You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@maven.apache.org by Marcin Zajączkowski <ms...@wp.pl> on 2010/08/28 22:03:30 UTC

Enforce Maven client to use credentials for read artifacts from repository

Hi,


I need to set up a repository whose artifacts would be accessible (being
able to get using Maven client) only for authorized people (with account
like for deploy). I have an Artifactory server with a few publicly
available repositories and I added there a new one only for selected
people. It's not available for anonymous users, but I have one problem -
Maven client tries to connect as anonymous user and claims there are no
such artifact (server returns 404 Not Found).

Is it possible to force Maven client to always connect to given
repository with user/password (defined in settings.xml) to *get* artifacts?


Regards
Marcin


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org

Re: Enforce Maven client to use credentials for read artifacts from repository

Posted by Brian Fox <br...@infinity.nu>.

The http clients usually don't send the credentials until the server
requests them with a 403, then it will send them and good clients will
recall this and "pre-emptively" send the credentials for future
requests to that server. Maven doesn't pre-emptively send them by
default, but it is possible to set a flag to make this happen if you
really want to.

2010/8/30 Anders Hammar <an...@hammar.net>:
> I would check the logs on the repo manager. And possibly crank up the
> logging level. Nexus tells you the user that tries to access. I would assume
> Artifactory does similar.
>
> /Anders
>
> 2010/8/29 Marcin Zajączkowski <ms...@wp.pl>
>
>> On 2010-08-29 14:06, Anders Hammar wrote:
>> > Sure, just match the id of the repo with the id of the server credentails
>> in
>> > settings.xml.
>>
>> I tried:
>>
>> <servers>
>>   <server>
>>      <id>repo-id</id>
>>      <username>user</username>
>>      <password>password</password>
>> (...)
>>
>> <repositories>
>>  <repository>
>>     <snapshots>
>>        <enabled>true</enabled>
>>     </snapshots>
>>     <id>repo-id</id>
>>     <name>repo-id</name>
>>     <url>...</url>
>> (...)
>>
>>
>> In log I only see (it's a SNAPSHOT artifact):
>> (...)
>> [INFO] snapshot my-group-id:my-artifact-id:1.2.0-SNAPSHOT checking for
>> updates from repo-id
>> Downloading:
>> http://url/.../1.2.0-SNAPSHOT/my-artifact-id-1.2.0-SNAPSHOT.pom
>> [INFO] Unable to find resource
>> 'my-group-id:my-artifact-id:1.2.0-SNAPSHOT' in repository repo-id (url)
>>
>> Is there any easier way (than sniffing) to get know if maven uses
>> credentials to try to get artifact?
>>
>>
>> Marcin
>>
>>
>>
>> > 2010/8/28 Marcin Zajączkowski <ms...@wp.pl>
>> >
>> >> Hi,
>> >>
>> >>
>> >> I need to set up a repository whose artifacts would be accessible (being
>> >> able to get using Maven client) only for authorized people (with account
>> >> like for deploy). I have an Artifactory server with a few publicly
>> >> available repositories and I added there a new one only for selected
>> >> people. It's not available for anonymous users, but I have one problem -
>> >> Maven client tries to connect as anonymous user and claims there are no
>> >> such artifact (server returns 404 Not Found).
>> >>
>> >> Is it possible to force Maven client to always connect to given
>> >> repository with user/password (defined in settings.xml) to *get*
>> artifacts?
>> >>
>> >>
>> >> Regards
>> >> Marcin
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>> >> For additional commands, e-mail: users-help@maven.apache.org
>> >>
>> >>
>> >
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>> For additional commands, e-mail: users-help@maven.apache.org
>>
>>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org

Re: Enforce Maven client to use credentials for read artifacts from repository

Posted by Marcin Zajączkowski <ms...@wp.pl>.

On 2010-08-31 22:18, Brian Fox wrote:
> The http clients usually don't send the credentials until the server
> requests them with a 403, then it will send them and good clients will
> recall this and "pre-emptively" send the credentials for future
> requests to that server. Maven doesn't pre-emptively send them by
> default, but it is possible to set a flag to make this happen if you
> really want to.

We tried to force preemptive authentication with configuration taken
from [1], but with no luck. Maven didn't sent credentials to configured
server [2].

[1] - http://maven.apache.org/guides/mini/guide-http-settings.html
[2] - https://jira.codehaus.org/browse/MNG-4792


