Uploaded image for project: 'Dev - Nexus'
  1. Dev - Nexus
  2. NEXUS-3143

500 error in nexus-archetype-plugin when user does not have access.

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Out of scope
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Copied from email:

      You should jump over to the nexus dev list.

      It looks like you your not logged in, or don't have access to that repo, (and this plugin is not returning a 403 as it should)

      Line 128 should include a catch for NoSuchRepositoryAccessException then set the status to a 403

      On Dec 30, 2009, at 7:25 PM, Thomas Dudziak wrote:

      Hi,

      we installed the nexus-archetype-plugin (trunk as stated in
      https://docs.sonatype.org/display/Nexus/Nexus+Archetype+Plugin) into a
      Nexus professional instance (1.4.1), but only the Admin user is able
      to see the feed. Every other user gets a 500 response with a message
      like:

      ResourceStore of type Repository with id='public' not found!

      and in the log there is this stacktrace:

      2009-12-31 00:23:11 ERROR [tp-919099148-34] - o.s.n.e.r.ErrorRepo~

      • Detected Error in Nexus
        org.restlet.resource.ResourceException: ResourceStore of type
        Repository with id='public' not found!
        at org.sonatype.nexus.plugins.mac.api.MacRepositoryPlexusResource.get(MacRepositoryPlexusResource.java:130)
        at org.sonatype.plexus.rest.resource.RestletResource.represent(RestletResource.java:263)
        at org.sonatype.nexus.rest.NexusRestletResource.represent(NexusRestletResource.java:34)
        at org.restlet.resource.Resource.getRepresentation(Resource.java:302)
        at org.restlet.resource.Resource.handleGet(Resource.java:464)
        at org.restlet.Finder.handle(Finder.java:353)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at org.restlet.Filter.handle(Filter.java:195)
        at org.restlet.Router.handle(Router.java:504)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at org.restlet.Filter.handle(Filter.java:195)
        at org.restlet.Router.handle(Router.java:504)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at org.restlet.Filter.handle(Filter.java:195)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at org.sonatype.plexus.rest.RetargetableRestlet.doHandle(RetargetableRestlet.java:39)
        at org.restlet.Filter.handle(Filter.java:195)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at org.restlet.Filter.handle(Filter.java:195)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at org.restlet.Filter.handle(Filter.java:195)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at com.noelios.restlet.StatusFilter.doHandle(StatusFilter.java:130)
        at org.restlet.Filter.handle(Filter.java:195)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at org.restlet.Filter.handle(Filter.java:195)
        at com.noelios.restlet.ChainHelper.handle(ChainHelper.java:124)
        at com.noelios.restlet.application.ApplicationHelper.handle(ApplicationHelper.java:112)
        at org.restlet.Application.handle(Application.java:341)
        at org.restlet.ext.wadl.WadlApplication.handle(WadlApplication.java:705)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at org.restlet.Filter.handle(Filter.java:195)
        at org.restlet.Router.handle(Router.java:504)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at org.restlet.Filter.handle(Filter.java:195)
        at org.restlet.Router.handle(Router.java:504)
        at org.restlet.Filter.doHandle(Filter.java:150)
        at org.restlet.Filter.handle(Filter.java:195)
        at com.noelios.restlet.ChainHelper.handle(ChainHelper.java:124)
        at org.restlet.Component.handle(Component.java:673)
        at org.restlet.Server.handle(Server.java:331)
        at com.noelios.restlet.ServerHelper.handle(ServerHelper.java:68)
        at com.noelios.restlet.http.HttpServerHelper.handle(HttpServerHelper.java:147)
        at com.noelios.restlet.ext.servlet.ServerServlet.service(ServerServlet.java:881)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
        at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502)
        at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
        at org.jsecurity.web.servlet.FilterChainWrapper.doFilter(FilterChainWrapper.java:52)
        at org.jsecurity.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:105)
        at org.jsecurity.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:135)
        at org.jsecurity.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:180)
        at org.jsecurity.web.servlet.FilterChainWrapper.doFilter(FilterChainWrapper.java:57)
        at org.jsecurity.web.servlet.JSecurityFilter.doFilterInternal(JSecurityFilter.java:382)
        at org.jsecurity.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:180)
        at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1148)
        at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:387)
        at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
        at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
        at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
        at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417)
        at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
        at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
        at org.mortbay.jetty.Server.handle(Server.java:326)
        at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
        at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:864)
        at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:539)
        at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
        at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
        at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
        at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:520)
        Caused by: org.sonatype.nexus.rest.NoSuchRepositoryAccessException:
        ResourceStore of type Repository with id='public' not found!
        at org.sonatype.nexus.rest.ProtectedRepositoryRegistry.checkAccessToRepository(ProtectedRepositoryRegistry.java:131)
        at org.sonatype.nexus.rest.ProtectedRepositoryRegistry.getRepository(ProtectedRepositoryRegistry.java:57)
        at org.sonatype.nexus.plugins.mac.api.MacRepositoryPlexusResource.get(MacRepositoryPlexusResource.java:94)
        ... 69 more

