6

我们正在尝试切换到 gradle。一切正常,但我有一个内部存储库的问题,它只能通过驻留在 pkcs#11 令牌上的客户端证书访问。

使用 maven,我只有一个 .mavenrc 文件,如下所示:

#!/bin/bash
MAVEN_OPTS=" $MAVEN_OPTS \
        -Djava.security.debug=sunpkcs11 \
            -Djavax.net.ssl.trustStore=NONE \
            -Djavax.net.ssl.trustStoreType=pkcs11 \
            -Djavax.net.ssl.keyStore=NONE \
            -Djavax.net.ssl.keyStoreType=pkcs11 \
"

所以我在开始时将这些 java 选项放入我的 gradlew 包装脚本中:

# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS=" \
-Djava.security.debug=sunpkcs11 \
-Djavax.net.ssl.trustStore=NONE \
-Djavax.net.ssl.trustStoreType=pkcs11 \
-Djavax.net.ssl.keyStore=NONE \
-Djavax.net.ssl.keyStoreType=pkcs11 \
"

当我运行 ./gradlew build 时,我被要求输入我的令牌的 pin,但随后工件的请求失败并出现 401。在服务器上没有客户端证书到达。

$ ./gradlew --stacktrace 编译Java

:compileJava
SunPKCS11 loading /etc/opensc/opensc-java.cfg
sunpkcs11: Initializing PKCS#11 library /usr/lib/opensc-pkcs11.so
Information for provider SunPKCS11-OpenSC
[lots of debugging infos from sub pkcs11]
sunpkcs11: getting provider callback handler
sunpkcs11: getting default callback handler
[ entering PIN ]
sunpkcs11: login succeeded
sunpkcs11: user already logged in
sunpkcs11: user already logged in
sunpkcs11: user already logged in
sunpkcs11: user already logged in

FAILURE: Build failed with an exception.

* What went wrong:
Could not resolve all dependencies for configuration ':compile'.
> Could not resolve group: ....
  Required by: ...
   > Could not GET 'https://nexus/PATH...'. Received status code 401 from server: Authorization Required
   > Could not GET 'https://nexus/PATH...'. Received status code 401 from server: Authorization Required

* Try:
Run with --info or --debug option to get more log output.

* Exception is:
[...]
Caused by: org.gradle.api.UncheckedIOException: Could not GET 'https://nexus/PATH...'. Received status code 401 from server: Authorization Required
    at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.processHttpRequest(HttpResourceCollection.java:145)
    at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.initGet(HttpResourceCollection.java:121)
    at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.getResource(HttpResourceCollection.java:81)
    at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.getResource(HttpResourceCollection.java:54)
    at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.getResource(ResourceCollectionResolver.java:304)
    at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.findStaticResourceUsingPattern(ResourceCollectionResolver.java:248)
    at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.findResourceUsingPattern(ResourceCollectionResolver.java:234)
    at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.findResourceUsingPatterns(ResourceCollectionResolver.java:136)
    at org.gradle.api.internal.artifacts.repositories.MavenResolver.findIvyFileRef(MavenResolver.java:117)
    at org.apache.ivy.plugins.resolver.BasicResolver.getDependency(BasicResolver.java:223)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.DependencyResolverAdapter.getDependency(DependencyResolverAdapter.java:84)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CacheLockingModuleVersionRepository$1.create(CacheLockingModuleVersionRepository.java:53)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CacheLockingModuleVersionRepository$1.create(CacheLockingModuleVersionRepository.java:51)
    at org.gradle.cache.internal.DefaultCacheAccess.longRunningOperation(DefaultCacheAccess.java:172)
    at org.gradle.cache.internal.DefaultPersistentDirectoryStore.longRunningOperation(DefaultPersistentDirectoryStore.java:107)
    at org.gradle.api.internal.artifacts.ivyservice.DefaultCacheLockingManager.longRunningOperation(DefaultCacheLockingManager.java:57)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CacheLockingModuleVersionRepository.getDependency(CacheLockingModuleVersionRepository.java:51)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CachingModuleVersionRepository.resolveModule(CachingModuleVersionRepository.java:150)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CachingModuleVersionRepository.findModule(CachingModuleVersionRepository.java:88)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CachingModuleVersionRepository.getDependency(CachingModuleVersionRepository.java:79)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.IvyContextualiser$1.invoke(IvyContextualiser.java:44)
    at $Proxy34.getDependency(Unknown Source)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.UserResolverChain.findLatestModule(UserResolverChain.java:71)
    at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.UserResolverChain.resolve(UserResolverChain.java:52)
    ... 91 more

似乎 gradle (groovy) 支持标准的 java ssl 属性,因为它要求输入 PIN,但它没有成功。

如果我使用这样的简单 java 类运行它,一切正常:

 java URL url = new URL("...");
 InputStreamReader is = new InputStreamReader(url.openStream());
 BufferedReader in = new BufferedReader(is);
 String inputLine;
 while ((inputLine = in.readLine()) != null)
    System.out.println(inputLine);
 in.close();

像这样调用它可以正常工作:

java -Djava.security.debug=sunpkcs11 -Djavax.net.ssl.trustStore=NONE  -Djavax.net.ssl.trustStoreType=pkcs11 -Djavax.net.ssl.keyStore=NONE -Djavax.net.ssl.keyStoreType=pkcs11 jget/JGet

ssl.keyStoreType=pkcs11\"

这是我的 build.gradle

task wrapper(type: Wrapper) { gradleVersion = "1.0-milestone-9" }
apply plugin: "java"
repositories {   maven { url "https://developer/nexus/content/repositories/thirdparty" }  }
dependencies { compile "org.projectx:tools:1.0" }

有谁能够帮助我?

4

1 回答 1

0

我在http://issues.gradle.org/browse/GRADLE-2234打开了一个问题,因为它似乎是一个错误,因为里程碑 6 它适用于里程碑 5,所以如果有人需要这个功能,请使用里程碑 5 和等待修复此错误。

于 2012-04-14T09:49:17.670 回答