Marcin


> 
> 2010/8/30 Anders Hammar <an...@hammar.net>:
>> I would check the logs on the repo manager. And possibly crank up the
>> logging level. Nexus tells you the user that tries to access. I would assume
>> Artifactory does similar.
>>
>> /Anders
>>
>> 2010/8/29 Marcin Zajączkowski <ms...@wp.pl>
>>
>>> On 2010-08-29 14:06, Anders Hammar wrote:
>>>> Sure, just match the id of the repo with the id of the server credentails
>>> in
>>>> settings.xml.
>>> I tried:
>>>
>>> <servers>
>>>   <server>
>>>      <id>repo-id</id>
>>>      <username>user</username>
>>>      <password>password</password>
>>> (...)
>>>
>>> <repositories>
>>>  <repository>
>>>     <snapshots>
>>>        <enabled>true</enabled>
>>>     </snapshots>
>>>     <id>repo-id</id>
>>>     <name>repo-id</name>
>>>     <url>...</url>
>>> (...)
>>>
>>>
>>> In log I only see (it's a SNAPSHOT artifact):
>>> (...)
>>> [INFO] snapshot my-group-id:my-artifact-id:1.2.0-SNAPSHOT checking for
>>> updates from repo-id
>>> Downloading:
>>> http://url/.../1.2.0-SNAPSHOT/my-artifact-id-1.2.0-SNAPSHOT.pom
>>> [INFO] Unable to find resource
>>> 'my-group-id:my-artifact-id:1.2.0-SNAPSHOT' in repository repo-id (url)
>>>
>>> Is there any easier way (than sniffing) to get know if maven uses
>>> credentials to try to get artifact?
>>>
>>>
>>> Marcin
>>>
>>>
>>>
>>>> 2010/8/28 Marcin Zajączkowski <ms...@wp.pl>
>>>>
>>>>> Hi,
>>>>>
>>>>>
>>>>> I need to set up a repository whose artifacts would be accessible (being
>>>>> able to get using Maven client) only for authorized people (with account
>>>>> like for deploy). I have an Artifactory server with a few publicly
>>>>> available repositories and I added there a new one only for selected
>>>>> people. It's not available for anonymous users, but I have one problem -
>>>>> Maven client tries to connect as anonymous user and claims there are no
>>>>> such artifact (server returns 404 Not Found).
>>>>>
>>>>> Is it possible to force Maven client to always connect to given
>>>>> repository with user/password (defined in settings.xml) to *get*
>>> artifacts?
>>>>>
>>>>> Regards
>>>>> Marcin
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>>>>> For additional commands, e-mail: users-help@maven.apache.org
>>>>>
>>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>>> For additional commands, e-mail: users-help@maven.apache.org
>>>
>>>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org

Re: Enforce Maven client to use credentials for read artifacts from repository

Posted by Brian Fox <br...@infinity.nu>.

The http clients usually don't send the credentials until the server
requests them with a 403, then it will send them and good clients will
recall this and "pre-emptively" send the credentials for future
requests to that server. Maven doesn't pre-emptively send them by
default, but it is possible to set a flag to make this happen if you
really want to.

2010/8/30 Anders Hammar <an...@hammar.net>:
> I would check the logs on the repo manager. And possibly crank up the
> logging level. Nexus tells you the user that tries to access. I would assume
> Artifactory does similar.
>
> /Anders
>
> 2010/8/29 Marcin Zajączkowski <ms...@wp.pl>
>
>> On 2010-08-29 14:06, Anders Hammar wrote:
>> > Sure, just match the id of the repo with the id of the server credentails
>> in
>> > settings.xml.
>>
>> I tried:
>>
>> <servers>
>>   <server>
>>      <id>repo-id</id>
>>      <username>user</username>
>>      <password>password</password>
>> (...)
>>
>> <repositories>
>>  <repository>
>>     <snapshots>
>>        <enabled>true</enabled>
>>     </snapshots>
>>     <id>repo-id</id>
>>     <name>repo-id</name>
>>     <url>...</url>
>> (...)
>>
>>
>> In log I only see (it's a SNAPSHOT artifact):
>> (...)
>> [INFO] snapshot my-group-id:my-artifact-id:1.2.0-SNAPSHOT checking for
>> updates from repo-id
>> Downloading:
>> http://url/.../1.2.0-SNAPSHOT/my-artifact-id-1.2.0-SNAPSHOT.pom
>> [INFO] Unable to find resource
>> 'my-group-id:my-artifact-id:1.2.0-SNAPSHOT' in repository repo-id (url)
>>
>> Is there any easier way (than sniffing) to get know if maven uses
>> credentials to try to get artifact?
>>
>>
>> Marcin
>>
>>
>>
>> > 2010/8/28 Marcin Zajączkowski <ms...@wp.pl>
>> >
>> >> Hi,
>> >>
>> >>
>> >> I need to set up a repository whose artifacts would be accessible (being
>> >> able to get using Maven client) only for authorized people (with account
>> >> like for deploy). I have an Artifactory server with a few publicly
>> >> available repositories and I added there a new one only for selected
>> >> people. It's not available for anonymous users, but I have one problem -
>> >> Maven client tries to connect as anonymous user and claims there are no
>> >> such artifact (server returns 404 Not Found).
>> >>
>> >> Is it possible to force Maven client to always connect to given
>> >> repository with user/password (defined in settings.xml) to *get*
>> artifacts?
>> >>
>> >>
>> >> Regards
>> >> Marcin
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>> >> For additional commands, e-mail: users-help@maven.apache.org
>> >>
>> >>
>> >
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>> For additional commands, e-mail: users-help@maven.apache.org
>>
>>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org

Re: Enforce Maven client to use credentials for read artifacts from repository

Posted by Anders Hammar <an...@hammar.net>.

