Bug 1037556

Summary: Workbench Maven repository is inaccessible from external clients
Product: [Retired] JBoss BRMS Platform 6 Reporter: manstis
Component: Business CentralAssignee: Alexandre Porcelli <porcelli>
Status: CLOSED CURRENTRELEASE QA Contact: Marek Winkler <mwinkler>
Severity: high Docs Contact:
Priority: high    
Version: 6.0.0CC: djorm, etirelli, mwinkler, rawin2
Target Milestone: ER6   
Target Release: 6.0.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-08-06 20:19:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description manstis 2013-12-03 11:24:32 UTC 
Description of problem:

You cannot use the Workbench's Maven Repository from external clients.

Version-Release number of selected component (if applicable):

6.0.x

Steps to Reproduce:
1. Launch the workbench and build "mortgages" example
2. Delete mortgages/mortgages/0.0.1 from your local .m2 (this ensures it only resides in the Workbench's Maven Repository)
3. Create a new dummy maven project
4. Add a <repository> entry to the pom for the Workbench Maven Repository
5. Add a dependency for mortgages:mortgages:0.0.1
6. Build dummy project from CLI
7. You'll get an authorization exception
8. Try adding credentials to Maven's setting.xml
9. Repeat step 6.. you still get the exception

Actual results:

See step 7 above.

Expected results:

The Workbench's Maven Repository should be accessible; either publicly - without need for authentication - or with authentication specified in setting.xml

Additional info:

If you add an exclusion to url_filter.yaml for /maven2/** authentication for the Workbench's Maven Repository is removed and artifacts deployed to it become accessible.
Comment 4 Edson Tirelli 2013-12-03 14:13:23 UTC 
Michael, we need to secure the repo as per ticket 996393.
Comment 5 David Jorm 2013-12-04 03:44:13 UTC 
(In reply to Edson Tirelli from comment #4)
> Michael, we need to secure the repo as per ticket 996393.

+1, we should apply authentication to the repo with no default credentials.
Comment 6 Alexandre Porcelli 2013-12-06 21:03:55 UTC 
All you need is configure your settings.xml with http preemptive set to true. Here an example for users of maven 3.1.1


<server>
	<id>my-kie-wb-server</id>
	<username>user</username>
	<password>password</password>
	<configuration>
		<wagonProvider>httpclient</wagonProvider>
		<httpConfiguration>
			<all>
				<usePreemptive>true</usePreemptive>
			</all>
		</httpConfiguration>
	</configuration>
</server>
Comment 7 Marek Winkler 2014-01-10 13:30:07 UTC 
Verified on BRMS 6.0.0 ER7. 

The Workbench repository is accessible to maven, KIE-CI is unable to access it, but it seems to be a problem on KIE-CI side.
Comment 8 rawin2 2014-10-24 16:06:36 UTC 
the 6.0.1.Final version of kie-ci doesn't have the auth function implemented. From the version 6.1.beta3 onwards it works just fine.