[ https://issues.apache.org/jira/browse/MRM-1845?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Stockhammer closed MRM-1845. ----------------------------------- Resolution: Workaround Closing, because workaround available. > Virtual repository not accessible behind https reverse proxy > ------------------------------------------------------------ > > Key: MRM-1845 > URL: https://issues.apache.org/jira/browse/MRM-1845 > Project: Archiva > Issue Type: Bug > Components: repository interface > Affects Versions: 1.4-M4, 2.0.1 > Environment: Archiva in intranet company, accessed from internet with > a https reverse proxy > Reporter: Alix Lourme > Priority: Major > > +Context+ : > * Company with multiple repositories (internet/proxied ... snapshot/release) > => a virtual repository is configured to provide central access. > * No credentials configured to access to Archiva (except admin). > * This _virtual_ repository is used from internet (suppliers, personal dev, > etc) in *https*, a IT reverse proxy bind https internet url to intranet > Archiva url. > +Use case+ : > || Url || Result || > | > http://repository.company-intranet.com/repository/company-releases/groupId/artifactId > | works | > | > http://repository.company-intranet.com/repository/virtual/groupId/artifactId > | works | > | > https://repository.company-internet.com/repository/company-releases/groupId/artifactId > | works (with proxy credentials ... browser or maven) | > | > https://repository.company-internet.com/repository/virtual/groupId/artifactId > | *don't works : HTTP 401* | > _Virtual_ respository from https wan't credentials, with domain : *Repository > Archiva Managed virtual Repository* (Powered by _Jetty_). > After some tests and http call analysis, _virtual_ repository has > inconvenience with the header : > {code} > Authorization: Basic Zm9vOm5pY2VUcnkh > {code} > This header is filled by reverse proxy. > _virtual_ repository has no reason to have a different security strategy > compared to _classic_ repository => whence this bug. > ---- > +Workaround+ : If an Apache is in front of Archiva, you could cancel this > problem with this configuration rule in _VirtualHost_ context (prerequisite : > _headers_module_): > {code} > RequestHeader unset Authorization > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)