      Is there a specific privilege that I need to give the users (incl.
      anonymous) so that they can access the plugin ?

      Tom

        Issue Links

          Activity

          Hide
          chris.melikian Chris Melikian added a comment -

          We're getting the same problem. It's not clear what privilege Nexus is looking for.

          Our log states:-

          2010-01-26 17:16:27 DEBUG [ype-catalog.xml] - o.s.n.p.a.NexusItem~:default - Checking isPermitted() with perms: [nexus:view:repository:developer-snapshots]
          2010-01-26 17:16:27 DEBUG [ype-catalog.xml] - o.s.n.p.a.NexusItem~:default - Subject is authenticated, but has none of the needed permissions, rejecting.
          2010-01-26 17:16:27 ERROR [ype-catalog.xml] - o.s.n.e.r.ErrorRepo~ - Detected Error in Nexusorg.restlet.resource.ResourceException: ResourceStore of type Repository with id='developer-snapshots' not found!
          at org.sonatype.nexus.plugins.mac.api.MacRepositoryPlexusResource.get(MacRepositoryPlexusResource.java:130)

          but the developer-snapshots view privileges has been assigned to the anonymous user with no luck.

          We are using the server url:-

          <SERVER_URL>/nexus/service/local/nexus-archetype-plugin/developer-snapshots/archetype-catalog.xml

          Logging on to Nexus with admin user enables us to see the page but as anonymous we get the HTTP 500 Server Error.

          Show
          chris.melikian Chris Melikian added a comment - We're getting the same problem. It's not clear what privilege Nexus is looking for. Our log states:- 2010-01-26 17:16:27 DEBUG [ype-catalog.xml] - o.s.n.p.a.NexusItem~:default - Checking isPermitted() with perms: [nexus:view:repository:developer-snapshots] 2010-01-26 17:16:27 DEBUG [ype-catalog.xml] - o.s.n.p.a.NexusItem~:default - Subject is authenticated, but has none of the needed permissions, rejecting. 2010-01-26 17:16:27 ERROR [ype-catalog.xml] - o.s.n.e.r.ErrorRepo~ - Detected Error in Nexusorg.restlet.resource.ResourceException: ResourceStore of type Repository with id='developer-snapshots' not found! at org.sonatype.nexus.plugins.mac.api.MacRepositoryPlexusResource.get(MacRepositoryPlexusResource.java:130) but the developer-snapshots view privileges has been assigned to the anonymous user with no luck. We are using the server url:- <SERVER_URL>/nexus/service/local/nexus-archetype-plugin/developer-snapshots/archetype-catalog.xml Logging on to Nexus with admin user enables us to see the page but as anonymous we get the HTTP 500 Server Error.
          Hide
          roland.nelson Roland Nelson added a comment -

          we are also dealing with the same issue : only a logged in user can access the catalog, otherwise an HTTP/500 is returned.

