Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-7945

Failed Kenai access prevents Nexus user access as well

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Not A Bug
    • Affects Version/s: 3.0.0-m3
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Environment:
      Chrome MacOSX

      Description

      While configuring NX3 Kenai, I accidentally gave the Kenai capability Anonymous access instead of Administrator access. When I went to check if it was working I could not login (same as NX2). However, when I went to fix this I also found I could not login as admin. That behavior does not occur in NX2 so filing.

      I noticed these 3 lines in the log (DEBUG level). They also occurred when I tried to login as a Kenai user but they definitely reoccur when you're trying to resign as admin. I am guessing this is the bug reason (it still thinks you're Kenai).

      2015-01-16 11:39:55,920-0500 DEBUG [qtp1715000936-124] joedragons org.sonatype.sisu.goodies.eventbus.internal.DefaultEventBus - Event 'org.sonatype.nexus.security.auth.NexusAuthorizationEvent@549dfbce' fired
      2015-01-16 11:39:55,921-0500 DEBUG [qtp1715000936-124] joedragons org.sonatype.nexus.security.filter.authc.NexusAuthenticationFilter - Request processing is rejected because user "joedragons" lacks permissions.
      2015-01-16 11:39:55,921-0500 DEBUG [esh-1-thread-6] joedragons org.sonatype.nexus.timeline.internal.DefaultTimeline - Journal cluster exists; id: 11, name: entryrecord_cluster_20150116

      This issue can be worked around by restarting browser or Nexus. Because it can be worked around by restarting browser, I am not sure if this is a real world scenario beyond setup (and almost didn't file). But I am also not sure if there would be implications other than what I found and it does not occur in NX2, I decided to go ahead.

      As far as I can tell this issue has no impact on Kenai if configured to use Administrator access (as https://docs.sonatype.com/display/Nexus/Kenai+(java.net)+Security+Realm+Testing suggests for testing). I have no knowledge of the real world configuration of maven.java.net.

      I believe Kenai capability was added in Cowbell, so there's nothing to back check in NX3 milestones.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jtom Joe Tom
              Reporter:
              jtom Joe Tom
              Last Updated By:
              Peter Lynch Peter Lynch
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  tigCommentSecurity.panel-title