Solutions
ForgeRock Identity Platform
Does not apply to Identity Cloud

Blocked mirror for repositories error when building from source using Maven 3.8.1 or later

Last updated Jan 11, 2023

The purpose of this article is to provide assistance if you encounter "Blocked mirror for repositories" errors when building from source using Apache Maven™ 3.8.1 or later. This affects any source relating to pre-7.1 releases of ForgeRock products.


3 readers recommend this article

Symptoms

An error similar to one of the following is shown when the build fails:

[ERROR] Some problems were encountered while processing the POMs: [ERROR] Non-resolvable import POM: Could not transfer artifact org.glassfish.grizzly:grizzly-bom:pom:2.3.36-forgerock-0 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [forgerock-private-releases (http://maven.forgerock.org/artifactory/private-releases, default, releases),forgerock-internal-releases (http://maven.forgerock.org/artifactory/internal-releases, default, releases), forgerock-internal-snapshots (http://maven.forgerock.org/artifactory/internal-snapshots, default, snapshots), forgerock-third-party (http://maven.forgerock.org/artifactory/forgerock-third-party-virtual, default, releases)] @ org.forgerock.commons:commons-bom:24.0.44, /Users/jdoe/.m2/repository/org/forgerock/commons/commons-bom/24.0.44/commons-bom-24.0.44.pom, line 318, column 25

[ERROR] Failed to execute goal on project openam-core: Could not resolve dependencies for project org.forgerock.am:openam-core:jar:6.5.4: Failed to collect dependencies at org.forgerock.opendj:opendj-server:jar:6.5.5 -> com.sleepycat:je:jar:7.5.11: Failed to read artifact descriptor for com.sleepycat:je:jar:7.5.11: Could not transfer artifact com.sleepycat:je:pom:7.5.11 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [oracle-repository (http://download.oracle.com/maven, default, releases)] -> [Help 1]

Recent Changes

Upgraded Maven to 3.8.1 or later.

Causes

Maven 3.8.1 removes support for accessing Maven repositories over HTTP for security reasons. See Maven Release Notes - CVE-2021-26291 for further information.

Pre-7.1 releases in the ForgeRock Maven repositories use HTTP, which means they won't build using Maven 3.8.1 or later. However, ForgeRock redirects all HTTP requests for Maven repositories to HTTPS, which allows mirror repositories to be safely used.

Solution

This issue can be resolved by adding mirror repositories (using mirrorOf) to the ~/.m2/settings.xml file to redirect the mirrors referenced in the Maven error to HTTPS. You will also need to add corresponding server entries for the new mirror repositories.

The following example adds the most commonly needed mirrors; however, you may need additional mirrors depending on what you are building. Check what mirrors are referenced in the Maven error, and add any additional mirror repositories and server entries needed to allow you to build successfully.

Example

  1. Add a new mirrors section with the following mirrors to your settings.xml file; you should place this after the servers section:</servers> <mirrors>    <mirror>         <id>forgerock-private-releases-mirror</id>         <name>ForgeRock Private Releases Repository mirror</name>         <url>https://maven.forgerock.org/artifactory/private-releases</url>         <mirrorOf>forgerock-private-releases</mirrorOf>     </mirror>     <mirror>         <id>forgerock-internal-releases-mirror</id>         <name>ForgeRock Internal Releases Repository mirror</name>         <url>https://maven.forgerock.org/artifactory/internal-releases</url>         <mirrorOf>forgerock-internal-releases</mirrorOf>     </mirror>     <mirror>         <id>forgerock-internal-snapshots-mirror</id>         <name>ForgeRock Internal Snapshots Repository mirror</name>         <url>https://maven.forgerock.org/artifactory/internal-snapshots</url>         <mirrorOf>forgerock-internal-snapshots</mirrorOf>     </mirror>     <mirror>         <id>forgerock-third-party-mirror</id>         <name>ForgeRock Third Party Repository mirror</name>         <url>https://maven.forgerock.org/artifactory/forgerock-third-party-virtual</url>         <mirrorOf>forgerock-third-party</mirrorOf>   </mirror>       <mirror>           <id>oracle-repository-mirror</id>           <name>Oracle Repository mirror</name>           <url>https://download.oracle.com/maven</url>           <mirrorOf>oracle-repository</mirrorOf>       </mirror> </mirrors>
  2. Add the following server entries to the existing servers section in your settings.xml file for these new ids (replacing the username/password fields with your username and encrypted password strings from the settings.xml file):<servers> ...    <server>         <username>xxxx</username>         <password>xxxx</password>         <id>forgerock-private-releases-mirror</id>     </server>     <server>         <username>xxxx</username>         <password>xxxx</password>         <id>forgerock-internal-releases-mirror</id>     </server>     <server>         <username>xxxx</username>         <password>xxxx</password>         <id>forgerock-internal-snapshots-mirror</id>     </server>     <server>         <username>xxxx</username>         <password>xxxx</password>         <id>forgerock-third-party-mirror</id>     </server>     <server>         <username>xxxx</username>         <password>xxxx</password>         <id>oracle-repository</id>     </server> </servers>

See Also

How do I access the ForgeRock protected Maven repositories?

Source code in ForgeRock products

Related Training

N/A

Related Issue Tracker IDs

N/A


Copyright and Trademarks Copyright © 2023 ForgeRock, all rights reserved.