tag:www.nabble.com,2006:forum-16425Nabble - Archiva2008-10-07T16:49:42Z<a href="http://maven.apache.org/archiva/" target="_top" rel="nofollow">Archiva</a> - the Maven repository manager.tag:www.nabble.com,2006:post-19869870Re: Change URL in "Welcome to Archiva" email?2008-10-07T16:49:42Z2008-10-07T16:49:42ZChris BrentanoPerfect! Thanks Brett.
<br><br><br>On 10/7/08 4:46 PM, "Brett Porter" <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19869870&i=0" target="_top" rel="nofollow">brett.porter@...</a>> wrote:
<br><br><a href="http://archiva.apache.org/docs/1.1.3/adminguide/customising-security.html" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3/adminguide/customising-security.html</a><br><br>The property to change is application.url
<br><br>Cheers,
<br>Brett
<br><br>2008/10/8 Chris Brentano <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19869870&i=1" target="_top" rel="nofollow">chris.brentano@...</a>>:
<div class='shrinkable-quote'><br>> 1.1.2 Standalone.
<br>>
<br>>
<br>> On 10/7/08 4:19 PM, "James William Dumay" <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19869870&i=2" target="_top" rel="nofollow">james@...</a>> wrote:
<br>>
<br>> Hey Chris,
<br>>
<br>> That sounds like a bug to me... what version of Archiva are you using?
<br>>
<br>> Thanks
<br>> James
<br>>
<br>> On Tue, 2008-10-07 at 17:52 +0000, Chris Brentano wrote:
<br>>> I've been digging around the application files, but can't find this. Maybe it's an easy answer.
<br>>>
<br>>> I'm reverse-proxying Archiva through httpd, so requests for /archiva on my server on port 80 are proxied to port 8080 where the application is running (Archiva standalone). When someone requests a password reset, the URL in the email has the :8080 tacked onto the URL, which I'd like to remove from the URL.
<br>>>
<br>>> Is there either a file where I can alter this template to remove the :8080, or is there a place where I can specify the URL in the config?
<br>>>
<br>>> Much thanks.
<br>>>
<br>>> - Chris
<br>>
<br>>
<br>>
</div><br><br><br>--
<br>Brett Porter
<br>Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a><br><br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19869779Re: Change URL in "Welcome to Archiva" email?2008-10-07T16:46:07Z2008-10-07T16:46:07ZBrett Porter<a href="http://archiva.apache.org/docs/1.1.3/adminguide/customising-security.html" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3/adminguide/customising-security.html</a><br><br>The property to change is application.url
<br><br>Cheers,
<br>Brett
<br><br>2008/10/8 Chris Brentano <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19869779&i=0" target="_top" rel="nofollow">chris.brentano@...</a>>:
<div class='shrinkable-quote'><br>> 1.1.2 Standalone.
<br>>
<br>>
<br>> On 10/7/08 4:19 PM, "James William Dumay" <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19869779&i=1" target="_top" rel="nofollow">james@...</a>> wrote:
<br>>
<br>> Hey Chris,
<br>>
<br>> That sounds like a bug to me... what version of Archiva are you using?
<br>>
<br>> Thanks
<br>> James
<br>>
<br>> On Tue, 2008-10-07 at 17:52 +0000, Chris Brentano wrote:
<br>>> I've been digging around the application files, but can't find this. Maybe it's an easy answer.
<br>>>
<br>>> I'm reverse-proxying Archiva through httpd, so requests for /archiva on my server on port 80 are proxied to port 8080 where the application is running (Archiva standalone). When someone requests a password reset, the URL in the email has the :8080 tacked onto the URL, which I'd like to remove from the URL.
<br>>>
<br>>> Is there either a file where I can alter this template to remove the :8080, or is there a place where I can specify the URL in the config?
<br>>>
<br>>> Much thanks.
<br>>>
<br>>> - Chris
<br>>
<br>>
<br>>
</div><br><br><br>--
<br>Brett Porter
<br>Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a><br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19869668Re: FW: Repository group questions2008-10-07T16:37:16Z2008-10-07T16:37:16ZBrett PorterI think the directory listing issue is known - you might need to check
<br>JIRA for it and file it if not. However, accessing the artifacts
<br>should work fine as it seems to be the case.
