Handle JIRA authentication failure

Mike, I'm a bit confused.

Are you concerned about the case where the issueManagement/url is configured to a private (one that needs username/password) JIRA instance and the developer has forgotten to configure jiraUser/jiraPassword in the plugin configuration? Then we just need a better handling of the response status code 500.

Trying this a bit revealed that the same exception is thrown if jiraUser/jiraPassword is configured but are not valid to login. We need to check the response status code there as well.

Exactly. We do not want to use the JIRA report but have not configured our reportSets to exclude the report. So we get an exception every time it runs. I would rather this just be a warning complaining about insufficient configuration.

It would be nice if you could document a best practice to configure the jiraPassword without hard coding it (e.g. through properties and profiles?) in the POM.

Mike, I have tried to reproduce your problem, using the attached test project, but could not. Could you please be more specific how to reproduce it?

Making some progress on this, but got stuck. What is the best way to know whether we need to use authentication or not?

The only solution I can think of is to try to access the JIRA instance without username/password first. If we get a status 500 back then we probably need to authenticate, otherwise we don't.

Any thoughts on this?

Dennis, that's the crux of my issue. There's no way you can know. You just need to check the recv'd content for a 500 error and key phrases like "Please log in". If you see that, don't throw an exception but just print a configuration warning to the console and generate an report summarizing the problem.

Mike, are you sure about the 500 error? If so, then Jira behaves very unfortunate, as 500 is "Internal Server Error", which is more than unusual for authentication requests. Besides, please note that I could not find any problems with http://jira.webifysolutions.com/ as a Jira server. (See the attached test project.)

Same as Jochen....

Things are working (fine?) here, the requested URL returning a XML document without any JIRA entries.

When did you get a 500 reply?

I think the plugin is unable to determine the project ID automatically because it gets a "Please log in" response to its request for the project home page and so the IssueNavigator GET fails due to a null pid parameter. Make more sense?

[INFO] Generate "Jira Report" report.
log4j:WARN No appenders could be found for logger (org.apache.commons.httpclient.HttpClient).
log4j:WARN Please initialize the log4j system properly.
[INFO] JIRA lives at: http://jira.webifysolutions.com
[INFO] JIRA URL http://jira.webifysolutions.com/browse/WR doesn't include a pid, trying to get it
[INFO] Successfully reached JIRA.
[ERROR] Unable to get JIRA pid using the url http://jira.webifysolutions.com/browse/WR
[INFO] Downloading http://jira.webifysolutions.com/secure/IssueNavigator.jspa?view=rss&pid=null&sort
er/field=created&sorter/order=DESC&sorter/field=priority&sorter/order=DESC&tempMax=100&reset=true&de
corator=none
[WARNING] Received: [500]
org.xml.sax.SAXParseException: Expected "</link>" to terminate element starting on line 9.
at org.apache.crimson.parser.Parser2.fatal(Parser2.java:3376)
at org.apache.crimson.parser.Parser2.fatal(Parser2.java:3370)
at org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1697)
at org.apache.crimson.parser.Parser2.content(Parser2.java:1963)
at org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1691)
at org.apache.crimson.parser.Parser2.content(Parser2.java:1963)
at org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1691)
at org.apache.crimson.parser.Parser2.parseInternal(Parser2.java:667)
at org.apache.crimson.parser.Parser2.parse(Parser2.java:337)
at org.apache.crimson.parser.XMLReaderImpl.parse(XMLReaderImpl.java:448)
at javax.xml.parsers.SAXParser.parse(SAXParser.java:345)
at javax.xml.parsers.SAXParser.parse(SAXParser.java:281)
at org.apache.maven.plugin.jira.JiraXML.<init>(JiraXML.java:56)
at org.apache.maven.plugin.jira.JiraReportGenerator.<init>(JiraReportGenerator.java:40)
at org.apache.maven.plugin.jira.JiraMojo.executeReport(JiraMojo.java:188)

I've committed a couple of changes to the plugin that will help this issue. It's not finished yet, but were on the way. I'd appreciate if someone could give it a try and give me some feedback on the log messages that are output.

The thing that's left to do is to tell the plugin not to generate a report. But this is way past the time when canGenerateReport() is called. How can this be done? I'm getting an NPE in org.apache.maven.tools.plugin.generator.PluginXdocGenerator.execute because there is no report to generate.

Dennis, can you just generate a report that basically says "Authentication error generating report"? The alternative is to move the server communication into canGenerateReport and just cache the results until you actually generate the report. I have no problem with the former as I recognize my case is somewhat of an edge case.

It turns out that my test project was busted in other respects. After fixing that I now get a pretty "empty" report that says that an error occurred and directing to the console for more info.