Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [m2e-users] Dependencies resolution through https reverse proxy
Hi,

After checking aether-connector-okhttp, https authentication should work : many ssl unit test with JettyServer and OkHttpAetherClient.execute [1] manages retry with authentication when first response is 401/407.

This snippet code (used for getting index repository) works perfectly (with a MavenPluginActivator.getUserAgent hack ... eclipse Platform not initialized in a Main).
------
AuthenticationInfo authInfos = new AuthenticationInfo();
authInfos.setUserName("foo");
authInfos.setPassword("bar");
AetherClientResourceFetcher fetcher = new AetherClientResourceFetcher(authInfos, null, null);
fetcher.connect(null, "https://repository.company.com/repository");
fetcher.retrieve("virtual/junit/junit/4.12/junit-4.12.jar", new File("test.jar"));
------

=> The AetherClientResourceFetcher is used similary in DefaultMetadataResolver ?

[1] https://github.com/takari/aether-connector-okhttp/blob/0fdc67248972a15dbddc5367c1829664f2cbe28f/src/main/java/io/takari/aether/okhttp/OkHttpAetherClient.java

Best regards.

2015-02-13 18:03 GMT+01:00 Igor Fedorenko <igor@xxxxxxxxxxxxxx>:
Looks like m2e does not properly handle 407 Proxy Authentication
Required responses.

m2e is not expected to show authentication popups, either valid
credentials are provided in settings.xml or connection fails. Same as
during command line build.

Before you start debugging entire m2e sources, you may want to look at
aether-connector-okhttp [1], which is http transport library m2e uses.
This is where http protocol handling is implemented.

[1] https://github.com/takari/aether-connector-okhttp

--
Regards,
Igor

On 2015-02-13 11:32, Alix Lourme wrote:
Hi Igor,

Thanks for the reply.

 /> [...] kind of proxy is this? [...] http/https proxies are expected to
work./

Humm ... I hope network team will not see my post so I quote :
- Some two headers in 401 response is "WWW-Authenticate: BASIC
realm="Unspecified"" and "Server: BigIP"
- Detail : the main product of this company, same name as the key of
keyboard used in a browser for reload the page ^^
=> Standard

 /> Can you confirm you get auth popup with recent m2e 1.6 build?/

*No* :-(. No authentication popup with v1.6.0.20150203-1921.

In my "home" use case : internet -> reverse-proxy -> maven repository
(settings.xml contains only "server" configuration)
In my today "job" use case for test : intranet -> proxy (iron port) ->
[internet] -> reverse-proxy -> maven repository (settings.xml contains
only "server" & "proxy" configuration)

In this case I have the error message : "Failed to authenticate with proxy"
The wireshark analysis shows :
1) Https URL connect through proxy :
---
 CONNECT repository.company.com:443 <http://repository.company.com:443>
HTTP/1.1
Host: repository.company.com <http://repository.company.com>
Proxy-Connection: Keep-Alive
User-Agent: m2e/3.10.1.v20140909-1633/1.6.0.20150203-1921/1.7.0_71
---
2) Proxy answer :
---
HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="[The name of] Security Appliance"
...
---
... and nothing else.

 => *m2e is supposed to open an authentication popup even if
user/password is defined in settings.xml ?*

If yes ... perhaps this is the root cause : There is no (logically)
preemptive authentication (=> basic auth not in first call) ... but
401/407 doesn't provide popup.

 /> [...] Can you confirm your configuration uses protocol https?/

Yes, I check the bug link : active=true / protocol=https

 /> [...] need to run m2e through debugger [...]

/
Humm ... ok. I will try to load m2e source and write unit test in my
 real case./
/
/
/
Thanks./
/
Best regards./
/

2015-02-13 1:28 GMT+01:00 Igor Fedorenko <igor@xxxxxxxxxxxxxx
 <mailto:igor@xxxxxxxxxxxxxx>>:

    What kind of proxy is this? m2e does not support ntlm, but standard
    http/https proxies are expected to work.

    Can you confirm you get auth popup with recent m2e 1.6 build?

    m2e and command line maven appear to disagree how to handle https proxy
    configuration. More specifically, m2e expects proxy configuration
    protocol https, while command line maven accepts http. This is tracked
    as bug 459638 [1]. Can you confirm your configuration uses protocol
    https?

    Beyond that, you'll need to run m2e through debugger and see what
    happens. I usually just change m2e http transport library (okhttp) to
    print dump all traffic to console.

     [1] https://bugs.eclipse.org/bugs/__show_bug.cgi?id=459638
    <https://bugs.eclipse.org/bugs/show_bug.cgi?id=459638>

    --
    Regards,
    Igor

    On 2015-02-12 17:19, Alix Lourme wrote:

        Hi,

        I'm faced to a infrastructure/network problem ... and I can't
        determine
        if it's a feature not supported, a bug, or other (configuration ?).

