[
https://jira.codehaus.org/browse/MNG-5123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=271534#comment-271534
]
Frédéric Camblor commented on MNG-5123:
---------------------------------------
To be clearer, replace sentence "If, in settings.xml, we use foo user for foo
server, and bar user for bar server, foo artefact cannot be retrieved in foo
repository because bar user is not authorized to access foo repository
(although it is not what is configured) : we can see this in nexus logs. The
issue is here !"
By :
"If, in settings.xml, we use foo user for foo server, and bar user for bar
server, foo artefact cannot be retrieved in foo repository because bar user is
_SELECTED FOR AUTHENTICATION AND_ not authorized to access foo repository
(although it is not what is configured) : we can see this in nexus logs. The
issue is here !"
I found the issue under maven 2.2.1.
Tried to reproduce it on Maven 3.0.3 ... it seems the problem is still there in
aether (message is clearer but seems to remain related to the same
authentication problems)
> Authentication credentials mismatch when accessing multiple repositories
> ------------------------------------------------------------------------
>
> Key: MNG-5123
> URL: https://jira.codehaus.org/browse/MNG-5123
> Project: Maven 2 & 3
> Issue Type: Bug
> Components: Artifacts and Repositories
> Affects Versions: 2.2.1, 3.0.3
> Environment: Windows 7
> Reporter: Frédéric Camblor
> Priority: Critical
> Attachments: jira authentication error on multiple credentials.zip
>
>
> When accessing multiple repositories, Maven seems to use & keep <server>
> credentials used for the first repository accessed, with the other
> repositories.
> For example, if we have 2 <repository> sections in our pom, accessed
> respectively with foo & bar usernames, "foo" credential will be used against
> the second repository, making authentication fails if foo is not authorized
> to access bar repository.
> I settled up a minimal nexus configuration demonstrating the problem.
> Nexus is defining 2 repositories (foo & bar).
> Only foo user can access foo repository. The same goes for the bar
> repository. A special ci user can access both repositories.
> A foo artefact has been uploaded in foo repository. A bar artefact has been
> uploaded in bar repository.
> A pom.xml project defines bar repository with dependencies on foo & bar
> artefacts.
> The foo repository is referenced as a mirror of central in settings.xml.
> If, in settings.xml, we use foo user for foo server, and bar user for bar
> server, foo artefact cannot be retrieved in foo repository because bar user
> is not authorized to access foo repository (although it is not what is
> configured) : we can see this in nexus logs. The issue is here !
> Note: If, in settings.xml, we use ci user for foo server, and bar user for
> bar server, foo artefact is retrieved (since ci user can both access foo &
> bar repositories).
> Note 2 : I provided a zot repository, too, to distinguish the <repository>
> section from the settings.xml and the pom.xml sections. But the same problem
> is going on zot repository.
> Problem seems to be really general : if we try to connect on N repositories
> using N <server> definitions, only the first <server> credentials are used
> (for the N repositories).
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
