maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brett Porter (JIRA)" <j...@codehaus.org>
Subject [jira] Updated: (WAGON-49) Webdav wagon not robust enough when uploading to a WEBDAV repository which uses more than one security realm
Date Wed, 14 May 2008 08:04:28 GMT

     [ http://jira.codehaus.org/browse/WAGON-49?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Brett Porter updated WAGON-49:
------------------------------

    Fix Version/s: 1.x

> Webdav wagon not robust enough when uploading to a WEBDAV repository which uses more
than one security realm
> ------------------------------------------------------------------------------------------------------------
>
>                 Key: WAGON-49
>                 URL: http://jira.codehaus.org/browse/WAGON-49
>             Project: Maven Wagon
>          Issue Type: Bug
>          Components: wagon-webdav
>    Affects Versions: 1.0-alpha-6
>            Reporter: C├ędric Vidal
>             Fix For: 1.x
>
>
> As an example, let's suppose that we want to upload file "/b1/b2/artifact-1.0.jar" to
repository "http://server/p1/p2/repo". The repository requires to authenticate using realm
"Realm 1" and I have configured my login and password for the repository in my maven settings
and I know those are correct.
> The Webdav wagon will issue the following HTTP requests:
> 1 - MKCOL /p1
> 2 - MKCOL /p1/p2
> 3 - MKCOL /p1/p2/repo/
> 4 - MKCOL /p1/p2/repo/b1
> 5 - MKCOL /p1/p2/repo/b1/b2
> 6 - PUT /p1/p2/repo/b1/b2/artifact-1.0.jar
> On first request, "MKCOL /p1", the server will return a response 401 "Unauthorized access",
so the wagon will authenticate and the first request will be sent again, this time correctly.
The following requests 2 to 6 also return correctly.
> But if for example, request 1 and 2 use a different security realm "Realm 2", then the
wagon will fail to issue the first request and abort the upload with an AuthorizationException,
although the wagon is authorized to send requests 3 to 6.
> So in this situation, the wagon should ignore unauthorized access to requests 1 and 2
and carry on trying to issue request 3 to 6.
> This maven repository server side authorization configuration might be pretty rare but
it is valid and should be adressed properly by the webdav wagon.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

Mime
View raw message