        _Environment_ :
        - Eclipse Kepler SR2 & m2e 1.4.0 or Luna SR1 & m2e 1.6.0
        - External Maven v3.2.3 configured as "Installation"
        - A settings.xml configured as global/user "User Settings" (and used
        with previous Maven)
        - settings.xml defines a master https company repository
        (repository &
        pluginRepository)
        - settings.xml defines "server" credendials with password encryption
        (settings-security.xml usage)
         - id of server/repository/__pluginRepository is the same in
        settings.xml

        _Use case_ :
        - My company provides a Maven repository for internal developments
        - This repository can be accessed from internet (https) for external
        developments (at home ^^, no VPN configured, ...) via an
        infrastructure
        reverse proxy

        _Problem_ :
        - The dependencies resolution works in Maven command line, but not
        through m2e plugin (only when dependency doesn't exist in local
        repository, classpath configuration works perfectly when dependency
        exists in local repository)
        - Error is : Access denied to
         https://repository.my-company.__com/repository/virtual/com/my-__company/my-artifact/1.0.0-__SNAPSHOT/maven-metadata.xml
        <https://repository.my-company.com/repository/virtual/com/my-company/my-artifact/1.0.0-SNAPSHOT/maven-metadata.xml>.
        Error code 401, Unauthorized

        It is minor, but with m2e, I have lost the practice to use maven
        command
        line ^^.

        The error seems to be the same as the direct url access via a
        browser.
        This direct http call contains the (logically) response header
        'WWW-Authenticate: "BASIC realm="Unspecified""', and authentication
        popup appears.
        (I can't simply catch m2e http call, wireshark analysis on https
        is not
        trivial).

        => _Hypothesis_ :

        - m2e doesn't use server credentials defined in settings.xml
        - m2e doesn't know re-send the http call with credentials when
        reverse
        proxy answers 401

        I note that in the m2e plugin configuration, the maven embedded
        is used
        for dependencies resolution ... but if settings.xml used, it
        "should"
        work ...

        Plugin seems to configure server credentials
         (org.eclipse.m2e.core.__internal.repository.__RepositoryRegistry),
        so some
        java properties about native proxy configuration in addition to
        settings.xml are not 'required' (i'm not facing to an outgoing
        proxy).
        So ... I'm a little lost :-)

        This feature is supposed to be supported ? Or I'm wrong in
        somewhere ?
        Any idea are welcome.

        Thank you in advance (and globally for your work, m2e is simply
        magic
        and wonderful).

