Nuget API Key not working after upgrading to 3.58.1-02

[bogdankatishev]

Hello,

After upgrading from 3.49.x to 3.58.1-02, we have noticed that users are not able to create/access Nuget API Keys anymore.

This was not an issue on version 3.49.x.

I have checked this users permissions and it has nx-admin role assigned. I have also tested this like the README told me:

Note: For SSO and user tokens, it is enough to have two realms: "Local Authenticating Realm" and "Local Authorizing Realm". Other realms are not required and may lead to conflicts.

I have enabled TRACE logging for the nexus sso and this is what I get:

2023-10-03 08:43:11,112+0000 TRACE [qtp942638576-84]  redacted.user.email com.github.alanger.nexus.bootstrap.Pac4jAuthenticationListener - onFailure token: org.apache.shiro.authc.UsernamePasswordToken - redacted.user.email, rememberMe=false , exception:
org.sonatype.nexus.security.authc.NexusAuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms.  Please ensure that at least one realm can authenticate these tokens.
    at org.sonatype.nexus.security.authc.FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication(FirstSuccessfulModularRealmAuthenticator.java:99)
    at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:275)
    at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
    at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)

Can you also reproduce this issue on 3.58.1-02?

[a-langer]

No, the error does not reproduce in my container 3.58.1-02. I purposely deleted the image from local storage so it would download from the registry and checked it again:

docker compose down && docker compose up
[+] Running 3/3
 ✔ Container nexus-sso-nginx-1  Removed                                                                 0.0s 
 ✔ Container nexus-sso-nexus-1  Removed                                                                 0.0s 
 ✔ Network nexus-sso_default    Removed                                                                 0.3s 
[+] Running 21/21
 ✔ nexus 20 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                       62.8s 
   ✔ 81cea9d1a621 Already exists                                                                        0.0s 
   ✔ b99e0ea16bc1 Already exists                                                                        0.0s 
   ✔ 145a672bcf74 Already exists                                                                        0.0s 
   ✔ f78a0f487c0e Already exists                                                                        0.0s 
   ✔ 177abe4967e8 Already exists                                                                        0.0s 
   ✔ 58beb992ec5a Already exists                                                                        0.0s 
   ✔ 95aa5dd80500 Already exists                                                                        0.0s 
   ✔ 4ddb91ca28f5 Pull complete                                                                         1.0s 
   ✔ 30842ca68651 Pull complete                                                                         7.7s 
   ✔ 41bd4617d7da Pull complete                                                                         7.8s 
   ✔ 7f4127862b00 Pull complete                                                                         7.8s 
   ✔ 7852f1dd261c Pull complete                                                                         7.8s 
   ✔ cb1fdfe36397 Pull complete                                                                         7.9s 
   ✔ 447390939146 Pull complete                                                                         7.9s 
   ✔ 21abc536e22f Pull complete                                                                         8.4s 
   ✔ 530be1a704c1 Pull complete                                                                         8.9s 
   ✔ a127c341d22b Pull complete                                                                         8.9s 
   ✔ b508e12685a1 Pull complete                                                                         9.2s 
   ✔ fb8728fbb643 Pull complete                                                                         9.7s 
   ✔ f2a68cf7f04d Pull complete                                                                        60.9s 
[+] Running 3/2
 ✔ Network nexus-sso_default    Created                                                                 0.1s 
 ✔ Container nexus-sso-nexus-1  Created                                                                 0.6s 
 ✔ Container nexus-sso-nginx-1  Created                                                                 0.0s 
Attaching to nexus-sso-nexus-1, nexus-sso-nginx-1

This bug applies to the next version release-3.58.1-02...release-3.59.0-01, which we don't release until the tokens are fixed.

[bogdankatishev]

Sorry, I was entering my password instead of username :facepalm:.

My bad, closing issue. It works fine with 3.58.1