I have a Java repository whose url is, say a. Access to this repository requires authentication, which is provided by the credentials stored in maven's setting.xml file (~/.m2/settings.xml). When I specify this url in pom.xml for maven's repository, everything works as expected.
<repositories>
<repository>
<id>my-internal-site</id>
<url>a</url>
</repository>
</repositories>
I also have a url, b, which redirects to a. More specifically, b returns a 302 HTTP response. Now, when I specify b in pom.xml as the repository url, it returns a 400 Authentication Error, which most likely means that the Authentication parameters are missing. So my hypothesis is that maven does not send the authentication details from settings.xml to a on redirection. Is there a way I can enable that? Or is there a fix for this?
Related
I have a private maven repository. Publishing on this repository with authentication works well. But when I try use the repository to resolve dependencies, the authentication credentials defined in the settings.xml are not applied. Only way to make it work is to provide the credentials in the repository URL defined in the pom.xml
Is this a bug or did I miss something during setup?
Snippet from the pom.xml
<repositories>
<repository>
<id>myServer</id>
<name>My Servers Name</name>
<url>https://someHost/repository/maven-public/</url>
</repository>
</repositories>
Snippet from the settings.xml
<servers>
<server>
<id>myServer</id>
<username>myUser</username>
<password>myPass</password>
</server>
</servers>
I use Apache Maven 3.0.5 (Red Hat 3.0.5-17) and on the server's side I see that no credentials are applied, so a 401 is responded.
The above setup does work if I remove the server-setup from settings.xml and add the credentials myUser:myPass to the URL defined in the pom.xml.
Finally it appeared that I had a typo in the auth-credentials so, all works as expected.
I want to use an artifact "eu.excitementproject:lap:jar:1.1.0:" from the following repository:
http://hlt-services4.fbk.eu:8080/artifactory/repo/eu/excitementproject
I can download the jar directly from the above link without any authorization.
However, when I mvn install on my computer, I get the following error:
Could not transfer artifact eu.excitementproject:lap:pom:1.1.0 from/to excitement
(http://hlt-services4.fbk.eu:8080/artifactory/repo/eu/excitementproject):
Not authorized
Here is the relevant part of my pom.xml:
<repositories>
<repository>
<id>excitement</id>
<name>excitement</name>
<url>http://hlt-services4.fbk.eu:8080/artifactory/repo/eu/excitementproject</url>
</repository>
</repositories>
<dependencies>
<dependency>
<groupId>eu.excitementproject</groupId>
<artifactId>lap</artifactId>
<version>1.1.0</version>
</dependency>
</dependencies>
What should I do?
Your Maven configuration is:
repository URL - http://hlt-services4.fbk.eu:8080/artifactory/repo/eu/excitementproject
group-id - eu.excitementproject
artifact-id - lap
artifact-version - 1.1.1.
The full path to the artifact is therefore http://hlt-services4.fbk.eu:8080/artifactory/repo/eu/excitementproject/eu.excitementproject/lap/1.1.1/lap-1.1.1.pom.
If I hit this URL from any web browser, I am asked to authenticate using basic HTTP authentication. This is exactly what Maven also sees. Therefore, as #Will mentioned above, if you wish to continue using this repository URL, you will have to configure authentication settings for the repository in your local settings.xml.
Interestingly, I can hit http://hlt-services4.fbk.eu:8080/artifactory/repo/eu.excitementproject/lap/1.1.1/lap-1.1.1.pom without problems. So, if you shorten your repository URL to http://hlt-services4.fbk.eu:8080/artifactory/repo, your build will work (I have tested this).
you can provide credentials to your artifactory using basic url authentification(https://developer.mozilla.org/en-US/docs/Web/HTTP/Basic_access_authentication).
In your case repository url should be:
http://USERNAME:PASSWORD#hlt-services4.fbk.eu:8080/artifactory/repo/eu/excitementproject
I am trying to configure the deploy step in a Maven 3.0.4 POM using the <distributionManagement> tag. From XSD for POMs (line 1389), it suggests that merely providing the id should allow Maven too look up the corresponding values from the settings.xml file. I have the desired server listed (which is configured correctly since I can pull dependencies from it and see it mentioned when running in -X debug mode: [DEBUG] Repositories (dependencies): [archiva.snapshots (http://snap-mvnrepo.initech.com/archiva/repository/snapshots, releases+snapshots)]) in the settings.xml. However, when I just provide the <id> in my POM and try to deploy, I get an error that Maven is missing the URL for the repository, but when I explicitly provide the <url> the deploy works.
Does anyone know what I should do to get it working by id only? I don't want to hard code the URL.
