archiva-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Olivier Lamy <ol...@apache.org>
Subject Re: help with upgrade -- CSRF / Redback / proxy
Date Thu, 01 Jun 2017 05:46:07 GMT
Maybe we should rewrite the configuration as it's a mix of legacy
properties xml etc...
I guess it's not really clear :-)
Maybe for 3.0.0?

On 1 June 2017 at 15:20, Martin Stockhammer <martin_s@apache.org> wrote:

> Hi,
>
> it is mentioned in the release notes. But not clear enough, I think. I
> will improve the docs.
>
> Greetings
>
> Martin
>
> Am 1. Juni 2017 05:02:14 MESZ schrieb Adam Brin <
> abrin@digitalantiquity.org>:
> >Martin,
> >Thank you, that really helped.  It might be nice to identify some of
> >this
> >in the upgrade notes for 2.2.3, I definitely missed all of this when I
> >went
> >to try and figure out what was broken.
> >
> >- adam
> >
> >On Wed, May 31, 2017 at 1:15 PM, Martin <martin_s@apache.org> wrote:
> >
> >> Yes, thats the right place to configure it.
> >>
> >> redback properties have been moved to  archiva.xml
> >> Inside the
> >> <redbackRuntimeConfiguration>
> >> <configurationProperties>
> >> ...
> >> </configurationProperties>
> >> </redbackRuntimeConfiguration>
> >> Element.
> >>
> >> This section is also changed, when you change the Redback Runtime
> >> properties
> >> by the WebUI:
> >> http://archiva.apache.org/docs/2.2.3/adminguide/redback-
> >> runtime-configuration.html#Runtime_properties
> >>
> >> But in this case editing via WebUI only works, if you have a browser
> >behind
> >> the reverse proxy. So you may want to edit the archiva.xml manually
> >>
> >> In your case this should be:
> >> <redbackRuntimeConfiguration>
> >> ...
> >> <configurationProperties>
> >> ...
> >>       <rest>
> >>         <csrffilter>
> >>           <enabled>false</enabled>
> >>           <disableTokenValidation>false</disableTokenValidation>
> >>           <absentorigin>
> >>             <deny>true</deny>
> >>           </absentorigin>
> >>         </csrffilter>
> >>         <baseUrl>http://dev.server.com:99999</baseUrl>
> >>       </rest>
> >> ...
> >> </configurationProperties>
> >> ...
> >> </redbackRuntimeConfiguration>
> >>
> >> Info about configuration files can be found at:
> >>
> >http://archiva.apache.org/docs/2.2.3/adminguide/configuration-files.html
> >>
> >>
> >> Greetings
> >>
> >> Martin
> >>
> >>
> >> Am Mittwoch, 31. Mai 2017, 21:41:02 CEST schrieb Niranjan Babu Bommu:
> >> > I had same problem when I upgarded archiva, issue was fixed by
> >adding
> >> > rest.baseUrl in archiva.xml and restart archiva
> >> >
> >> > <https://archiva-repository.apache.org/>
> >> > rest.baseUrl=.https://dev.server.com/archiva
> >> >
> >> >
> >> > On Wed, May 31, 2017 at 2:35 PM, Adam Brin
> ><abrin@digitalantiquity.org>
> >> >
> >> > wrote:
> >> > > Hi,
> >> > >
> >> > >  We proxy our archiva install behind nginx such that
> >> > >
> >> > > https://dev.server.com/archiva/ —> http://localhost:99999/ .
I’ve
> >been
> >> > > trying to read the documentation on how to update, but I’m
> >afraid, I’m
> >> a
> >> > > bit lost.  A few questions:
> >> > >
> >> > > Where is the redback config stored, is it in
> >> apps/archiva/WEB-INF/classes/
> >> > > org/apache/archiva/redback-security.properties ?   If so, can
> >this be
> >> > > added to the doc, and also, moved into the conf/ directory? If
> >not,
> >> where
> >> > > is it?
> >> > > when I start archiva and go to the URL, I get the following
> >warning…
> >> > > Referer Header does not match: refererUrl=https://dev.server.
> >> com/archiva/,
> >> > > targetUrl=http://dev.tdar.org. Matches: Host=true, Port=false .
> >But, I
> >> > > don’t see how to fix the port issue according to the doc (
> >> > > http://archiva.apache.org/redback/configuration.html#
> >> > > REST_security_settings).
> >> > >
> >> > > help?
> >> > >
> >> > > thanks
> >>
> >>
> >>
> >
> >
> >--
> >_________________________________________________________
> >Adam Brin
> >Director of Technology, Digital Antiquity
> >480.965.1278
>
> --
> Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.




-- 
Olivier Lamy
http://twitter.com/olamy | http://linkedin.com/in/olamy

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message