sbt dependency resolver with basic auth

Asked 22/7, 2012 at 20:8 Answered 7/1, 2015 at 9:22

I have nginx for my maven repository with basic authorization.

My build.sbt has:

credentials += Credentials("maven repository", "rep.com", "sbt", "password")

resolvers ++= Seq(
  "maven repository" at "http://rep.com:8080/"
)

but, sbt can't found module because sbt doesn't use basic authorization.

My nginx logs looks like:

012/07/22 20:02:21 [error] 3338#0: *14 no user/password was provided for basic authentication, client: 8.32.39.29, server: rep.com, request: "HEAD /some/cool_2.9.1/0.1-SNAPSHOT/cool_2.9.1-0.1-SNAPSHOT.pom HTTP/1.1", host: "rep.com:8080"

I don't wanna to publish artifacts through nginx. Basic auth need only for restricted access to artifacts.

How I can restrict access and working with repository in sbt?

Dupuy answered 22/7, 2012 at 20:8 Comment(2)

I've found this discussion that may help you, but IMO, it doesn't contain enough details to reproduce solution, so it would be wonderfull, if somebody will dig into it and provide detailed answer. – Thole 6/9, 2012 at 19:39

Can you elaborate on what details are missing? The reply from Harald in that thread seems straightforward to me: make sure the realm matches. The reply to that from sebastien suggests using the system propery javax.net.debug=all to find out the authentication realm. – Fyn 12/9, 2012 at 19:45

What about adding the following to your ~/.ivy2/.credentials:

realm=maven repository
host=rep.com:8080
user=username
password=password

and then use Credentials(Path.userHome / ".ivy2" / ".credentials")

you need to ensure that your realm is configured correctly: curl http://rep.com:8080 -vv 2>&1 | egrep "realm|host" (I might be mistaken, but 'host' may have to match the host header, i.e. rep.com:8080, not just rep.com).

hth

Depository answered 13/9, 2012 at 14:21 Comment(3)

You don't need to put in the .credentials file. I twas the host not lining up that was the issue. – Torras 7/1, 2015 at 12:38

This approach has now been added to the SBT docs. scala-sbt.org/0.13/docs/Publishing.html – Depository 14/1, 2015 at 8:36

The grep expression is not using the expected case use : curl rep.com:8080 -vv 2>&1 | egrep -i "realm|host" --> Result is expected to have 2 lines like this : --> Host: nexus.eu --> WWW-Authenticate: BASIC realm="Sonatype Nexus Repository Manager" – Woodbury 19/6, 2017 at 10:4

I had the same problem with an SVN repository which uses basic AUTH. This post and the one alluded to above got me the answer which I summarise below.

As alluded to above its all about getting the realm correct:

In build.sbt i set my resolver as follows:

resolvers += {
Credentials.add("<realm>", "<svnhost?", "<username>", "<password>")
Resolver.url("name", url("http://<svnhost>/<path>/"))(Resolver.ivyStylePatterns) 
}

To find the realm value which is the first param for Credentials.add, i did

curl http://<svn host> -v

and used the Basic Realm value reported in the WWW-Authenticate header:

WWW-Authenticate: Basic realm="<realm>"

Hope this helps.

Navarre answered 7/1, 2015 at 9:22 Comment(0)

Don't know if it works, but just try adding the basic auth in the URL:

resolvers ++= Seq(
  "maven repository" at "http://username:[email protected]:8080/"
)

Northing answered 22/7, 2012 at 20:21 Comment(1)

Does not seem to work for me with SBT 1.2.8 or SBT 1.3.9. – Splenectomy 14/5, 2020 at 16:45

Recommended topics

Hot tags