DISCLAIMERS: Typos are likely the result of anonymization, but it is possible that they are "real" so feel free to point away at any.
About the <id> child tag of <repository> from the XSD for POMs (line 1389):
A unique identifier for a repository. This is used to match the repository to configuration in the settings.xml file, for example.
From my settings.xml:
<profile>
<id>archiva_dev</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>archiva.snapshots</id>
<name>Initech Internal Snapshot Repository</name>
<url>http://snap-mvnrepo.initech.com/archiva/repository/snapshots</url>
</repository>
</repositories>
</profile>
From my (failing) pom.xml:
<distributionManagement>
<repository>
<id>archiva.snapshots</id>
<!--
<name>Initech Internal Snapshot Repository</name>
<url>http://snap-mvnrepo.initech.com/archiva/repository/snapshots</url>
-->
</repository>
</distributionManagement>
The error:
Caused by: java.lang.IllegalStateException: Failed to create release distribution repository for com.initech.ws:initechws:pom:1.0-SNAPSHOT
at org.apache.maven.project.MavenProject.getReleaseArtifactRepository(MavenProject.java:1853)
at org.apache.maven.project.MavenProject.getDistributionManagementArtifactRepository(MavenProject.java:1377)
at org.apache.maven.plugin.deploy.DeployMojo.getDeploymentRepository(DeployMojo.java:227)
at org.apache.maven.plugin.deploy.DeployMojo.execute(DeployMojo.java:118)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:101)
... 20 more
Caused by: org.apache.maven.artifact.InvalidRepositoryException: URL missing for repository archiva.snapshots
at org.apache.maven.repository.legacy.LegacyRepositorySystem.buildArtifactRepository(LegacyRepositorySystem.java:775)
at org.apache.maven.project.MavenProject.getReleaseArtifactRepository(MavenProject.java:1843)
... 24 more
The /project/distributionManagement/id value defines the /settings/servers/server/id to match against in order to identify the credentials to use when connecting to the url specified by /project/distributionManagement/url
Because the URL for deployment is very often different from the URL for read access, and the same credentials may apply to multiple URLs, there is no looking up of /project/repositories/repository or /project/pluginRepositories/pluginRepository.
The short answer is thus that you must specify /project/distributionManagement/url in order to be able to deploy, and if you need credentials in order to deploy to that URL you need to specify /project/distributionManagement/id and ensure that the matching credentials exist in your settings.xml
How could we update the documentation to make the above clearer and prevent future users from becoming confused in the manner you have been?
Update
The modello toolchain is generating the XSL with only some of the sentences, so
A unique identifier for a repository. This is used to match the repository to configuration in the settings.xml file, for example.
Is actually
A unique identifier for a repository. This is used to match the repository
to configuration in the settings.xml file, for example.
Furthermore, the identifier is used during POM inheritance and profile
injection to detect repositories that should be merged.
Source
Finally in order to fully make sense of the sentence, you need to be aware that the settings.xml file is just the source of settings when Maven is invoked from the command line. Maven Embedder may actually mean that the settings provided to Maven come from some other source entirely (think, e.g. from the configuration database of Eclipse or another IDE) which is the reason for some of the fun in MRELEASE-577.
A better way to read the first sentence might be
A unique identifier for a repository. This is used to match the repository to configuration, for example in the settings.xml file.
But if you can suggest something even better I will update the docs accordingly
I have installed nexus on my local machine. I want my pom file to point to this repo. How can I add my custom repository to my pom.xml file?
From Maven - Settings Reference
The repositories for download and deployment are defined by the repositories and distributionManagement elements of the POM. However, certain settings such as username and password should not be distributed along with the pom.xml. This type of information should exist on the build server in the settings.xml.
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
http://maven.apache.org/xsd/settings-1.0.0.xsd">
...
<servers>
<server>
<id>server001</id>
<username>my_login</username>
<password>my_password</password>
<privateKey>${user.home}/.ssh/id_dsa</privateKey>
<passphrase>some_passphrase</passphrase>
<filePermissions>664</filePermissions>
<directoryPermissions>775</directoryPermissions>
<configuration></configuration>
</server>
</servers>
...
</settings>
id: This is the ID of the server (not of the user to login as) that matches the id element of the repository/mirror that Maven tries to connect to.
username, password: These elements appear as a pair denoting the login and password required to authenticate to this server.
privateKey, passphrase: Like the previous two elements, this pair specifies a path to a private key (default is ${user.home}/.ssh/id_dsa) and a passphrase, if required. The passphrase and password elements may be externalized in the future, but for now they must be set plain-text in the settings.xml file.
filePermissions, directoryPermissions: When a repository file or directory is created on deployment, these are the permissions to use. The legal values of each is a three digit number corrosponding to *nix file permissions, ie. 664, or 775.
