Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-16539

Nexus 3 does not auto-block on 401 responses from https://maven.oracle.com

    XMLWordPrintable

    Details

    • Story Points:
      2

      Description

      Nexus 3 does not auto-block on receiving 401 responses from the remote of a proxy repository.  Instead, it keeps checking the remote for every inbound request.

       This is not consistent with Nexus 2.x, which does auto-block for 401 responses.  See NEXUS-6515.

      Failure to auto-block on receiving 401 can cause major performance problems, and also has the disadvantage that a user is not alerted to the fact that a proxy repository is not working.  It is true that there are cases where you would not want to auto-block on 401, but those are rare, and can be handled by disabling auto-block in the repository's configuration.

       

      2018-03-14 13:18:36,026-0500 WARN  [qtp49922574-216] admin org.sonatype.nexus.repository.maven.internal.proxy.MavenProxyFacet - Exception org.sonatype.nexus.repository.proxy.ProxyServiceException: HTTP/1.1 401 Unauthorized checking remote for update, proxy repo ooo failed to fetch foo/bar/maven-metadata.xml with status line HTTP/1.1 401 Unauthorized, content not in cache.
      2018-03-14 13:18:41,765-0500 WARN  [qtp49922574-63] admin org.sonatype.nexus.repository.maven.internal.proxy.MavenProxyFacet - Exception org.sonatype.nexus.repository.proxy.ProxyServiceException: HTTP/1.1 401 Unauthorized checking remote for update, proxy repo ooo failed to fetch foo/bar/maven-metadata.xml with status line HTTP/1.1 401 Unauthorized, content not in cache.
      2018-03-14 13:18:49,982-0500 WARN  [qtp49922574-61] admin org.sonatype.nexus.repository.maven.internal.proxy.MavenProxyFacet - Exception org.sonatype.nexus.repository.proxy.ProxyServiceException: HTTP/1.1 401 Unauthorized checking remote for update, proxy repo ooo failed to fetch foo/bar/maven-metadata.xml with status line HTTP/1.1 401 Unauthorized, content not in cache.
      2018-03-14 13:19:06,078-0500 WARN  [qtp49922574-63] admin org.sonatype.nexus.repository.maven.internal.proxy.MavenProxyFacet - Exception org.sonatype.nexus.repository.proxy.ProxyServiceException: HTTP/1.1 401 Unauthorized checking remote for update, proxy repo ooo failed to fetch foo/bar/maven-metadata.xml with status line HTTP/1.1 401 Unauthorized, content not in cache.
      

      Note: The reproduce case for the above is to create a proxy of https://maven.oracle.com and enter invalid credentials into the authentication settings for it.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jbryan Jeremy Bryan
              Reporter:
              rseddon Rich Seddon
              Last Updated By:
              Peter Lynch
              Team:
              Nexus - Core
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title