[
https://issues.apache.org/jira/browse/MNG-7719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17696352#comment-17696352
]
Adam Gent commented on MNG-7719:
--------------------------------
Per github it appears that the native client respects Basic Auth Challenges and
our server did not do that (it never sends the WWW-Authenticate).
The wagon version will always send the credentials on PUT an POST.
The wagon version basically is like a header API key when doing basic auth
instead of the true basic auth workflow.
Consequently I suppose this is not a bug.
> Maven 3.9.0 native http transport ignores username/password for basic auth
> --------------------------------------------------------------------------
>
> Key: MNG-7719
> URL: https://issues.apache.org/jira/browse/MNG-7719
> Project: Maven
> Issue Type: Improvement
> Components: Core, Deployment
> Affects Versions: 3.9.0
> Reporter: Adam Gent
> Priority: Major
> Fix For: waiting-for-feedback
>
>
> In 3.9.0 the default maven http transport switched from wagon to native.
> It appears that the native transport does not respect:
> {code:xml}
> <server>
> <id>some-repo</id>
> <username>some-username</username>
> <password>basic-auth-password</password>
> </server>
> {code}
> Now when you do a mvn deploy to some-repo the basic auth headers are missing.
> This is probably causing github package problems:
> https://github.com/orgs/community/discussions/49001
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
