Gradle - 公司存储库需要ssl客户端证书

时间:2012-04-08 23:00:44

标签: java ssl gradle

我们正试图切换到gradle。一切正常但我有一个内部存储库的问题,只能使用驻留在pkcs#11令牌上的客户端证书进行访问。

使用maven我只有一个像这样的.mavenrc文件:

#!/bin/bash
MAVEN_OPTS=" $MAVEN_OPTS \
        -Djava.security.debug=sunpkcs11 \
            -Djavax.net.ssl.trustStore=NONE \
            -Djavax.net.ssl.trustStoreType=pkcs11 \
            -Djavax.net.ssl.keyStore=NONE \
            -Djavax.net.ssl.keyStoreType=pkcs11 \
"

所以我在开头将这些java选项放入我的gradlew包装器脚本中:

# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS=" \
-Djava.security.debug=sunpkcs11 \
-Djavax.net.ssl.trustStore=NONE \
-Djavax.net.ssl.trustStoreType=pkcs11 \
-Djavax.net.ssl.keyStore=NONE \
-Djavax.net.ssl.keyStoreType=pkcs11 \
"

当我运行./gradlew build时,我被问到我的令牌的引脚但是然后工件的请求失败了401.在服务器上没有客户端证书到达。

$ ./gradlew --stacktrace compileJava 

:compileJava
SunPKCS11 loading /etc/opensc/opensc-java.cfg
sunpkcs11: Initializing PKCS#11 library /usr/lib/opensc-pkcs11.so
Information for provider SunPKCS11-OpenSC
[lots of debugging infos from sub pkcs11]
sunpkcs11: getting provider callback handler
sunpkcs11: getting default callback handler
[ entering PIN ]
sunpkcs11: login succeeded
sunpkcs11: user already logged in
sunpkcs11: user already logged in
sunpkcs11: user already logged in
sunpkcs11: user already logged in

FAILURE: Build failed with an exception.

* What went wrong:
Could not resolve all dependencies for configuration ':compile'.
> Could not resolve group: ....
  Required by: ...
   > Could not GET 'https://nexus/PATH...'. Received status code 401 from server: Authorization Required
   > Could not GET 'https://nexus/PATH...'. Received status code 401 from server: Authorization Required

* Try:
Run with --info or --debug option to get more log output.

* Exception is:
[...]
Caused by: org.gradle.api.UncheckedIOException: Could not GET 'https://nexus/PATH...'. Received status code 401 from server: Authorization Required
    at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.processHttpRequest(HttpResourceCollection.java:145)
    at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.initGet(HttpResourceCollection.java:121)
    at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.getResource(HttpResourceCollection.java:81)
    at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.getResource(HttpResourceCollection.java:54)
    at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.getResource(ResourceCollectionResolver.java:304)
    at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.findStaticResourceUsingPattern(ResourceCollectionResolver.java:248)
    at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.findResourceUsingPattern(ResourceCollectionResolver.java:234)
    at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.findResourceUsingPatterns(ResourceCollectionResolver.java:136)
    at org.gradle.api.internal.artifacts.repositories.MavenResolver.findIvyFileRef(MavenResolver.java:117)
    at org.apache.ivy.plugins.resolver.BasicResolver.getDependency(BasicResolver.java:223)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.DependencyResolverAdapter.getDependency(DependencyResolverAdapter.java:84)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CacheLockingModuleVersionRepository$1.create(CacheLockingModuleVersionRepository.java:53)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CacheLockingModuleVersionRepository$1.create(CacheLockingModuleVersionRepository.java:51)
    at org.gradle.cache.internal.DefaultCacheAccess.longRunningOperation(DefaultCacheAccess.java:172)
    at org.gradle.cache.internal.DefaultPersistentDirectoryStore.longRunningOperation(DefaultPersistentDirectoryStore.java:107)
    at org.gradle.api.internal.artifacts.ivyservice.DefaultCacheLockingManager.longRunningOperation(DefaultCacheLockingManager.java:57)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CacheLockingModuleVersionRepository.getDependency(CacheLockingModuleVersionRepository.java:51)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CachingModuleVersionRepository.resolveModule(CachingModuleVersionRepository.java:150)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CachingModuleVersionRepository.findModule(CachingModuleVersionRepository.java:88)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CachingModuleVersionRepository.getDependency(CachingModuleVersionRepository.java:79)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.IvyContextualiser$1.invoke(IvyContextualiser.java:44)
    at $Proxy34.getDependency(Unknown Source)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.UserResolverChain.findLatestModule(UserResolverChain.java:71)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.UserResolverChain.resolve(UserResolverChain.java:52)
    ... 91 more

似乎gradle(groovy)支持标准的java ssl属性,因为它要求输入PIN但是它不成功。

如果我使用像这样的简单java类运行它,一切正常:

 java URL url = new URL("...");
 InputStreamReader is = new InputStreamReader(url.openStream());
 BufferedReader in = new BufferedReader(is);
 String inputLine;
 while ((inputLine = in.readLine()) != null)
    System.out.println(inputLine);
 in.close();

调用它可以正常工作:

java -Djava.security.debug=sunpkcs11 -Djavax.net.ssl.trustStore=NONE  -Djavax.net.ssl.trustStoreType=pkcs11 -Djavax.net.ssl.keyStore=NONE -Djavax.net.ssl.keyStoreType=pkcs11 jget/JGet

ssl.keyStoreType = pkcs11 \     “

这是我的build.gradle 

task wrapper(type: Wrapper) { gradleVersion = "1.0-milestone-9" }
apply plugin: "java"
repositories {   maven { url "https://developer/nexus/content/repositories/thirdparty" }  }
dependencies { compile "org.projectx:tools:1.0" }

有人能帮助我吗?

1 个答案:

答案 0 :(得分:0)

我在http://issues.gradle.org/browse/GRADLE-2234打开了一个问题,因为它似乎是里程碑-6之后的错误 它适用于里程碑-5,所以如果有人需要此功能,请使用里程碑-5并等待修复此错误。

相关问题
最新问题