[
https://issues.apache.org/jira/browse/MRESOLVER-495?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17816900#comment-17816900
]
Konrad Windszus commented on MRESOLVER-495:
-------------------------------------------
Currently the {{AuthenticationContext}} being used for selecting the
{{Authentication}} data does not contain information about a potential HTTP
Auth Realm but only the URL of the remote repository.
> Provide AuthenticationSelector based on host/realm instead of repository id
> ---------------------------------------------------------------------------
>
> Key: MRESOLVER-495
> URL: https://issues.apache.org/jira/browse/MRESOLVER-495
> Project: Maven Resolver
> Issue Type: Improvement
> Components: Resolver
> Reporter: Konrad Windszus
> Priority: Major
>
> Currently the
> [{{DefaultAuthenticationSelector}}|https://github.com/apache/maven-resolver/blob/master/maven-resolver-util/src/main/java/org/eclipse/aether/util/repository/DefaultAuthenticationSelector.java#L56]
> only returns authentication info based on the repository id. In order to
> reuse the same authentication for multiple repositories (on the same or even
> on different servers) it should be possible to add authentication for a host
> (and potentially port/realm/scheme).
> Apache HttpClient uses the {{AuthScope}} class
> ([https://hc.apache.org/httpcomponents-client-4.5.x/current/httpclient/apidocs/org/apache/http/auth/AuthScope.html])
> to bind credentials to requests.
> Compare with https://datatracker.ietf.org/doc/html/rfc7235#section-2.2.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
