You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Michael Osipov (JIRA)" <ji...@apache.org> on 2018/05/04 22:57:00 UTC

[jira] [Updated] (WAGON-346) LightWeight http wagon not thread-safe

     [ https://issues.apache.org/jira/browse/WAGON-346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Michael Osipov updated WAGON-346:
---------------------------------
    Fix Version/s:     (was: 1.1)

> LightWeight http wagon not thread-safe
> --------------------------------------
>
>                 Key: WAGON-346
>                 URL: https://issues.apache.org/jira/browse/WAGON-346
>             Project: Maven Wagon
>          Issue Type: Bug
>          Components: wagon-http-lightweight
>    Affects Versions: 1.0
>         Environment: maven 3 with Aether
>            Reporter: nicolas de loof
>            Priority: Major
>             Fix For: 2.0
>
>
> Aether (maven3) by default parallelized metadata resolution on 4 threads (aether.metadataResolver.threads) and artifacts downloading on 5 (maven.artifact.threads).
> In such context, Wagon is not used sequentially.
> LightWeightHttpWagon is designed for mono-thread, sequential usage. It rely on system properties and on setting/resetting java.net.Authenticator singleton. 
> The result is that, in some cases (typically : when settings defines many repositories with various credentials), credentials may not apply and download will fail
> A potential fix is 
> - to use Java5 URL.openConnection(Proxy) instead of using system properties
> - to use a shared, singleton java.net.Authenticator that lookup repositories to match the requested URL



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)