Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-18260

Nexus Platform Plugin cannot determine Nexus 3 status when Anonymous access is disabled

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.13.0
    • Fix Version/s: None
    • Component/s: Jenkins Plugin
    • Story Points:
      3

      Description

      1. Start 3.13.0
      2. Disable Anonymous access by unchecking the Enabled checkbox
      3. Using Jenkins 2.121.1 + Nexus Platform Plugin 3.3.2, try to configure the nexus 3 connection.
        1. Enter the Server name
        2. Enter the Server ID
        3. Enter the server URL ( http://localhost:8081 ) and tab away from or click away from the Server URL field.

      The platform plugin sends a request to Nexus without credentials and gets a 403 response from Nexus.

      127.0.0.1 - - [23/Oct/2018:19:21:06 -0300] "GET /service/rest/wonderland/status HTTP/1.1" 403 - 0 5 "Java/1.8.0_181" ||| {Accept=text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2, Connection=keep-alive, Host=localhost:8081, User-Agent=Java/1.8.0_181}
      

      As a result, The jenkins plugin displays a yellow warning in the UI.

      Now choose valid credentials in order to correct the problem:

      1. Choose valid credentials in the credential dropdown or create these on the fly.
      2. Choose Test Connection. The Connection should work. Meanwhile the yellow warning text remains.
      3. Click inside the Server URL field. Change the value to http://localhost:123 ( invalid) . Tab or click away. Yellow message remains.
      4. Correct the server URL back to http://localhost:8081. Tab or click away. Nexus receives another request like this which does not use you already verified valid credentials.

      127.0.0.1 - - [23/Oct/2018:19:30:11 -0300] "GET /service/rest/wonderland/status HTTP/1.1" 403 - 0 3 "Java/1.8.0_181" ||| {Accept=text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2, Connection=keep-alive, Host=localhost:8081, User-Agent=Java/1.8.0_181}
      

      Expected

      One of the "Notes" in NEXUS-17303 was "version info should be available without auth". When Nexus has anonymous disabled ( reproduce step 2 ) this requirement is not satisfied.

      Also see NEXUS-18274 for interaction redesign proposals.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              plynch Peter Lynch
              Last Updated By:
              Peter Lynch Peter Lynch
              Votes:
              2 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title