Blocked mirror for repositories error when building from source using Maven 3.8.1 or later
The purpose of this article is to provide assistance if you encounter "Blocked mirror for repositories" errors when building from source using Apache Maven™ 3.8.1 or later. This affects any source relating to pre-7.1 releases of ForgeRock products.
3 readers recommend this article
Symptoms
An error similar to one of the following is shown when the build fails:
[ERROR] Some problems were encountered while processing the POMs: [ERROR] Non-resolvable import POM: Could not transfer artifact org.glassfish.grizzly:grizzly-bom:pom:2.3.36-forgerock-0 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [forgerock-private-releases (http://maven.forgerock.org/artifactory/private-releases, default, releases),forgerock-internal-releases (http://maven.forgerock.org/artifactory/internal-releases, default, releases), forgerock-internal-snapshots (http://maven.forgerock.org/artifactory/internal-snapshots, default, snapshots), forgerock-third-party (http://maven.forgerock.org/artifactory/forgerock-third-party-virtual, default, releases)] @ org.forgerock.commons:commons-bom:24.0.44, /Users/jdoe/.m2/repository/org/forgerock/commons/commons-bom/24.0.44/commons-bom-24.0.44.pom, line 318, column 25[ERROR] Failed to execute goal on project openam-core: Could not resolve dependencies for project org.forgerock.am:openam-core:jar:6.5.4: Failed to collect dependencies at org.forgerock.opendj:opendj-server:jar:6.5.5 -> com.sleepycat:je:jar:7.5.11: Failed to read artifact descriptor for com.sleepycat:je:jar:7.5.11: Could not transfer artifact com.sleepycat:je:pom:7.5.11 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [oracle-repository (http://download.oracle.com/maven, default, releases)] -> [Help 1]
Recent Changes
Upgraded Maven to 3.8.1 or later.
Causes
Maven 3.8.1 removes support for accessing Maven repositories over HTTP for security reasons. See Maven Release Notes - CVE-2021-26291 for further information.
Pre-7.1 releases in the ForgeRock Maven repositories use HTTP, which means they won't build using Maven 3.8.1 or later. However, ForgeRock redirects all HTTP requests for Maven repositories to HTTPS, which allows mirror repositories to be safely used.
Solution
This issue can be resolved by adding mirror repositories (using mirrorOf) to the ~/.m2/settings.xml file to redirect the mirrors referenced in the Maven error to HTTPS. You will also need to add corresponding server entries for the new mirror repositories.
The following example adds the most commonly needed mirrors; however, you may need additional mirrors depending on what you are building. Check what mirrors are referenced in the Maven error, and add any additional mirror repositories and server entries needed to allow you to build successfully.
Example
- Add a new
mirrors
section with the following mirrors to your settings.xml file; you should place this after theservers
section:</servers> <mirrors> <mirror> <id>forgerock-private-releases-mirror</id> <name>ForgeRock Private Releases Repository mirror</name> <url>https://maven.forgerock.org/artifactory/private-releases</url> <mirrorOf>forgerock-private-releases</mirrorOf> </mirror> <mirror> <id>forgerock-internal-releases-mirror</id> <name>ForgeRock Internal Releases Repository mirror</name> <url>https://maven.forgerock.org/artifactory/internal-releases</url> <mirrorOf>forgerock-internal-releases</mirrorOf> </mirror> <mirror> <id>forgerock-internal-snapshots-mirror</id> <name>ForgeRock Internal Snapshots Repository mirror</name> <url>https://maven.forgerock.org/artifactory/internal-snapshots</url> <mirrorOf>forgerock-internal-snapshots</mirrorOf> </mirror> <mirror> <id>forgerock-third-party-mirror</id> <name>ForgeRock Third Party Repository mirror</name> <url>https://maven.forgerock.org/artifactory/forgerock-third-party-virtual</url> <mirrorOf>forgerock-third-party</mirrorOf> </mirror> <mirror> <id>oracle-repository-mirror</id> <name>Oracle Repository mirror</name> <url>https://download.oracle.com/maven</url> <mirrorOf>oracle-repository</mirrorOf> </mirror> </mirrors> - Add the following server entries to the existing
servers
section in your settings.xml file for these new ids (replacing the username/password fields with your username and encrypted password strings from the settings.xml file):<servers> ... <server> <username>xxxx</username> <password>xxxx</password> <id>forgerock-private-releases-mirror</id> </server> <server> <username>xxxx</username> <password>xxxx</password> <id>forgerock-internal-releases-mirror</id> </server> <server> <username>xxxx</username> <password>xxxx</password> <id>forgerock-internal-snapshots-mirror</id> </server> <server> <username>xxxx</username> <password>xxxx</password> <id>forgerock-third-party-mirror</id> </server> <server> <username>xxxx</username> <password>xxxx</password> <id>oracle-repository</id> </server> </servers>
See Also
How do I access the ForgeRock protected Maven repositories?
Source code in ForgeRock products
Related Training
N/A
Related Issue Tracker IDs
N/A