Missing repository credentials for Maven (Nexus) publish

I have a corporate plugin project that does various things including programmatically configuring the maven-publish plugin for our in-house Nexus instance. For the most part this seems to work ok. However, during the build (during task execution - in a custom task that runs long before any of the publish tasks), I read credentials from project properties and then set these on the credentials object for the repository (the repository itself is preconfigured with an empty credentials object). This also seems to work ok - if I log the value of repo.credentials.username and repo.credentials.password after this step, it prints the expected values. However, when the actual push (HTTP PUT) to Nexus occurs, I get a 401 (unauthorized) error:

13:13:57.193 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] sun.net.www.MessageHeader@6c2a7c736 pairs: {PUT /content/repositories/releases/xxxxx/yyyyy/zzzzz/aaaaa/0.3.0-dev.19+2a18e37/aaaaa-0.3.0-dev.19+2a18e37.jar HTTP/1.1: null}{User-Agent: maven-artifact/3.0.4 (Java 1.8.0; Mac OS X 10.9.3)}{Host: nexus.xxxxx.com}{Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2}{Connection: keep-alive}{Content-Length: 954}
13:13:57.225 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] sun.net.www.MessageHeader@3ade99bb6 pairs: {null: HTTP/1.1 401 Unauthorized}{Date: Mon, 23 Jun 2014 03:13:56 GMT}{Set-Cookie: rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Sun, 22-Jun-2014 03:13:56 GMT}{WWW-Authenticate: BASIC realm="Sonatype Nexus Repository Manager"}{Connection: close}{Server: Jetty(8.1.11.v20130520)}

As you can see from the build log above, it doesn’t look like the repository credentials are even being sent with the HTTP PUT, which would explain the 401 response.

My questions are:

  1. Is it valid to programmatically re-configure the fields on the publishing extension’s repository.credentials object(s) before any of the publish tasks are executed (but after the publish plugin has been configured via apply())? Are they allowed to be reconfigured this way? (FYI, I am also reconfiguring artifact versions via the publications, and this works fine by following the ‘lazy’ approach described by the Netflix guys in the Nebula publishing plugin)

  2. Is there some way to debug what the maven-publish plugin is doing during the build? I know how to configure a Gradle project to enable debugging, but it doesn’t seem quite that simple if the code I want to debug is core Gradle code. I know how to debug my own tasks, tests etc, but how do I debug Gradle itself during the build?


Small correction to the above:

I’m actually doing the setting of the credentials on the repository during the plugin apply() stage, not during task execution.