"401 Content access is protected by token" authentication failure while performing maven release

rsmckinney · June 17, 2024, 9:45pm

I am getting a “401 Content access is protected by token” authentication failure while performing maven release. But I did not make any changes regarding Sonatype/Nexus.

[ERROR] Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project manifold-all: Remote staging failed: Failed to deploy artifacts: Could not transfer artifact systems.manifold:manifold-tuple-rt:jar.asc:javadoc:2024.1.19 from/to ossrh (https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/systemsmanifold-1279): authentication failed for https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/systemsmanifold-1279/systems/manifold/manifold-tuple-rt/2024.1.19/manifold-tuple-rt-2024.1.19-javadoc.jar.asc, status: 401 Content access is protected by token

This is my own FOSS repo and I’m not doing anything special. I released the prior version a few days ago with no problems. And reading this it appears this “protected by token” feature can only be set in Sonatype Nexus Repository software, which I do not have or use.

Not sure how this could happen without my making changes via Sonatype/Nexus. Any ideas?
Sonatype won’t help me because I’m not a paying customer. Thanks.

kyle-stytch · June 18, 2024, 4:00pm

I’m having the exact same issue. FOSS project that can no longer be published with our existing credentials, and no way to configure User Tokens

mben-soula · June 18, 2024, 7:03pm

We’ve recently made necessary changes to our account management system that involves requiring a user token to publish. Although we attempted to reach out to all of our publishers before this change, we realize that the communication might not have reached you. Please follow the instructions on publishing via a user token in order to resolve this issue.

Please keep in mind that the user tokens generated in Central Portal cannot be used in OSSRH. Additionally, if you need to reset your OSSRH password, please follow these instructions to manage your credentials.

bitspittle · June 18, 2024, 10:06pm

I ran into this as well. The instructions from @mben-soula worked for me –

Go to https://s01.oss.sonatype.org/
Go to profile
Change the pulldown from “Summary” to “User Token”
Click on “Access User Token”

I am using Gradle in my project, so I have all my credentials stored in a private gradle.properties file. Using the username and password values from the “Access User Token” popup, I created two new entries:

ossrhToken=...
ossrhTokenPassword=...

And finally, I updated my Gradle build script, shoud look something like this:

maven {
    credentials {
        username = findProperty("ossrhToken") as String
        password = findProperty("ossrhTokenPassword") as String
    }
}

bthomas · June 19, 2024, 9:42am

Same here. Thanks for the question @rmckinley

robfletcher · June 20, 2024, 12:38am

I have an existing project that publishes to oss.sonatype.org. I’ve accessed my token, stored it in my private gradle.properties, and replaced my old username / password configuration with:

    maven {
      name = "nexus"
      url = uri("https://oss.sonatype.org/service/local/staging/deploy/maven2/")
      credentials {
        username = findProperty("ossrhToken") as String
        password = findProperty("ossrhTokenPassword") as String
      }
    }

but I still get Received status code 401 from server: Content access is protected by token. I don’t understand what I’m missing.

Do I need to start publishing via s01.oss.sonatype.org? I don’t have account credentials there and my understanding was existing projects keep using the original server.

yegor256 · June 24, 2024, 12:13pm

I’m experiencing the same problem. The token has been created, the settings.xml file has been updated, but I’m getting “401 - Unauthorized” reply from the server. What’s my next step?

zenglb · June 25, 2024, 6:41am

can you tell me more info about where to insert these code in gradle file ?

My Android studio Project implementation ‘com.vanniktech.maven.publish.base:com.vanniktech.maven.publish.base.gradle.plugin:0.25.3’

FAILURE: Build completed with 2 failures.

1: Task failed with an exception.

Where:
Build file ‘/Users/zlb/code/FaceVerification/FaceVerifyLib/build.gradle’ line: 13

cruizba · June 25, 2024, 5:08pm

Mmm I am having the same problem. But the artifacts are in the staging repository.

cruizba · June 25, 2024, 10:05pm

I was able to fix it by creating a user token

bitspittle · June 27, 2024, 11:22pm

@zenglb

You can see my relevant Sonatype publishing code here. I hope that helps.

Misc. information about the Gradle maven publishing plugin here and also here.