Return-Path: Delivered-To: apmail-archiva-users-archive@www.apache.org Received: (qmail 32078 invoked from network); 7 Sep 2008 02:59:05 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 7 Sep 2008 02:59:05 -0000 Received: (qmail 79535 invoked by uid 500); 7 Sep 2008 02:59:03 -0000 Delivered-To: apmail-archiva-users-archive@archiva.apache.org Received: (qmail 79492 invoked by uid 500); 7 Sep 2008 02:59:02 -0000 Mailing-List: contact users-help@archiva.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@archiva.apache.org Delivered-To: mailing list users@archiva.apache.org Received: (qmail 79481 invoked by uid 99); 7 Sep 2008 02:59:02 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 06 Sep 2008 19:59:02 -0700 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of brett.porter@gmail.com designates 209.85.142.188 as permitted sender) Received: from [209.85.142.188] (HELO ti-out-0910.google.com) (209.85.142.188) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 07 Sep 2008 02:58:02 +0000 Received: by ti-out-0910.google.com with SMTP id w7so643248tib.13 for ; Sat, 06 Sep 2008 19:58:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type:references; bh=Jns/TtiXirX2LHQwFQmL3WChGpe4VHfkVje8CHM6JyQ=; b=Pqv6xwe3L4U3u+9R/SNU+/p3aDCDWYqtr9LxHsItImylC2O+1ByFhTEkgYpnZRNECX 33xEToaqioCKfCns32Xqibk0J1IdHVq4GI596ldOUU18/hO474sXnFY8bVbCXWP6hk9J oeajx63OIPZP/dJ3iBf0Fyjo3GPUu1fsPpeyo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=V9PlXaQsAO3Hlu29/dTV2a3QW+33Jl09oyJ0fKDQj0gWMiqdGeUGtiNjoNX0tdkk3D NkOV1lwGX3WkSLYc/6AWgEDK94Rl4ycaYwLYQSNoxDT/o193HN2jFyaS//UkoXVJ20wk TIzOevL0iBJuVSMw72YGU4qXOnogJqUxym6RQ= Received: by 10.110.90.9 with SMTP id n9mr17663552tib.22.1220756295022; Sat, 06 Sep 2008 19:58:15 -0700 (PDT) Received: by 10.110.86.15 with HTTP; Sat, 6 Sep 2008 19:58:14 -0700 (PDT) Message-ID: <9e3862d80809061958t5eab7fdbm48e7a50eaac37b64@mail.gmail.com> Date: Sun, 7 Sep 2008 12:58:14 +1000 From: "Brett Porter" To: users@archiva.apache.org Subject: Re: How does archiva determine if a remote file exists In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_113766_16798374.1220756295012" References: <9e3862d80809051816i2e4a8761k352d5f9f2096ceda@mail.gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_113766_16798374.1220756295012 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline 2008/9/6 EJ Ciramella > That's a pretty big assumption on the part of archiva, no? That 200 means OK? I don't think it's such a leap :) > > > Most corporate env's will be blocking various sites, potentially some > sub directories of some well known opensource sf. > > It's a shame there isn't some kina validation (is this a valid xml file > or is this a valid pom or zip/jar/war/etc). That's what the checksums are there for if enabled - and far more reliable than guessing a mime-type from the extension. Cheers, Brett > > > > > -----Original Message----- > From: Brett Porter [mailto:brett.porter@gmail.com] > Sent: Friday, September 05, 2008 9:17 PM > To: users@archiva.apache.org > Subject: Re: How does archiva determin if a remote file exists > > That's correct, Archiva will assume if it gets HTTP 200 trying to proxy > a > file that it was valid. > If you change the proxy connector to fail if checksums don't match, this > problem won't occur. I'd highly recommend this setting in an environment > such as yours (or ensure the filter blocks with a more appropriate code > like > 403). > > Cheers, > Brett > > 2008/9/6 Michael Delaney > > > All, > > > > > > > > How does Archiva determine if a remote file (say something housed on > > repo1.maven.org/maven2, for example) is valid? Does it determine this > by > > the HTTP return code (404 versus 200)? > > > > > > > > The reason I ask is that I have seen a very odd behavior. We have a > > goal that attempts to download an artifact from our Archiva server. > This > > artifact doesn't exist, it's an optional dependency, but during one of > > our maven goals, it appears our network filter went a-wall and blocked > > people.apache.org (which is set up on our Archiva server as a remote > > repository). So instead of getting a 404 error code when trying to > > access a file off of people.apache.org, it received a web page (from > our > > filter) stating the site was blocked. This web page appears to have > been > > downloaded as a pom.xml file and the artifact in question. > > > > > > > > Mike Delaney. > > > > > > > -- > Brett Porter > Blog: http://blogs.exist.com/bporter/ > -- Brett Porter Blog: http://blogs.exist.com/bporter/ ------=_Part_113766_16798374.1220756295012--