Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
-
3.26.0
-
1
-
NXRM Neo Sprint 34
-
3
Description
With a docker proxy to https://registry.redhat.io where credentials have been provided that are from Red Hat, something about the password makes Nexus print three WARN messages in the log:
2020-08-21 09:54:07,942+0200 WARN [qtp304997904-1997] u0043092 org.sonatype.nexus.security.PasswordHelper - Value appears to be already decrypted java.lang.IllegalArgumentException: null at org.sonatype.nexus.security.PasswordHelper.decrypt(PasswordHelper.java:100) at org.sonatype.nexus.security.PasswordHelper.tryDecrypt(PasswordHelper.java:136) at org.sonatype.nexus.internal.httpclient.AuthenticationConfigurationDeserializer.deserialize(AuthenticationConfigurationDeserializer.java:61) at org.sonatype.nexus.internal.httpclient.AuthenticationConfigurationDeserializer.deserialize(AuthenticationConfigurationDeserializer.java:1) at com.fasterxml.jackson.databind.deser.impl.FieldProperty.deserializeAndSet(FieldProperty.java:138) at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:293) at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:156) at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:4197) at com.fasterxml.jackson.databind.ObjectMapper.convertValue(ObjectMapper.java:4133) at org.sonatype.nexus.repository.config.internal.ConfigurationFacetImpl.convert(ConfigurationFacetImpl.java:75) at org.sonatype.nexus.repository.config.internal.ConfigurationFacetImpl.readSection(ConfigurationFacetImpl.java:84) at org.sonatype.nexus.repository.config.internal.ConfigurationFacetImpl.validateSection(ConfigurationFacetImpl.java:121) at org.sonatype.nexus.repository.httpclient.internal.HttpClientFacetImpl.doValidate(HttpClientFacetImpl.java:131) ... ...
It seems this WARN message is for trying to encrypt a password which is already encrypted. It should not be logged as a warning with long exception stack trace logged.
Testing notes
- login as admin
- create any kind of proxy repository with fake data
- verify that no log was printed on creation since the level is INFO for the org.sonatype.security package
- set the log level to debug for the org.sonatype.security package (via the UI)
- create again a fake proxy repository
- You'll see the failure log as described above