You are viewing a plain text version of this content. The canonical link for it is here.
Posted to ivy-user@ant.apache.org by Sebastian Götz <s....@inform-technology.de> on 2018/06/05 07:26:22 UTC
IVY with preemptive authentication
Hello to all.
I have been using IVY since 6 years now to manage our dependencies. By
now I run into an issue that our CI builds take longer and longer.
After investigating this I found that the ivy deliver ANT task first
uses unauthorized access to the target repository. After the server
rejects the request it makes a second attempt with the provided
credentials which succeeds. The problem now is that the deliver
artifacts are quite large (~1 GByte). So upon the first attempt the
artifact is uploaded and rejected and then again uploaded and accepted.
This takes a long time.
So my question is: is there any possibility to force preemptive
authentication or supply a http-header for any request to the repository
server?
Kind regards
Sebastian Götz
Re: IVY with preemptive authentication
Posted by Jaikiran Pai <ja...@gmail.com>.
Hi Sebastian,
I just read your mail again (last time I was in a hurry and skipped some
of the details). Now that I read itfully, I see that the situation is
pretty bad. So I might probably get to looking into this issue/JIRA
sooner. But before doing that, canyou please try this same use case
against our recently released 2.5.0-rc1 of Ivy[1]? We have done some
changes[2](since 2.4.0) in our HTTP client library usage and from what I
see in the code, your use case might be solved even without pre-emptive
auth (as long as _any_ previous invocation against that same target has
gone through fine). If it isn't working even in 2.5.0-rc1, then please
let us know, I'll investigate further.
[1] https://ant.apache.org/ivy/download.cgi
[2] https://ant.apache.org/ivy/history/2.5.0-rc1/release-notes.html
-Jaikiran
On 05/06/18 5:33 PM, Sebastian Götz wrote:
> Hi Jaikiran,
>
> good to hear that there are at least thoughts on this topic. In my
> opinion it's not as easy as I described it since there are resolvers
> that do not use HTTP as a transport layer. So it feels a bit difficult
> to find the correct place to configure this. But I will be looking
> forward to hear from you.
>
> Regards,
>
> Sebastian
>
> Am 05.06.2018 um 13:53 schrieb Jaikiran Pai:
>> Hi Sebastian,
>>
>> There was an attempt at this in a PR recently, but it wasn't tested
>> and as per the submitter there wasn't a clear understanding on how it
>> works in certain cases. There's this JIRA
>> https://issues.apache.org/jira/browse/IVY-1280 which is open for this
>> task.
>>
>> Given some other tasks, I'm not sure when I can get to this to
>> investigate what it takes to get this done, but if someone else
>> doesn't get to it before me, I'll take a look when time permits.
>>
>> -Jaikiran
>>
>>
>> On 05/06/18 12:56 PM, Sebastian Götz wrote:
>>> Hello to all.
>>>
>>> I have been using IVY since 6 years now to manage our dependencies.
>>> By now I run into an issue that our CI builds take longer and longer.
>>> After investigating this I found that the ivy deliver ANT task first
>>> uses unauthorized access to the target repository. After the server
>>> rejects the request it makes a second attempt with the provided
>>> credentials which succeeds. The problem now is that the deliver
>>> artifacts are quite large (~1 GByte). So upon the first attempt the
>>> artifact is uploaded and rejected and then again uploaded and
>>> accepted. This takes a long time.
>>>
>>> So my question is: is there any possibility to force preemptive
>>> authentication or supply a http-header for any request to the
>>> repository server?
>>>
>>> Kind regards
>>>
>>> Sebastian Götz
>>>
>>>
>>>
>>
>
Re: IVY with preemptive authentication
Posted by Sebastian Götz <s....@inform-technology.de>.
Hi Jaikiran,
good to hear that there are at least thoughts on this topic. In my
opinion it's not as easy as I described it since there are resolvers
that do not use HTTP as a transport layer. So it feels a bit difficult
to find the correct place to configure this. But I will be looking
forward to hear from you.
Regards,
Sebastian
Am 05.06.2018 um 13:53 schrieb Jaikiran Pai:
> Hi Sebastian,
>
> There was an attempt at this in a PR recently, but it wasn't tested
> and as per the submitter there wasn't a clear understanding on how it
> works in certain cases. There's this JIRA
> https://issues.apache.org/jira/browse/IVY-1280 which is open for this
> task.
>
> Given some other tasks, I'm not sure when I can get to this to
> investigate what it takes to get this done, but if someone else
> doesn't get to it before me, I'll take a look when time permits.
>
> -Jaikiran
>
>
> On 05/06/18 12:56 PM, Sebastian Götz wrote:
>> Hello to all.
>>
>> I have been using IVY since 6 years now to manage our dependencies.
>> By now I run into an issue that our CI builds take longer and longer.
>> After investigating this I found that the ivy deliver ANT task first
>> uses unauthorized access to the target repository. After the server
>> rejects the request it makes a second attempt with the provided
>> credentials which succeeds. The problem now is that the deliver
>> artifacts are quite large (~1 GByte). So upon the first attempt the
>> artifact is uploaded and rejected and then again uploaded and
>> accepted. This takes a long time.
>>
>> So my question is: is there any possibility to force preemptive
>> authentication or supply a http-header for any request to the
>> repository server?
>>
>> Kind regards
>>
>> Sebastian Götz
>>
>>
>>
>
--
Mit freundlichen Grüßen
Sebastian Götz
iNFORM Technology GmbH
Niederlassung Albstadt
Berliner Straße 24
72458 Albstadt-Ebingen
Tel: +49 7431 9816090
Fax: +49 7431 9816092
s.goetz@inform-technology.de <ma...@inform-technology.de>
http://www.inform-technology.de/
*****************************************************
Zentrale Stockach:
Bodenseeallee 18
D-78333 Stockach
Tel: +49 7771 9282 494
*****************************************************
Geschäftsführer: Dipl.-Ing. (FH) Heinz Roth | Handelsregister: HRB
715948, Amtsgericht Freiburg | USt-ID Nr.: DE312290945
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder diese
E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den
Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie
die unbefugte Weitergabe dieser Mail ist nicht gestattet.
This e-mail may contain confidential and/or privileged information. If
you are not the intended recipient (or have received this e-mail in
error) please notify the sender immediately and destroy this e-mail. Any
unauthorised copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.
Re: IVY with preemptive authentication
Posted by Jaikiran Pai <ja...@gmail.com>.
Hi Sebastian,
There was an attempt at this in a PR recently, but it wasn't tested and
as per the submitter there wasn't a clear understanding on how it works
in certain cases. There's this JIRA
https://issues.apache.org/jira/browse/IVY-1280 which is open for this task.
Given some other tasks, I'm not sure when I can get to this to
investigate what it takes to get this done, but if someone else doesn't
get to it before me, I'll take a look when time permits.
-Jaikiran
On 05/06/18 12:56 PM, Sebastian Götz wrote:
> Hello to all.
>
> I have been using IVY since 6 years now to manage our dependencies. By
> now I run into an issue that our CI builds take longer and longer.
> After investigating this I found that the ivy deliver ANT task first
> uses unauthorized access to the target repository. After the server
> rejects the request it makes a second attempt with the provided
> credentials which succeeds. The problem now is that the deliver
> artifacts are quite large (~1 GByte). So upon the first attempt the
> artifact is uploaded and rejected and then again uploaded and
> accepted. This takes a long time.
>
> So my question is: is there any possibility to force preemptive
> authentication or supply a http-header for any request to the
> repository server?
>
> Kind regards
>
> Sebastian Götz
>
>
>