Archiva requires DNS lookup on URLs for remote repositories, even with http
proxy
---------------------------------------------------------------------------------
Key: MRM-898
URL: http://jira.codehaus.org/browse/MRM-898
Project: Archiva
Issue Type: Bug
Affects Versions: 1.1
Environment: Windows 2003 Server in environment with
limited/restricted DNS, JDK 1.5, standalone Archiva started with ./bin/archiva
console, http proxy defined in Archiva
Reporter: Einar Laurits Rossebo
Archiva seems to require to be able to perform DNS lookups on remote
repositories even if a http proxy is defined - which is unfortunate in
restricted network setups. MavenProxy handles this well, leaving Archiva 1.1
out as an alternative to migrate from in such environments.
At work we use MavenProxy, and that works quite ok - but we have had a wish to
migrate to Archiva for better administration GUI etc. Tested the 1.1-release
yesterday and setup was easy, but connects to remote repositories failed for
some reason when Archiva tried to retrieve artifacts. Our server uses an http
(network) proxy, which was specified in Archiva. Tried all sorts of things, and
in the end I installed Ethereal and sniffed the network card to find out what
was going on. Ethereal indicated that no http traffic was performed by Archiva
towards any server. If I understand the Ethereal output correctly, Archiva
performs a DNS lookup on remote addresses (e.g. on download.java.net or
repo1.maven.org) prior to any http traffic. As the DNS lookup is rejected by
the (internal) DNS used by the server (it has access to a limited DNS for
security reasons etc), the rejection fails the communication with the remote
repository.
Is it necessary for Archiva to perform DNS lookup on addresses which will be
proxied by an http network proxy? Perhaps I am a bit confused there, but if a
network proxy is specified - could it not also leave the DNS lookup to the
network proxy for the external addresses? It seems quite unnecessary for
Archiva to perform it in that scenario, and this may make Archiva unsuitable to
some network setups/environments (like ours). MavenProxy does not perform any
DNS lookup on the remote repository when a proxy is defined (checked with
ethereal) - it just fires away the http request to the network proxy defined
and leaves it up to that to perform further lookups.
I may be wrong here, so this issue should probably be verified by someone - but
it should be quite easy to test. (Install Archiva, specify http proxy, install
and start a network sniffer/ethereal, run a request for an artifact in a remote
repository and verify that archiva performs a DNS lookup prior to any http
requests to the proxy).
Solving this would make it easier for environments with restricted network
setups and http proxies like us to migrate from mavenproxy to archiva. Perhaps
this is already fixed in the fixes for 1.1.1 by Brett? As a temporary
workaround for affected environment it would perhaps be possible to add
hosts-file entries with ips of all the remote repositories etc. on Windows to
make Archiva work, but...
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