I would check the logs on the repo manager. And possibly crank up the
logging level. Nexus tells you the user that tries to access. I would assume
Artifactory does similar.

/Anders

2010/8/29 Marcin Zajączkowski <ms...@wp.pl>

> On 2010-08-29 14:06, Anders Hammar wrote:
> > Sure, just match the id of the repo with the id of the server credentails
> in
> > settings.xml.
>
> I tried:
>
> <servers>
>   <server>
>      <id>repo-id</id>
>      <username>user</username>
>      <password>password</password>
> (...)
>
> <repositories>
>  <repository>
>     <snapshots>
>        <enabled>true</enabled>
>     </snapshots>
>     <id>repo-id</id>
>     <name>repo-id</name>
>     <url>...</url>
> (...)
>
>
> In log I only see (it's a SNAPSHOT artifact):
> (...)
> [INFO] snapshot my-group-id:my-artifact-id:1.2.0-SNAPSHOT checking for
> updates from repo-id
> Downloading:
> http://url/.../1.2.0-SNAPSHOT/my-artifact-id-1.2.0-SNAPSHOT.pom
> [INFO] Unable to find resource
> 'my-group-id:my-artifact-id:1.2.0-SNAPSHOT' in repository repo-id (url)
>
> Is there any easier way (than sniffing) to get know if maven uses
> credentials to try to get artifact?
>
>
> Marcin
>
>
>
> > 2010/8/28 Marcin Zajączkowski <ms...@wp.pl>
> >
> >> Hi,
> >>
> >>
> >> I need to set up a repository whose artifacts would be accessible (being
> >> able to get using Maven client) only for authorized people (with account
> >> like for deploy). I have an Artifactory server with a few publicly
> >> available repositories and I added there a new one only for selected
> >> people. It's not available for anonymous users, but I have one problem -
> >> Maven client tries to connect as anonymous user and claims there are no
> >> such artifact (server returns 404 Not Found).
> >>
> >> Is it possible to force Maven client to always connect to given
> >> repository with user/password (defined in settings.xml) to *get*
> artifacts?
> >>
> >>
> >> Regards
> >> Marcin
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> >> For additional commands, e-mail: users-help@maven.apache.org
> >>
> >>
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
>

Re: Enforce Maven client to use credentials for read artifacts from repository

Posted by Marcin Zajączkowski <ms...@wp.pl>.

On 2010-08-29 14:06, Anders Hammar wrote:
> Sure, just match the id of the repo with the id of the server credentails in
> settings.xml.

I tried:

<servers>
   <server>
      <id>repo-id</id>
      <username>user</username>
      <password>password</password>
(...)

<repositories>
  <repository>
     <snapshots>
        <enabled>true</enabled>
     </snapshots>
     <id>repo-id</id>
     <name>repo-id</name>
     <url>...</url>
(...)


In log I only see (it's a SNAPSHOT artifact):
(...)
[INFO] snapshot my-group-id:my-artifact-id:1.2.0-SNAPSHOT checking for
updates from repo-id
Downloading: http://url/.../1.2.0-SNAPSHOT/my-artifact-id-1.2.0-SNAPSHOT.pom
[INFO] Unable to find resource
'my-group-id:my-artifact-id:1.2.0-SNAPSHOT' in repository repo-id (url)

Is there any easier way (than sniffing) to get know if maven uses
credentials to try to get artifact?


Marcin



> 2010/8/28 Marcin Zajączkowski <ms...@wp.pl>
> 
>> Hi,
>>
>>
>> I need to set up a repository whose artifacts would be accessible (being
>> able to get using Maven client) only for authorized people (with account
>> like for deploy). I have an Artifactory server with a few publicly
>> available repositories and I added there a new one only for selected
>> people. It's not available for anonymous users, but I have one problem -
>> Maven client tries to connect as anonymous user and claims there are no
>> such artifact (server returns 404 Not Found).
>>
>> Is it possible to force Maven client to always connect to given
>> repository with user/password (defined in settings.xml) to *get* artifacts?
>>
>>
>> Regards
>> Marcin
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>> For additional commands, e-mail: users-help@maven.apache.org
>>
>>
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org

Re: Enforce Maven client to use credentials for read artifacts from repository

Posted by Anders Hammar <an...@hammar.net>.

Sure, just match the id of the repo with the id of the server credentails in
settings.xml.

/Anders

2010/8/28 Marcin Zajączkowski <ms...@wp.pl>

> Hi,
>
>
> I need to set up a repository whose artifacts would be accessible (being
> able to get using Maven client) only for authorized people (with account
> like for deploy). I have an Artifactory server with a few publicly
> available repositories and I added there a new one only for selected
> people. It's not available for anonymous users, but I have one problem -
> Maven client tries to connect as anonymous user and claims there are no
> such artifact (server returns 404 Not Found).
>
> Is it possible to force Maven client to always connect to given
> repository with user/password (defined in settings.xml) to *get* artifacts?
>
>
> Regards
> Marcin
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
>