Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-10913

"Verify connection" button on IQ server configuration page does not validate credentials

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.1.0
    • Fix Version/s: 3.2.0
    • Component/s: IQ Integration
    • Labels:
      None

      Description

      This is a bug were the IQ credentials are not even used.

      1. Fire up your IQ server
      2. Go to NX3 and configure the IQ server connection
      3. Enter proper URL but invalid credentials
      4. Click "Verify connection" button
      5. Observe that no error is shown on screen or in log, instead the user seems to get the entire list of application on the IQ server

      Repeating the above with valid credentials has about the same effect, in particular the list of applications is not filtered by the permission the user actually has.

      Leaving the screen in good faith and trying to access IQ functionality like the CIP then finally pops up the expected auth errors:

      2016-09-19 18:24:43,551+0200 ERROR [qtp451749230-425] admin com.sonatype.nexus.clm.rest.ClmHealthCheckResource - An error occurred retrieving rest/integration/applications
      org.apache.http.client.HttpResponseException: Invalid credentials. Please try again.
              at zz.f.a(SourceFile:34) [na:na]
              at com.sonatype.insight.rm.rest.RestClientFactory$BaseClient.getResource(SourceFile:122) [com.sonatype.clm.dto.model:1.5.8.01]
              at com.sonatype.nexus.clm.rest.ClmHealthCheckResource.doGetClm(ClmHealthCheckResource.java:150) [com.sonatype.nexus.plugins.nexus-clm-plugin:3.1.0.SNAPSHOT]
              at com.sonatype.nexus.clm.rest.ClmHealthCheckResource.doGet(ClmHealthCheckResource.java:129) [com.sonatype.nexus.plugins.nexus-clm-plugin:3.1.0.SNAPSHOT]
              at com.sonatype.nexus.clm.rest.ClmHealthCheckResource$$EnhancerByGuice$$ef99901c.CGLIB$doGet$0(<generated>) [4.0:na]
              at com.sonatype.nexus.clm.rest.ClmHealthCheckResource$$EnhancerByGuice$$ef99901c$$FastClassByGuice$$f6de466d.invoke(<generated>) [4.0:na]
              at com.google.inject.internal.cglib.proxy.$MethodProxy.invokeSuper(MethodProxy.java:228) [com.google.inject:4.0.0]
              at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:75) [com.google.inject:4.0.0]
              at org.apache.shiro.guice.aop.AopAllianceMethodInvocationAdapter.proceed(AopAllianceMethodInvocationAdapter.java:49) [org.apache.shiro.guice:1.3.2]
              at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.invoke(AuthorizingAnnotationMethodInterceptor.java:68) [org.apache.shiro.core:1.3.2]
              at org.apache.shiro.guice.aop.AopAllianceMethodInterceptorAdapter.invoke(AopAllianceMethodInterceptorAdapter.java:36) [org.apache.shiro.guice:1.3.2]
              at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:75) [com.google.inject:4.0.0]
              at com.google.inject.internal.InterceptorStackCallback.intercept(InterceptorStackCallback.java:55) [com.google.inject:4.0.0]
              at com.sonatype.nexus.clm.rest.ClmHealthCheckResource$$EnhancerByGuice$$ef99901c.doGet(<generated>) [4.0:na]
              at sun.reflect.GeneratedMethodAccessor162.invoke(Unknown Source) [na:na]
              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [na:1.8.0_74]
              at java.lang.reflect.Method.invoke(Method.java:498) [na:1.8.0_74]
              at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:236) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at org.sonatype.nexus.siesta.internal.resteasy.ComponentContainerImpl.service(ComponentContainerImpl.java:101) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at org.sonatype.nexus.siesta.SiestaServlet.service(SiestaServlet.java:137) [org.sonatype.nexus.siesta:3.1.0.SNAPSHOT]
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [javax.servlet-api:3.1.0]
              at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:287) [com.google.inject:4.0.0]
              at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:277) [com.google.inject:4.0.0]
              at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:182) [com.google.inject:4.0.0]
              at com.google.inject.servlet.DynamicServletPipeline.service(DynamicServletPipeline.java:71) [com.google.inject:4.0.0]
              at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85) [com.google.inject:4.0.0]
              at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:112) [org.apache.shiro.web:1.3.2]
              at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0]
              at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:112) [org.apache.shiro.web:1.3.2]
              at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0]
              at com.sonatype.nexus.analytics.internal.RestRequestCollector.doFilter(RestRequestCollector.java:80) [com.sonatype.nexus.plugins.nexus-analytics-plugin:3.1.0.SNAPSHOT]
              at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0]
              at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61) [org.apache.shiro.web:1.3.2]
              at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) [org.apache.shiro.web:1.3.2]
              at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) [org.apache.shiro.web:1.3.2]
              at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.3.2]
              at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [org.apache.shiro.web:1.3.2]
              at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) [org.apache.shiro.web:1.3.2]
              at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) [org.apache.shiro.web:1.3.2]
