Solutions
ForgeRock Identity Platform
Does not apply to Identity Cloud

Blocked mirror for repositories error when building from source using Maven 3.8.1 or later

Last updated Jun 7, 2021

The purpose of this article is to provide assistance if you encounter "Blocked mirror for repositories" errors when building from source using Apache Maven™ 3.8.1 or later.


Symptoms

An error similar to the following is shown when the build fails:

[ERROR] Some problems were encountered while processing the POMs: [ERROR] Non-resolvable import POM: Could not transfer artifact org.glassfish.grizzly:grizzly-bom:pom:2.3.36-forgerock-0 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [forgerock-internal-releases (http://maven.forgerock.org/repo/internal-releases, default, releases), forgerock-internal-snapshots (http://maven.forgerock.org/repo/internal-snapshots, default, snapshots)] @ org.forgerock.commons:commons-bom:24.0.44, /Users/jdoe/.m2/repository/org/forgerock/commons/commons-bom/24.0.44/commons-bom-24.0.44.pom, line 318, column 25

Recent Changes

Upgraded Maven to 3.8.1 or later.

Causes

Maven 3.8.1 removes support for accessing Maven repositories over HTTP for security reasons. See Maven Release Notes - CVE-2021-26291 for further information.

Pre-7.1 releases in the ForgeRock Maven repositories use HTTP, which means they won't build using Maven 3.8.1 or later. However, ForgeRock redirects all HTTP requests for Maven repositories to HTTPS, which allows mirror repositories to be safely used.

Solution

This issue can be resolved by adding mirror repositories (using mirrorOf) to the ~/.m2/settings.xml file to redirect the mirrors referenced in the Maven error to HTTPS. You will also need to add corresponding server entries for the new mirror repositories.

The following example adds the most commonly needed mirrors, however, you may need additional mirrors (for example, forgerock-third-party) depending on what you are building. Check what mirrors are referenced in the Maven error, and add any additional mirror repositories and server entries needed to allow you to build successfully.

Example

  1. Add the following mirrors to your settings.xml file:<mirrors>    <mirror>         <id>forgerock-internal-releases-mirror</id>         <name>ForgeRock Internal Releases Repository mirror</name>         <url>https://maven.forgerock.org/repo/internal-releases</url>         <mirrorOf>forgerock-internal-releases</mirrorOf>     </mirror>     <mirror>         <id>forgerock-internal-snapshots-mirror</id>         <name>ForgeRock Internal Snapshots Repository mirror</name>         <url>https://maven.forgerock.org/repo/internal-snapshots</url>         <mirrorOf>forgerock-internal-snapshots</mirrorOf>     </mirror> </mirrors>
  2. Add the following server entries to your settings.xml file for these new ids (replacing the username/password fields with your username and encrypted password strings from the settings.xml file):<server>       <username>xxxx</username>         <password>xxxx</password>         <id>forgerock-internal-releases-mirror</id>     </server>     <server>         <username>xxxx</username>         <password>xxxx</password>         <id>forgerock-internal-snapshots-mirror</id>     </server>

See Also

How do I access the ForgeRock protected Maven repositories?

Source code in ForgeRock products

Related Training

N/A

Related Issue Tracker IDs

N/A



Copyright and TrademarksCopyright © 2021 ForgeRock, all rights reserved.
Loading...