Note: If you use a private key to login to the server, make sure you omit the element. Otherwise, the key will be ignored.
All you should need is the id, username and password
The id and URL should be defined in your pom.xml like this:
<repositories>
...
<repository>
<id>acme-nexus-releases</id>
<name>acme nexus</name>
<url>https://nexus.acme.net/content/repositories/releases</url>
</repository>
...
</repositories>
If you need a username and password to your server, you should encrypt it.
Maven Password Encryption
First of all I can highly recommend reading the Nexus book. It will explain the benefits of using a Maven repository manager.
There is a section on how to configure your Maven build to use Nexus:
http://www.sonatype.com/books/nexus-book/reference/config.html
This leads me to question why you altering your POM file? I suspect what you really want to do is setup Nexus as a remote repository mirror. This is done in your Maven settings file.
The following tells Maven use Nexus as your default repository (Instead of Maven Central)
<settings>
..
..
<mirrors>
<mirror>
<id>nexus</id>
<url>http://localhost:8081/nexus/content/groups/public</url>
<mirrorOf>central</mirrorOf>
</mirror>
</mirrors>
This is desired behaviour since your Nexus repository is configured to cache artifacts retrieved from Central (which is good for build performance).
Note:
The "public" repository group could include other repositories proxied by your Nexus instance (Not just Maven Central). You probabily want this behaviour, as it centralizes all repository management. It just makes your build less portable for people outside of your organization.
It seems the answers here do not support an enterprise use case where a Nexus server has multiple users and has project-based isolation (protection) based on user id ALONG with using an automated build (CI) system like Jenkins. You would not be able to create a settings.xml file to satisfy the different user ids needed for different projects. I am not sure how to solve this, except by opening Nexus up to anonymous access for reading repositories, unless the projects could store a project-specific generic user id in their pom.xml.
From the Apache Maven site
<project>
...
<repositories>
<repository>
<id>my-internal-site</id>
<url>http://myserver/repo</url>
</repository>
</repositories>
...
</project>
"The repositories for download and deployment are defined by the repositories and distributionManagement elements of the POM. However, certain settings such as username and password should not be distributed along with the pom.xml. This type of information should exist on the build server in the settings.xml." - Apache Maven site - settings reference
<servers>
<server>
<id>server001</id>
<username>my_login</username>
<password>my_password</password>
<privateKey>${user.home}/.ssh/id_dsa</privateKey>
<passphrase>some_passphrase</passphrase>
<filePermissions>664</filePermissions>
<directoryPermissions>775</directoryPermissions>
<configuration></configuration>
</server>
</servers>
If you don't want or you cannot modify the settings.xml file, you can create a new one at the root of your project, and call maven passing it as a parameter with the -s argument:
$ mvn COMMAND ... -s settings.xml
From maven setting reference, you can not put your username/password in a pom.xml
The repositories for download and deployment are defined by the repositories and distributionManagement elements of the POM. However, certain settings such as username and password should not be distributed along with the pom.xml. This type of information should exist on the build server in the settings.xml.
You can first add a repository in your pom and then add the username/password in the $MAVEN_HOME/conf/settings.xml:
<servers>
<server>
<id>my-internal-site</id>
<username>yourUsername</username>
<password>yourPassword</password>
</server>
</servers>
I've installed a sonatype nexus to be my maven repo. The nexus instalation is using the Active Directory to authenticate users, and the annonymous login is off.
Every user that uploads an artifact to my repo must be identifyed with a unique username, thus the AD integration.
The regular way to use this structure is to set in the POM.xml the Distribution Managemente tag so the artifact is sent to nexus
<distributionManagement>
...
<repository>
<id>deploymentRepo</id>
<name>Internal Releases</name>
<url>http://nexusserver:8081/nexus/content/repositories/releases</url>
</repository>
...
</distributionManagement>
In the local repo settings (~/.m2/settings.xml) add the username/password combo to login into nexus
<server>
<id>deploymentRepo</id>
<username>deployment</username>
<password>deployment123</password>
</server>
It's working great for me, but what I'm trying to achieve is to somehow do the auth in nexus without having to put the user password in the local repo. Is it possible?
What are you trying to achieve: not to store password as plain text or for user having to pass password every time it runs maven deploy command?
Password could be stored in encrypted form, as described here
Or you could try to pass password on command line like below, but I haven't tried that:
mnv -Dpassword=deployment123 deploy
Nexus 2.1 is due to be released in June and we've built a new feature to support secure authentication without requiring a clear text password in the settings.xml.