Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-6728

staging build tools zapper client does not use pre-emptive auth ( unlike Jersey based client )

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.9
    • Fix Version/s: 2.10
    • Component/s: Build Tooling, Staging
    • Labels:
      None
    • Sprint:
      Sprint 25

      Description

      The staging ant tasks 1.6.1 use two http client implementations for historical reasons.

      The one based on our main client is our Jersey based client which uses preemptive auth by default.

      https://github.com/sonatype/nexus-oss/blob/nexus-2.8.x/components/nexus-client-core/src/main/java/org/sonatype/nexus/client/rest/jersey/NexusClientFactoryImpl.java#L248-248

      The other one, which does not do pre-emptive auth, is based on a small utility called "Zapper".

      The Zapper based client is not doing pre-emptive auth.

      https://github.com/sonatype/spice-zapper/blob/master/src/main/java/org/sonatype/spice/zapper/client/hc4/Hc4ClientBuilder.java#L54

      Zapper:

      PUT /nexus/service/local/staging/deployByRepositoryId/stage-1016/org/sonatype/nexus/example/zen-5664/1.0.0/zen-5664-1.0.0.pom HTTP/1.1
      X-Zapper-Transfer-ID    ab839b01-cf77-4c68-99b0-d084183570af
      X-Zapper-Track-ID   T2
      Content-Length  4769
      Host    localhost:8081
      User-Agent  Zapper/1.0-HC4
      Regular nexus jersey based client sends pre-auth
      

      Jersey:

      POST /nexus/service/local/staging/profiles/137b534d1a150f0c/start HTTP/1.1
      Content-Type    application/xml; charset=UTF-8
      Accept  application/xml; charset=UTF-8
      Content-Length  107
      Host    localhost:8081
      User-Agent  Nexus-Client/2.7.0-02
      Cookie  JSESSIONID=3a0bf084-1da1-40b6-a3f5-2dfd26c8bfff
      Cookie2 $Version=1
      Authorization   Basic YWRtaW46YWRtaW4xMjM=
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              plynch Peter Lynch
              Reporter:
              plynch Peter Lynch
              Last Updated By:
              Peter Lynch
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title