        Complete stack for information (with m2e 1.6.0) :
         org.eclipse.aether.transfer.__MetadataTransferException:
        [previous error]
              at
        org.eclipse.aether.internal.__impl.__DefaultUpdateCheckManager.__newException(__DefaultUpdateCheckManager.__java:363)
              at
        org.eclipse.aether.internal.__impl.__DefaultUpdateCheckManager.__checkMetadata(__DefaultUpdateCheckManager.__java:320)
              at
        org.eclipse.aether.internal.__impl.DefaultMetadataResolver.__resolve(__DefaultMetadataResolver.java:__332)
              at
        org.eclipse.aether.internal.__impl.DefaultMetadataResolver.__resolveMetadata(__DefaultMetadataResolver.java:__205)
              at
        org.apache.maven.repository.__internal.__DefaultVersionResolver.__resolveVersion(__DefaultVersionResolver.java:__250)
              at
        org.apache.maven.repository.__internal.__DefaultArtifactDescriptorReade__r.loadPom(__DefaultArtifactDescriptorReade__r.java:258)
              at
        org.apache.maven.repository.__internal.__DefaultArtifactDescriptorReade__r.readArtifactDescriptor(__DefaultArtifactDescriptorReade__r.java:217)
              at
        org.eclipse.aether.internal.__impl.__DefaultDependencyCollector.__resolveCachedArtifactDescripto__r(DefaultDependencyCollector.__java:525)
              at
        org.eclipse.aether.internal.__impl.__DefaultDependencyCollector.__getArtifactDescriptorResult(__DefaultDependencyCollector.__java:509)
              at
        org.eclipse.aether.internal.__impl.__DefaultDependencyCollector.__processDependency(__DefaultDependencyCollector.__java:409)
              at
        org.eclipse.aether.internal.__impl.__DefaultDependencyCollector.__processDependency(__DefaultDependencyCollector.__java:363)
              at
        org.eclipse.aether.internal.__impl.__DefaultDependencyCollector.__process(__DefaultDependencyCollector.__java:351)
              at
        org.eclipse.aether.internal.__impl.__DefaultDependencyCollector.__doRecurse(__DefaultDependencyCollector.__java:494)
              at
        org.eclipse.aether.internal.__impl.__DefaultDependencyCollector.__processDependency(__DefaultDependencyCollector.__java:458)
              at
        org.eclipse.aether.internal.__impl.__DefaultDependencyCollector.__processDependency(__DefaultDependencyCollector.__java:363)
              at
        org.eclipse.aether.internal.__impl.__DefaultDependencyCollector.__process(__DefaultDependencyCollector.__java:351)
              at
        org.eclipse.aether.internal.__impl.__DefaultDependencyCollector.__collectDependencies(__DefaultDependencyCollector.__java:254)
              at
        org.eclipse.aether.internal.__impl.DefaultRepositorySystem.__collectDependencies(__DefaultRepositorySystem.java:__316)
              at
        org.apache.maven.project.__DefaultProjectDependenciesReso__lver.resolve(__DefaultProjectDependenciesReso__lver.java:172)
              at
        org.apache.maven.project.__DefaultProjectBuilder.__resolveDependencies(__DefaultProjectBuilder.java:__213)
              at
        org.apache.maven.project.__DefaultProjectBuilder.build(__DefaultProjectBuilder.java:__186)
              at
        org.apache.maven.project.__DefaultProjectBuilder.build(__DefaultProjectBuilder.java:__118)
              at
        org.eclipse.m2e.core.internal.__embedder.MavenImpl.__readMavenProject(MavenImpl.__java:634)
              at
        org.eclipse.m2e.core.internal.__project.registry.__DefaultMavenDependencyResolver__.resolveProjectDependencies(__DefaultMavenDependencyResolver__.java:63)
              at
        org.eclipse.m2e.core.internal.__project.registry.__ProjectRegistryManager.__refreshPhase2(__ProjectRegistryManager.java:__529)
              at
        org.eclipse.m2e.core.internal.__project.registry.__ProjectRegistryManager$3.call(__ProjectRegistryManager.java:__491)
              at
        org.eclipse.m2e.core.internal.__project.registry.__ProjectRegistryManager$3.call(__ProjectRegistryManager.java:1)
              at
        org.eclipse.m2e.core.internal.__embedder.__MavenExecutionContext.__executeBare(__MavenExecutionContext.java:__176)
              at
        org.eclipse.m2e.core.internal.__embedder.__MavenExecutionContext.execute(__MavenExecutionContext.java:__151)
              at
        org.eclipse.m2e.core.internal.__project.registry.__ProjectRegistryManager.__refresh(__ProjectRegistryManager.java:__495)
              at
        org.eclipse.m2e.core.internal.__project.registry.__ProjectRegistryManager.__refresh(__ProjectRegistryManager.java:__350)
              at
        org.eclipse.m2e.core.internal.__project.registry.__ProjectRegistryManager.__refresh(__ProjectRegistryManager.java:__297)
              at
        org.eclipse.m2e.core.internal.__project.__ProjectConfigurationManager.__configureNewMavenProjects(__ProjectConfigurationManager.__java:253)
              at
        org.eclipse.m2e.core.internal.__project.__ProjectConfigurationManager$1.__call(__ProjectConfigurationManager.__java:169)
              at
        org.eclipse.m2e.core.internal.__project.__ProjectConfigurationManager$1.__call(__ProjectConfigurationManager.__java:1)
              at
        org.eclipse.m2e.core.internal.__embedder.__MavenExecutionContext.__executeBare(__MavenExecutionContext.java:__176)
              at
        org.eclipse.m2e.core.internal.__embedder.__MavenExecutionContext.execute(__MavenExecutionContext.java:__151)
              at
        org.eclipse.m2e.core.internal.__embedder.__MavenExecutionContext.execute(__MavenExecutionContext.java:99)
              at
        org.eclipse.m2e.core.internal.__embedder.MavenImpl.execute(__MavenImpl.java:1353)
              at
        org.eclipse.m2e.core.internal.__project.__ProjectConfigurationManager.__importProjects(__ProjectConfigurationManager.__java:137)
              at
        org.eclipse.m2e.core.ui.__internal.wizards.__ImportMavenProjectsJob$1.__doCreateMavenProjects(__ImportMavenProjectsJob.java:__73)
              at
        org.eclipse.m2e.core.ui.__internal.wizards.__AbstractCreateMavenProjectsOpe__ration.run(__AbstractCreateMavenProjectsOpe__ration.java:62)
              at
        org.eclipse.m2e.core.ui.__internal.wizards.__ImportMavenProjectsJob.__runInWorkspace(__ImportMavenProjectsJob.java:__82)
              at
        org.eclipse.core.internal.__resources.__InternalWorkspaceJob.run(__InternalWorkspaceJob.java:38)
              at
        org.eclipse.core.internal.__jobs.Worker.run(Worker.java:__54)

        --
        Alix Lourme


        _________________________________________________
        m2e-users mailing list
        m2e-users@xxxxxxxxxxx <mailto:m2e-users@xxxxxxxxxxx>
        To change your delivery options, retrieve your password, or
        unsubscribe from this list, visit
         https://dev.eclipse.org/__mailman/listinfo/m2e-users
        <https://dev.eclipse.org/mailman/listinfo/m2e-users>

    _________________________________________________
    m2e-users mailing list
    m2e-users@xxxxxxxxxxx <mailto:m2e-users@xxxxxxxxxxx>
    To change your delivery options, retrieve your password, or
    unsubscribe from this list, visit
     https://dev.eclipse.org/__mailman/listinfo/m2e-users
    <https://dev.eclipse.org/mailman/listinfo/m2e-users>




--
Alix Lourme


_______________________________________________
m2e-users mailing list
m2e-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/m2e-users

_______________________________________________
m2e-users mailing list
m2e-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/m2e-users



--
Alix Lourme

Back to the top