Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-10390

Nexus 3 Basic realm name does not equal Nexus 2 realm name

    XMLWordPrintable

    Details

    • Story Points:
      1
    • Sprint:
      Sprint 74, Sprint 75

      Description

      For repository content the Basic auth realm name of nexus 2 when accessing content is "Sonatype Nexus Repository Manager".

      The Basic auth realm name of nexus 3.0.0 is "Sonatype Nexus".

      We have seen at least one instance of breakage when changing realm names:

      https://issues.sonatype.org/browse/OSSRH-19926

      When a user migrates from Nexus 2 to Nexus 3, this realm name change could cause builds using IVY based deployments ( SBT, ANT ) to start failing. Fixing this on the client side could require a huge set of ivysettings.xml changes in source control or build jobs. ivysettings.xml fils can contain sections with credentials such as

      <ivysettings>
         <settings defaultResolver="nexus"/>
          <credentials host="localhost" realm="Sonatype Nexus Repository Manager" username="deployment" passwd="deployment123"/>
          <property name="nexus-public" value="http://localhost:8081/nexus/content/groups/public"/>
          <property name="nexus-releases" value="http://localhost:8081/nexus/content/repositories/releases"/>
          <property name="nexus-snapshots" value="http://localhost:8081/nexus/content/repositories/snapshots"/>
          <resolvers>
            <ibiblio name="nexus" m2compatible="true" root="${nexus-public}"/>
            <ibiblio name="nexus-snapshots" m2compatible="true" root="${nexus-snapshots}"/>
            <ibiblio name="nexus-releases" m2compatible="true" root="${nexus-releases}"/>
          </resolvers>
      </ivysettings>
      

      While 'realm' is an optional configuration attribute - even if it is left out, then credentials will not be found that match the realm name and authentication fails with 401 like it does when the realm name is specified but does not match exactly the realm name sent in the Nexus WWW-Authenticate header.

      Should the Nexus 3 realm equal the Nexus 2 realm name?

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              fmilens Frederick Milens
              Reporter:
              plynch Peter Lynch
              Last Updated By:
              Peter Lynch
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title