on system properties and on setting/resetting java.net.Authenticator singleton.
> The result is that, in some cases (typically : when settings defines many repositories with various credentials), credentials may not apply and download will fail
> A potential fix is
> - to use Java5 URL.openConnection(Proxy) instead of using system properties
> - to use a shared, singleton java.net.Authenticator that lookup repositories to match the requested URL
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] (WAGON-346) LightWeight http wagon not thread-safe
Posted by "nicolas de loof (JIRA)" <ji...@codehaus.org>.
[ https://jira.codehaus.org/browse/WAGON-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=292730#comment-292730 ]
nicolas de loof commented on WAGON-346:
---------------------------------------
@Mark you're right, so the only way to get this fixed is to deprecate wagon-http-lightweight and definitively remove it from wagon project as URLConnection can't be used in a concurrent context
> LightWeight http wagon not thread-safe
> --------------------------------------
>
> Key: WAGON-346
> URL: https://jira.codehaus.org/browse/WAGON-346
> Project: Maven Wagon
> Issue Type: Bug
> Components: wagon-http-lightweight
> Affects Versions: 1.0
> Environment: maven 3 with Aether
> Reporter: nicolas de loof
> Fix For: 1.1, 2.0
>
>
> Aether (maven3) by default parallelized metadata resolution on 4 threads (aether.metadataResolver.threads) and artifacts downloading on 5 (maven.artifact.threads).
> In such context, Wagon is not used sequentially.
> LightWeightHttpWagon is designed for mono-thread, sequential usage. It rely on system properties and on setting/resetting java.net.Authenticator singleton.
> The result is that, in some cases (typically : when settings defines many repositories with various credentials), credentials may not apply and download will fail
> A potential fix is
> - to use Java5 URL.openConnection(Proxy) instead of using system properties
> - to use a shared, singleton java.net.Authenticator that lookup repositories to match the requested URL
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (WAGON-346) LightWeight http wagon not
thread-safe
Posted by "Mark Struberg (JIRA)" <ji...@codehaus.org>.
[ https://jira.codehaus.org/browse/WAGON-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=277772#comment-277772 ]
Mark Struberg commented on WAGON-346:
-------------------------------------
Nicolas, I have not yet looked at the latest source in the 1.x trunk (I'm currently at work), but synchronizing on any wagon class will probably not work. If wagon is used via dependency, then each project will get it's own ClassLoader, thus you could only lock usages in the build, or even in the same mojo invocation (depends on the effective ClassLoader hierarchy). But the proxy is set via System.properties and a singleton_per_OS.
> LightWeight http wagon not thread-safe
> --------------------------------------
>
> Key: WAGON-346
> URL: https://jira.codehaus.org/browse/WAGON-346
> Project: Maven Wagon
> Issue Type: Bug
> Components: wagon-http-lightweight
> Affects Versions: 1.0
> Environment: maven 3 with Aether
> Reporter: nicolas de loof
> Fix For: 1.x, 2.0
>
>
> Aether (maven3) by default parallelized metadata resolution on 4 threads (aether.metadataResolver.threads) and artifacts downloading on 5 (maven.artifact.threads).
> In such context, Wagon is not used sequentially.
> LightWeightHttpWagon is designed for mono-thread, sequential usage. It rely on system properties and on setting/resetting java.net.Authenticator singleton.
> The result is that, in some cases (typically : when settings defines many repositories with various credentials), credentials may not apply and download will fail
> A potential fix is
> - to use Java5 URL.openConnection(Proxy) instead of using system properties
> - to use a shared, singleton java.net.Authenticator that lookup repositories to match the requested URL
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira