Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

External NuGet feed credentials appear to be cached #2959

Closed
michaelnoonan opened this issue Nov 28, 2016 · 4 comments

Comments

@michaelnoonan
Copy link
Contributor

commented Nov 28, 2016

Split out from #2926

After investigating this will not be an easy problem to solve. At the moment it looks like the culprit is how the NuGet libraries reuse the same HttpClient instance, and we have no way to "dump the cache" and start afresh without restarting the Octopus Server.

Problem

When you update the credentials for an external NuGet feed in Octopus Server, the changes don't appear to take effect until you restart Octopus Server. This is confusing customers when they are trying to configure external NuGet feeds, or update credentials. We even have one report of a customer having problems when attempting to change the scheme of the URL from http to https.

Source: http://help.octopusdeploy.com/discussions/problems/49049-downloading-package-from-external-feed-fails-when-changing-from-http-to-https
Source: http://help.octopusdeploy.com/discussions/problems/49408-external-feed-test-doesnt-add-an-authorization-header

Steps to Reproduce

This occurs in Octopus 3.4 and 3.5, and may be reproducible in Octopus 3.3 and earlier but this is yet to be confirmed.

  1. Create an external NuGet feed to an authenticated feed, but using incorrect credentials.
  2. Test the feed and it should fail with 401 Unauthorized
  3. Fix the credentials and the test will (surprisingly) fail with 401 Unauthorized
    a. Taking a fiddler trace reveals the "old credentials" are still sent on the Authorization header even though the "new credentials" are set correctly on the HttpClient handler.
  4. Restart the Octopus Server.
  5. Try the test again and it will succeed.
    b. Taking a fiddler trace reveals the "new credentials" are now being sent in the Authorization header.

Workaround

Confirmed by http://help.octopusdeploy.com/discussions/problems/49408-external-feed-test-doesnt-add-an-authorization-header

Option 1: Get the external feed configuration perfect first-time.

Option 2: Restart the Octopus Server after making configuration changes.

  1. Configure the external feed with the correct URL and credentials
  2. Restart the Octopus Server
  3. The new credentials should take effect
@droyad

This comment has been minimized.

Copy link
Contributor

commented Nov 29, 2016

Workaround: Restart the server

@droyad

This comment has been minimized.

@octoreleasebot

This comment has been minimized.

Copy link

commented Feb 1, 2017

Release Note: Credentials are no longer cached for NuGet feeds

@lock

This comment has been minimized.

Copy link

commented Nov 25, 2018

This thread has been automatically locked since there has not been any recent activity after it was closed. If you think you've found a related issue, please contact our support team so we can triage your issue, and make sure it's handled appropriately.

@lock lock bot locked as resolved and limited conversation to collaborators Nov 25, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
4 participants
You can’t perform that action at this time.