              at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.3.2]
              at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [org.apache.shiro.web:1.3.2]
              at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) [org.apache.shiro.web:1.3.2]
              at org.sonatype.nexus.security.SecurityFilter.executeChain(SecurityFilter.java:85) [org.sonatype.nexus.security:3.1.0.SNAPSHOT]
              at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) [org.apache.shiro.web:1.3.2]
              at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) [org.apache.shiro.core:1.3.2]
              at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) [org.apache.shiro.core:1.3.2]
              at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) [org.apache.shiro.core:1.3.2]
              at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) [org.apache.shiro.web:1.3.2]
              at org.sonatype.nexus.security.SecurityFilter.doFilterInternal(SecurityFilter.java:101) [org.sonatype.nexus.security:3.1.0.SNAPSHOT]
              at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.3.2]
              at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0]
              at com.sonatype.nexus.licensing.internal.LicensingRedirectFilter.doFilter(LicensingRedirectFilter.java:112) [com.sonatype.nexus.plugins.nexus-licensing-plugin:3.1.0.SNAPSHOT]
              at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0]
              at com.codahale.metrics.servlet.AbstractInstrumentedFilter.doFilter(AbstractInstrumentedFilter.java:97) [com.codahale.metrics.servlet:3.0.2]
              at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0]
              at org.sonatype.nexus.internal.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:63) [org.sonatype.nexus.base:3.1.0.SNAPSHOT]
              at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0]
              at org.sonatype.nexus.internal.web.EnvironmentFilter.doFilter(EnvironmentFilter.java:97) [org.sonatype.nexus.base:3.1.0.SNAPSHOT]
              at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0]
              at com.google.inject.servlet.DynamicFilterPipeline.dispatch(DynamicFilterPipeline.java:104) [com.google.inject:4.0.0]
              at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133) [com.google.inject:4.0.0]
              at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130) [com.google.inject:4.0.0]
              at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203) [com.google.inject:4.0.0]
              at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130) [com.google.inject:4.0.0]
              at org.sonatype.nexus.bootstrap.osgi.DelegatingFilter.doFilter(DelegatingFilter.java:73) [org.sonatype.nexus.bootstrap:3.1.0.SNAPSHOT]
              at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668) [org.eclipse.jetty.servlet:9.3.7.v20160115]
              at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581) [org.eclipse.jetty.servlet:9.3.7.v20160115]
              at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) [org.eclipse.jetty.security:9.3.7.v20160115]
              at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511) [org.eclipse.jetty.servlet:9.3.7.v20160115]
              at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119) [org.eclipse.jetty.server:9.3.7.v20160115]
              at com.codahale.metrics.jetty9.InstrumentedHandler.handle(InstrumentedHandler.java:175) [com.codahale.metrics.jetty9:3.0.2]
              at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.server.Server.handle(Server.java:517) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:308) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242) [org.eclipse.jetty.server:9.3.7.v20160115]
              at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273) [org.eclipse.jetty.io:9.3.7.v20160115]
              at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) [org.eclipse.jetty.io:9.3.7.v20160115]
              at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75) [org.eclipse.jetty.io:9.3.7.v20160115]
              at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213) [org.eclipse.jetty.util:9.3.7.v20160115]
              at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147) [org.eclipse.jetty.util:9.3.7.v20160115]
              at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654) [org.eclipse.jetty.util:9.3.7.v20160115]
              at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572) [org.eclipse.jetty.util:9.3.7.v20160115]
              at java.lang.Thread.run(Thread.java:745) [na:1.8.0_74]
      2016-09-19 18:24:43,598+0200 ERROR [qtp451749230-401] admin com.sonatype.nexus.clm.rest.ClmHealthCheckResource - An error occurred retrieving rest/rm/componentDetails/application/bom1-12345678/list
      org.apache.http.client.HttpResponseException: Invalid credentials. Please try again.
              at zz.f.a(SourceFile:34) [na:na]
              at com.sonatype.insight.rm.rest.RestClientFactory$BaseClient.getResource(SourceFile:122) [com.sonatype.clm.dto.model:1.5.8.01]
              at com.sonatype.nexus.clm.rest.ClmHealthCheckResource.doGetClm(ClmHealthCheckResource.java:150) [com.sonatype.nexus.plugins.nexus-clm-plugin:3.1.0.SNAPSHOT]
      

      Seen with NX3 master against IQ 1.22 (which still allowed anon access by integrations by default), unclear about 3.0.x

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              bentmann Benjamin Bentmann
              Last Updated By:
              Joe Tom
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Date of First Response: