[jboss-jira] [JBoss JIRA] (DROOLS-499) KIE API (kie-ci) unable to authenticate with remote Maven repository

Ronak Patel (JIRA) issues at jboss.org
Thu May 22 20:22:56 EDT 2014 

Ronak Patel created DROOLS-499:
----------------------------------

             Summary: KIE API (kie-ci) unable to authenticate with remote Maven repository
                 Key: DROOLS-499
                 URL: https://issues.jboss.org/browse/DROOLS-499
             Project: Drools
          Issue Type: Bug
      Security Level: Public (Everyone can see)
    Affects Versions: 6.0.1.Final
         Environment: Drools Workbench running on JBoss AS 7.1.1
            Reporter: Ronak Patel
            Assignee: Mark Proctor


The KIE API, specifically kie-ci, is unable to authenticate with remote Maven repositories that require authentication. In my case, I've been trying to get it to authenticate with the Drools Workbench Maven repository, with a user configured following this instructional video by Mark Proctor: http://youtu.be/vj3MNmiUnvY.

Following the suggestion in DROOLS-436, my settings.xml has the following:

  <servers>
    <server>
	  <id>WorkbenchM2Repo</id>
	  <username>user</username>
	  <password>password</password>
	  <configuration>
	    <wagonProvider>httpclient</wagonProvider>
	    <httpConfiguration>
	      <all>
	        <usePreemptive>true</usePreemptive>
	      </all>
	    </httpConfiguration>
	  </configuration>	 
    </server>
  </servers>

  <profiles>
    <profile>
      <activation>
        <activeByDefault>true</activeByDefault>
      </activation>
      <repositories>
        <repository>
          <id>WorkbenchM2Repo</id>
          <name>Drools Workbench Maven Repository</name>
          <url>http://kiewbserver:8080/kie-drools-wb/maven2</url>
          <releases>
            <updatePolicy>always</updatePolicy>
          </releases>
          <snapshots>
            <updatePolicy>always</updatePolicy>
          </snapshots>
        </repository>
      </repositories>
    </profile>
  </profiles>

My code is the following and it's running from a different machine than the server which hosts Workbench.

    public static void main(String[] args) {
        KieServices ks = KieServices.Factory.get();
        KieContainer kContainer = null;
        ReleaseId latestBld = ks.newReleaseId("com.hp.pa.sample", "realestate", "LATEST"); 
        kContainer = ks.newKieContainer(latestBld);
        ...

When I run it, I get the following exception:

Exception in thread "main" java.lang.RuntimeException: Cannot find KieModule: com.hp.pa.sample:realestate:LATEST
	at org.drools.compiler.kie.builder.impl.KieServicesImpl.newKieContainer(KieServicesImpl.java:86)
	at com.hp.pa.sample.realestate.Main.main(Main.java:17)

(Main.java:17 is the last line pasted above)

And when I look in the resolver-status.properties file corresponding to this module in my local Maven repository, I see this message:

maven-metadata-WorkbenchM2Repo.xml.error=Could not transfer metadata com.hp.pa.sample\:realestate/maven-metadata.xml from/to WorkbenchM2Repo (http\://kiewbserver\:8080/kie-drools-wb/maven2)\: Access denied to\: http\://kiewbserver\:8080/kie-drools-wb/maven2/com/hp/pa/sample/realestate/maven-metadata.xml (401)

Using this and, more importantly, by logging the HTTP requests made by the API in Fiddler, I see that the issue is clearly authentication - HTTP 401 Not Authorized responses in Fiddler. I also see that the credentials are not sent in any way in the HTTP request headers.

I dug even deeper and debugged the code in Eclipse, including 3rd party code. What I found was that the username and password are picked up from settings.xml, but the preemptive authentication isn't, and the authentication scheme defaults to NONE, and, as a result, the credentials are not sent in the HTTP request. Specifically, the issue is in the following code inside org.sonatype.maven.wagon.AhcWagon.openConnectionInternal() which is inside the module with G/A/V org.sonatype.maven/wagon-ahc/1.2.1:

            realmBuilder = (new Realm.RealmBuilder())
                .setPrincipal( username )
                .setPassword( password )
                .setUsePreemptiveAuth( false )
                .setEnconding( credentialEncoding );

setUsePreemptiveAuth( false ) is hardcoded and does not read from any setting. There is also nowhere that the setScheme is called so it defaults to AuthScheme.NONE.

While running in the debugger, after this line was executed, I changed the value of the fields on the realmBuilder object as follows and the code successfully authenticated with the Workbench Maven repository and executed all the way through correctly:

usePreemptive = true
scheme = com.ning.http.client.Realm.AuthScheme.BASIC

Note that DROOLS-436 seems to deal with command line mvn and not kie-ci. I found that mvn does authenticate successfully with the preemptive authentication configured as suggested in that issue.



--
This message was sent by Atlassian JIRA
(v6.2.3#6260)

More information about the jboss-jira mailing list