Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-6728

staging build tools zapper client does not use pre-emptive auth ( unlike Jersey based client )

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Minor
    • 2.10
    • 2.9
    • Build Tooling, Staging
    • None
    • Sprint 25

    Description

      The staging ant tasks 1.6.1 use two http client implementations for historical reasons.

      The one based on our main client is our Jersey based client which uses preemptive auth by default.

      https://github.com/sonatype/nexus-oss/blob/nexus-2.8.x/components/nexus-client-core/src/main/java/org/sonatype/nexus/client/rest/jersey/NexusClientFactoryImpl.java#L248-248

      The other one, which does not do pre-emptive auth, is based on a small utility called "Zapper".

      The Zapper based client is not doing pre-emptive auth.

      https://github.com/sonatype/spice-zapper/blob/master/src/main/java/org/sonatype/spice/zapper/client/hc4/Hc4ClientBuilder.java#L54

      Zapper:

      PUT /nexus/service/local/staging/deployByRepositoryId/stage-1016/org/sonatype/nexus/example/zen-5664/1.0.0/zen-5664-1.0.0.pom HTTP/1.1
X-Zapper-Transfer-ID    ab839b01-cf77-4c68-99b0-d084183570af
X-Zapper-Track-ID   T2
Content-Length  4769
Host    localhost:8081
User-Agent  Zapper/1.0-HC4
Regular nexus jersey based client sends pre-auth

      Jersey:

      POST /nexus/service/local/staging/profiles/137b534d1a150f0c/start HTTP/1.1
Content-Type    application/xml; charset=UTF-8
Accept  application/xml; charset=UTF-8
Content-Length  107
Host    localhost:8081
User-Agent  Nexus-Client/2.7.0-02
Cookie  JSESSIONID=3a0bf084-1da1-40b6-a3f5-2dfd26c8bfff
Cookie2 $Version=1
Authorization   Basic YWRtaW46YWRtaW4xMjM=

      Attachments

        Issue Links

          depends on

          Improvement - An improvement or enhancement to an existing feature or task. NEXUS-6841 Improvements to spice-zapper

          • Major - Major loss of function.
          • Closed

          Activity

            People

              plynch Peter Lynch
              plynch Peter Lynch
              Peter Lynch Peter Lynch
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                tigCommentSecurity.panel-title