Yes, thats the right place to configure it. redback properties have been moved to archiva.xml Inside the <redbackRuntimeConfiguration> <configurationProperties> ... </configurationProperties> </redbackRuntimeConfiguration> Element.
This section is also changed, when you change the Redback Runtime properties by the WebUI: http://archiva.apache.org/docs/2.2.3/adminguide/redback-runtime-configuration.html#Runtime_properties But in this case editing via WebUI only works, if you have a browser behind the reverse proxy. So you may want to edit the archiva.xml manually In your case this should be: <redbackRuntimeConfiguration> ... <configurationProperties> ... <rest> <csrffilter> <enabled>false</enabled> <disableTokenValidation>false</disableTokenValidation> <absentorigin> <deny>true</deny> </absentorigin> </csrffilter> <baseUrl>http://dev.server.com:99999</baseUrl> </rest> ... </configurationProperties> ... </redbackRuntimeConfiguration> Info about configuration files can be found at: http://archiva.apache.org/docs/2.2.3/adminguide/configuration-files.html Greetings Martin Am Mittwoch, 31. Mai 2017, 21:41:02 CEST schrieb Niranjan Babu Bommu: > I had same problem when I upgarded archiva, issue was fixed by adding > rest.baseUrl in archiva.xml and restart archiva > > <https://archiva-repository.apache.org/> > rest.baseUrl=.https://dev.server.com/archiva > > > On Wed, May 31, 2017 at 2:35 PM, Adam Brin <ab...@digitalantiquity.org> > > wrote: > > Hi, > > > > We proxy our archiva install behind nginx such that > > > > https://dev.server.com/archiva/ —> http://localhost:99999/ . I’ve been > > trying to read the documentation on how to update, but I’m afraid, I’m a > > bit lost. A few questions: > > > > Where is the redback config stored, is it in apps/archiva/WEB-INF/classes/ > > org/apache/archiva/redback-security.properties ? If so, can this be > > added to the doc, and also, moved into the conf/ directory? If not, where > > is it? > > when I start archiva and go to the URL, I get the following warning… > > Referer Header does not match: refererUrl=https://dev.server.com/archiva/, > > targetUrl=http://dev.tdar.org. Matches: Host=true, Port=false . But, I > > don’t see how to fix the port issue according to the doc ( > > http://archiva.apache.org/redback/configuration.html# > > REST_security_settings). > > > > help? > > > > thanks