archiva-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Barrie Treloar" <baerr...@gmail.com>
Subject Re: Proxy vs. Repository URLs
Date Mon, 27 Nov 2006 21:41:06 GMT
> One future feature for archiva is to manage the pom internal
> repositories to point to itself.
> In other words, if archiva is told to proxy central, and a pom gets
> pulled down pointing to a new repository of say ...
> <repository>
>   <id>sf.net</id>
>   <url>http://projfoo.sourceforge.net/maven2/</url>
> </repository>
>
> then archiva should replace that entry with itself so that the requests
> at the maven client continue to hit the corporate repository.
>
> We need to have a more sane / verbose id field, as that is what is used
> in maven client for log messages and the like.
> But having a more verbose id field for the url make no sense.  hence the
> split.

This is a great example of why id or name is of no value.

Consider another project:
<repository>
  <id>sf.net</id>
  <url>http://another_project.sourceforge.net/maven2/</url>
</repository>

Since there can be no enforcement of the content of id/name it is too
easy to get shadowed.  It is impossible to shadow the url.

The other problem is displaying information messages that include the id.
Since a repository can be defined in ANY pom in the transitive
dependency list there is no easy way for the user to find out what the
definition of "sf.net" actually points to.

This only affects people with firewalls, as it does me, because I need
to put in a security request to get the url of "sf.net" opened up as
an unauthenticated proxy.  At least until either maven or archive can
support NTLM authentication (or I convince people here to ditch NTLM
and use LDAP).

Yes the information messages will be longer by pointing to URLs but it
may be better from a useability point of view.

Mime
View raw message