Ronak Patel created DROOLS-499:
----------------------------------
Summary: KIE API (kie-ci) unable to authenticate with remote Maven
repository
Key: DROOLS-499
URL:
https://issues.jboss.org/browse/DROOLS-499
Project: Drools
Issue Type: Bug
Security Level: Public (Everyone can see)
Affects Versions: 6.0.1.Final
Environment: Drools Workbench running on JBoss AS 7.1.1
Reporter: Ronak Patel
Assignee: Mark Proctor
The KIE API, specifically kie-ci, is unable to authenticate with remote Maven repositories
that require authentication. In my case, I've been trying to get it to authenticate
with the Drools Workbench Maven repository, with a user configured following this
instructional video by Mark Proctor:
http://youtu.be/vj3MNmiUnvY.
Following the suggestion in DROOLS-436, my settings.xml has the following:
<servers>
<server>
<id>WorkbenchM2Repo</id>
<username>user</username>
<password>password</password>
<configuration>
<wagonProvider>httpclient</wagonProvider>
<httpConfiguration>
<all>
<usePreemptive>true</usePreemptive>
</all>
</httpConfiguration>
</configuration>
</server>
</servers>
<profiles>
<profile>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>WorkbenchM2Repo</id>
<name>Drools Workbench Maven Repository</name>
<url>http://kiewbserver:8080/kie-drools-wb/maven2</url>
<releases>
<updatePolicy>always</updatePolicy>
</releases>
<snapshots>
<updatePolicy>always</updatePolicy>
</snapshots>
</repository>
</repositories>
</profile>
</profiles>
My code is the following and it's running from a different machine than the server
which hosts Workbench.
public static void main(String[] args) {
KieServices ks = KieServices.Factory.get();
KieContainer kContainer = null;
ReleaseId latestBld = ks.newReleaseId("com.hp.pa.sample",
"realestate", "LATEST");
kContainer = ks.newKieContainer(latestBld);
...
When I run it, I get the following exception:
Exception in thread "main" java.lang.RuntimeException: Cannot find KieModule:
com.hp.pa.sample:realestate:LATEST
at
org.drools.compiler.kie.builder.impl.KieServicesImpl.newKieContainer(KieServicesImpl.java:86)
at com.hp.pa.sample.realestate.Main.main(Main.java:17)
(Main.java:17 is the last line pasted above)
And when I look in the resolver-status.properties file corresponding to this module in my
local Maven repository, I see this message:
maven-metadata-WorkbenchM2Repo.xml.error=Could not transfer metadata
com.hp.pa.sample\:realestate/maven-metadata.xml from/to WorkbenchM2Repo
(http\://kiewbserver\:8080/kie-drools-wb/maven2)\: Access denied to\:
http\://kiewbserver\:8080/kie-drools-wb/maven2/com/hp/pa/sample/realestate/maven-metadata.xml
(401)
Using this and, more importantly, by logging the HTTP requests made by the API in Fiddler,
I see that the issue is clearly authentication - HTTP 401 Not Authorized responses in
Fiddler. I also see that the credentials are not sent in any way in the HTTP request
headers.
I dug even deeper and debugged the code in Eclipse, including 3rd party code. What I found
was that the username and password are picked up from settings.xml, but the preemptive
authentication isn't, and the authentication scheme defaults to NONE, and, as a
result, the credentials are not sent in the HTTP request. Specifically, the issue is in
the following code inside org.sonatype.maven.wagon.AhcWagon.openConnectionInternal() which
is inside the module with G/A/V org.sonatype.maven/wagon-ahc/1.2.1:
realmBuilder = (new Realm.RealmBuilder())
.setPrincipal( username )
.setPassword( password )
.setUsePreemptiveAuth( false )
.setEnconding( credentialEncoding );
setUsePreemptiveAuth( false ) is hardcoded and does not read from any setting. There is
also nowhere that the setScheme is called so it defaults to AuthScheme.NONE.
While running in the debugger, after this line was executed, I changed the value of the
fields on the realmBuilder object as follows and the code successfully authenticated with
the Workbench Maven repository and executed all the way through correctly:
usePreemptive = true
scheme = com.ning.http.client.Realm.AuthScheme.BASIC
Note that DROOLS-436 seems to deal with command line mvn and not kie-ci. I found that mvn
does authenticate successfully with the preemptive authentication configured as suggested
in that issue.
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)