Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-24995

WARN log messages when using Red Hat credentials for registry.redhat.io docker proxy

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • None
    • 3.26.0
    • Docker, Logging
    • 1
    • NXRM Neo Sprint 34
    • 3

    Description

      With a docker proxy to https://registry.redhat.io where credentials have been provided that are from Red Hat, something about the password makes Nexus print three WARN messages in the log:
       

      2020-08-21 09:54:07,942+0200 WARN  [qtp304997904-1997]  u0043092 org.sonatype.nexus.security.PasswordHelper - Value appears to be already decrypted
java.lang.IllegalArgumentException: null
	at org.sonatype.nexus.security.PasswordHelper.decrypt(PasswordHelper.java:100)
	at org.sonatype.nexus.security.PasswordHelper.tryDecrypt(PasswordHelper.java:136)
	at org.sonatype.nexus.internal.httpclient.AuthenticationConfigurationDeserializer.deserialize(AuthenticationConfigurationDeserializer.java:61)
	at org.sonatype.nexus.internal.httpclient.AuthenticationConfigurationDeserializer.deserialize(AuthenticationConfigurationDeserializer.java:1)
	at com.fasterxml.jackson.databind.deser.impl.FieldProperty.deserializeAndSet(FieldProperty.java:138)
	at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:293)
	at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:156)
	at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:4197)
	at com.fasterxml.jackson.databind.ObjectMapper.convertValue(ObjectMapper.java:4133)
	at org.sonatype.nexus.repository.config.internal.ConfigurationFacetImpl.convert(ConfigurationFacetImpl.java:75)
	at org.sonatype.nexus.repository.config.internal.ConfigurationFacetImpl.readSection(ConfigurationFacetImpl.java:84)
	at org.sonatype.nexus.repository.config.internal.ConfigurationFacetImpl.validateSection(ConfigurationFacetImpl.java:121)
	at org.sonatype.nexus.repository.httpclient.internal.HttpClientFacetImpl.doValidate(HttpClientFacetImpl.java:131)
...
...

      It seems this WARN message is for trying to encrypt a password which is already encrypted. It should not be logged as a warning with long exception stack trace logged.

       

      Testing notes 

      • login as admin
      • create any kind of proxy repository with fake data
      • verify that no log was printed on creation since the level is INFO for the org.sonatype.security package
      • set the log level to debug for the org.sonatype.security package (via the UI)
      • create again a fake proxy repository
      • You'll see the failure log as described above

       

      Attachments

        Activity

          People

            leonardor Leonardo Ruiz
            msurani Mahendra Surani
            Srinivasan Appusamy Srinivasan Appusamy
            NXRM - Neo
            Votes:
            1 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              tigCommentSecurity.panel-title