Repository authentication when directly invoking dependency plugin

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Repository authentication when directly invoking dependency plugin

Pawel Veselov
Hello.

I have a private Maven repository. It's defined in pom.xml of the project

    <repository>
        <id>some.id</id>
        <url>https://some.host/artifactory/some.id</url>
    </repository>

In my ~/.m2/settings.xml, I have a proper authentication block:

    <server>
        <id>some.id</id>
        <username>[hidden email]</username>
        <password>{some-fancy-password-hash-goes-here}</password>
    </server>

When building the project, Maven is able to access the repository
without any problems, as it's supposed to be. In debugging output, I
can see it applying the credentials.

But when I try to download an artifact directly, it doesn't look like
Maven is even considering the settings file.

mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.1:get \
  -DremoteRepositories=some.id::::https://some.host/artifactory/some.id \
  -Dartifact=groupId:artifactId:1.1.1

The username is not transmitted. I can see in the debug output, that
the BasicRepositoryConnector is invoked without username/password
combination.

So the question goes - can a plugin be invoked so that whatever
process makes Maven consider using the authentication stated in its
settings file is executed? Am I missing something, is there a bug, or
this is the intended behavior?

(Note, this was posted as https://stackoverflow.com/q/53384757/622266)

Thank you!
  -- Pawel.

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Repository authentication when directly invoking dependency plugin

Neeraj Mahajan
Hi Pawel,

The repositories defined in pom.xml is used for uploading artifacts.
However in order to download artifacts from the same repository you need to
add the repository to the profile section of settings.xml.

Hope this helps.

Kind Regards,
Neeraj Mahajan

On Tue, Nov 20, 2018 at 12:59 PM Pawel Veselov <[hidden email]>
wrote:

> Hello.
>
> I have a private Maven repository. It's defined in pom.xml of the project
>
>     <repository>
>         <id>some.id</id>
>         <url>https://some.host/artifactory/some.id</url>
>     </repository>
>
> In my ~/.m2/settings.xml, I have a proper authentication block:
>
>     <server>
>         <id>some.id</id>
>         <username>[hidden email]</username>
>         <password>{some-fancy-password-hash-goes-here}</password>
>     </server>
>
> When building the project, Maven is able to access the repository
> without any problems, as it's supposed to be. In debugging output, I
> can see it applying the credentials.
>
> But when I try to download an artifact directly, it doesn't look like
> Maven is even considering the settings file.
>
> mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.1:get \
>   -DremoteRepositories=some.id::::https://some.host/artifactory/some.id \
>   -Dartifact=groupId:artifactId:1.1.1
>
> The username is not transmitted. I can see in the debug output, that
> the BasicRepositoryConnector is invoked without username/password
> combination.
>
> So the question goes - can a plugin be invoked so that whatever
> process makes Maven consider using the authentication stated in its
> settings file is executed? Am I missing something, is there a bug, or
> this is the intended behavior?
>
> (Note, this was posted as https://stackoverflow.com/q/53384757/622266)
>
> Thank you!
>   -- Pawel.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Repository authentication when directly invoking dependency plugin

Pawel Veselov
Hello.

Right, somebody answered my SO as well, suggesting that. However, I am
not even using pom.xml, I am providing the repository definition
directly into the plugin, as a property (from the command line), and
there is no "current" pom.xml file.
Is there a reason why the authentication settings are not applied to
repositories defined in "remoteRepositories" property passed to the
plugin?

Also, you can have repositories defined in pom.xml, using top-level
<repositories> tag, aren't they used for downloading? The publishing
ones are inside <distributionManagement>, AFAIU, that's different.

Thank you.

On Tue, Nov 20, 2018 at 3:37 PM Neeraj Mahajan
<[hidden email]> wrote:

>
> Hi Pawel,
>
> The repositories defined in pom.xml is used for uploading artifacts.
> However in order to download artifacts from the same repository you need to
> add the repository to the profile section of settings.xml.
>
> Hope this helps.
>
> Kind Regards,
> Neeraj Mahajan
>
> On Tue, Nov 20, 2018 at 12:59 PM Pawel Veselov <[hidden email]>
> wrote:
>
> > Hello.
> >
> > I have a private Maven repository. It's defined in pom.xml of the project
> >
> >     <repository>
> >         <id>some.id</id>
> >         <url>https://some.host/artifactory/some.id</url>
> >     </repository>
> >
> > In my ~/.m2/settings.xml, I have a proper authentication block:
> >
> >     <server>
> >         <id>some.id</id>
> >         <username>[hidden email]</username>
> >         <password>{some-fancy-password-hash-goes-here}</password>
> >     </server>
> >
> > When building the project, Maven is able to access the repository
> > without any problems, as it's supposed to be. In debugging output, I
> > can see it applying the credentials.
> >
> > But when I try to download an artifact directly, it doesn't look like
> > Maven is even considering the settings file.
> >
> > mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.1:get \
> >   -DremoteRepositories=some.id::::https://some.host/artifactory/some.id \
> >   -Dartifact=groupId:artifactId:1.1.1
> >
> > The username is not transmitted. I can see in the debug output, that
> > the BasicRepositoryConnector is invoked without username/password
> > combination.
> >
> > So the question goes - can a plugin be invoked so that whatever
> > process makes Maven consider using the authentication stated in its
> > settings file is executed? Am I missing something, is there a bug, or
> > this is the intended behavior?
> >
> > (Note, this was posted as https://stackoverflow.com/q/53384757/622266)
> >
> > Thank you!
> >   -- Pawel.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
> >



--
With best of best regards
Pawel S. Veselov

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]