          It is not quite clear if e.g. read-only access for all can be set via the UI & permissions or if this is a bug in the plugin code.
          (Will have to investigate a bit more)

          In general it would be nice if this could make it out of a SNAPSHOT lifecycle and get released soon in order to promote
          interoperability between e.g. eclipse, m2eclipse & nexus

          Show
          roland.nelson Roland Nelson added a comment - we are also dealing with the same issue : only a logged in user can access the catalog, otherwise an HTTP/500 is returned. It is not quite clear if e.g. read-only access for all can be set via the UI & permissions or if this is a bug in the plugin code. (Will have to investigate a bit more) In general it would be nice if this could make it out of a SNAPSHOT lifecycle and get released soon in order to promote interoperability between e.g. eclipse, m2eclipse & nexus
          Hide
          normanrosner Norman Rosner added a comment -

          We are getting the exact problem! Is there any chance that this will be fixed in near future?

          Thanks,
          norman

          Show
          normanrosner Norman Rosner added a comment - We are getting the exact problem! Is there any chance that this will be fixed in near future? Thanks, norman
          Hide
          metalairplane Volker Fuessler added a comment - - edited

          same here. A fix would be nice.

          thank you,
          Volker

          Show
          metalairplane Volker Fuessler added a comment - - edited same here. A fix would be nice. thank you, Volker
          Hide
          starver Steve Tarver added a comment -

          This seems like kind of a significant bug because I can't use m2eclipse to view archetypes I have created for the group. When creating a new remote catalog, the verify button responds with catalog is empty. Command line maven use fails as well.

          Verified still broken in nexus-archetype-plugin-1.0.1-20100507.143505-10-bundle.zip

          Show
          starver Steve Tarver added a comment - This seems like kind of a significant bug because I can't use m2eclipse to view archetypes I have created for the group. When creating a new remote catalog, the verify button responds with catalog is empty. Command line maven use fails as well. Verified still broken in nexus-archetype-plugin-1.0.1-20100507.143505-10-bundle.zip
          Hide
          starver Steve Tarver added a comment -

          Identified a work around (that I think works for 1.0.0 although I am using the 1.0.1 snapshot now).
          If you view the url while logged in, it produces the archetype-catalog.xml at the top of that repository. You can use this file instead of the one generated by the plugin.

          Eg.
          Log in to Nexus
          http://<myhost>:8081/nexus/service/local/nexus-archetype-plugin/<my-repo>/archetype-catalog.xml
          Now
          http://<myhost>:8081/nexus/content/repositories/<my-repo>/archetype-catalog.xml
          exists and is readable by all.

          Caveat: You will probably have to repeat this process anytime a new archetype is uploaded.

          Show
          starver Steve Tarver added a comment - Identified a work around (that I think works for 1.0.0 although I am using the 1.0.1 snapshot now). If you view the url while logged in, it produces the archetype-catalog.xml at the top of that repository. You can use this file instead of the one generated by the plugin. Eg. Log in to Nexus http://<myhost>:8081/nexus/service/local/nexus-archetype-plugin/<my-repo>/archetype-catalog.xml Now http://<myhost>:8081/nexus/content/repositories/<my-repo>/archetype-catalog.xml exists and is readable by all. Caveat: You will probably have to repeat this process anytime a new archetype is uploaded.
          Hide
          cstamas Tamás Cservenák added a comment -

          This issue is obsolete since Archetype plugin is moved to Nexus Core plugins. The REST resources – those were causing this problem – was removed, since the catalog is accessible over repository root archetype-catalog.xml generated file and "usual" access permissions applies to it.

          Show
          cstamas Tamás Cservenák added a comment - This issue is obsolete since Archetype plugin is moved to Nexus Core plugins. The REST resources – those were causing this problem – was removed, since the catalog is accessible over repository root archetype-catalog.xml generated file and "usual" access permissions applies to it.

            People

            • Assignee:
              Unassigned
              Reporter:
              bdemers Brian Demers
              Last Updated By:
              Rich Seddon
            • Votes:
              5 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Date of First Response: