如何配置 Maven 3 以使用抢占式授权?
我已经尝试了多种方法来使其发挥作用,但尚未成功。这是我到目前为止所发现的。请注意,我已使用 Maven v3.0.3 和 v2.2.1 尝试了这些设置。
- Wagon Providers 对于 Maven 3 来说似乎已经过时了。指定 < code>
httpclient 仍然给我 LightweightHttpWagon。 - HTTP 设置指南 似乎又过时了。有一个关于抢先授权的部分,但不起作用。
- 我还发现 MNG-4792 这表明它完全损坏了。
有人真的让它发挥作用吗?
I've tried a number of ways to get this to work, but I've yet to be successful. Here's what I've found so far. Note that I've tried these settings using Maven v3.0.3 as well as v2.2.1.
- Wagon Providers just seems out of date for Maven 3. Specifying
<wagonProvider>httpclient</wagonProvider>still gives me the LightweightHttpWagon. - HTTP Settings Guide again seems out of date. There's a section on preemptive authorization, yet that doesn't work.
- I've also found MNG-4792 which indicates that it's flat out broken.
Has anyone actually gotten this to work?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
抢先授权通常被认为是一种不好的做法。仅应在收到质询时提供凭证。 AFAIK 抢先授权功能已从最新版本的 Apache HttpClient (4.x) 中删除,因为它被认为存在安全风险。
我知道,这并不是一个很好的答案。但我希望它能澄清为什么很难找到该主题的信息。
Preemptive authorisation is generally considered a bad practice. Credentials should only be supplied when a challenge is received. AFAIK the functionality for preemptive authorisation was removed from the latest version of Apache HttpClient (4.x) as it is considered a security risk.
I know, this is not much of an answer. But I hope it clears things up a bit on why it might be difficult to find information of the topic.
如果你想在 maven 3.0.3 中使用 wagon-http,你需要添加 wagon-http 构建扩展,即:
注意,你需要使用 1.0-beta-7 版本,因为与较新版本的 wagon 不兼容。
这也适用于 3.0.4。
If you want to use wagon-http with maven 3.0.3, you need to add wagon-http build extension, i.e.:
Note, you need to use exactly 1.0-beta-7 version as there is incompatibility with newer version of wagon.
This also works with 3.0.4.