<br><br>I'm not quite sure why you got inconsistent results since you used the
<br>mirrorOf - all requests should be going to the repository. But as you
<br>say, if you can access the files on the Archiva repository URLs, then
<br>Maven should be fine as it doesn't navigate the tree.
<br><br>- Brett
<br><br>2008/10/8 Kraft, Mike <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19869668&i=0" target="_top" rel="nofollow">Mike.Kraft@...</a>>:
<div class='shrinkable-quote'><br>> Well, I should have thought to do this earlier: I use a parent POM with multiple child modules - I had added the 'public' repository to the parent POM, but not the children. So I added it to the children, and now Maven finds remote snapshots properly when I build a child directly.
<br>>
<br>> However, if that is the solution, it still does not explain why there was never a problem finding release artifacts - surely Maven should have been just as clueless about those in the absence of a <repository> listing in a child POM? OTOH, perhaps that is a Maven rather than an Archiva issue.
<br>>
<br>> Finally, after looking more closely, the issue of what I see at the URL for the 'public' group appears to be a directory listing issue in Archiva. Here's an example of what I mean:
<br>> * my artifact 'widget' has two versions: 0.20.0 (from 'internal'), and 0.21.0-SNAPSHOT (from 'snapshots');
<br>> * the directory listing at <a href="http://.../archiva/repository/public/widget/widget/" target="_top" rel="nofollow">http://.../archiva/repository/public/widget/widget/</a> currently only shows the SNAPSHOT, but not the release;
<br>> * but if I go directly to <a href="http://.../archiva/repository/public/widget/widget/0.20.0" target="_top" rel="nofollow">http://.../archiva/repository/public/widget/widget/0.20.0</a> , the release artifacts are there.
<br>>
<br>> So this is not serious, esp. since the 'Browse' view does show everything properly, but it is a little annoying.
<br>>
<br>> Mike
<br>>
<br>> -----Original Message-----
<br>> From: Kraft, Mike [mailto:<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19869668&i=1" target="_top" rel="nofollow">Mike.Kraft@...</a>]
<br>> Sent: Tuesday, October 07, 2008 13:06
<br>> To: <a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19869668&i=2" target="_top" rel="nofollow">users@...</a>
<br>> Subject: FW: Repository group questions
<br>>
<br>> Ok, I get the feeling there is something fundamental I do not understand about repositories. Although it took a while, sometime after I promoted 'snapshots' to the top of the group list, the artifacts shown by the 'public' URL changed to only show snapshots - no releases. OTOH, Maven still cannot locate remote snapshot artifacts. But it can find remote release artifacts.
<br>>
<br>> If anyone can shed any light on this, I would be very appreciative.
<br>>
<br>> Thanks,
<br>> Mike
<br>>
<br>> ________________________________
<br>>
<br>> From: Kraft, Mike
<br>> Sent: Tuesday, October 07, 2008 12:25
<br>> To: <a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19869668&i=3" target="_top" rel="nofollow">users@...</a>
<br>> Subject: Repository group questions
<br>>
<br>>
<br>> Hi,
<br>>
<br>> I have created a group 'public' that contains both the default 'internal' and 'snapshots' repositories. I then created a mirror for * to 'public' in my local settings. I noticed I was having some trouble locating snapshot artifacts that were not already present in my local repository. So I began looking at the settings for the 'public' group. I clicked through on the URL link to the group, and saw that only artifacts from 'internal' showed up - nothing from 'snapshots'. I tried changing the order of the two repositories in the group list, but it did not seem to make any difference.
<br>>
<br>> Just to be clear, 'snapshots' itself is working - I see the unified view of all the repositories when I go the 'Browse' page.
<br>>
<br>> Is the groups feature broken, or is it just some weird condition on my server?
<br>>
</div><br><br><br>--
<br>Brett Porter
<br>Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a><br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19869499Re: Change URL in "Welcome to Archiva" email?2008-10-07T16:24:04Z2008-10-07T16:24:04ZChris Brentano1.1.2 Standalone.
<br><br><br>On 10/7/08 4:19 PM, "James William Dumay" <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19869499&i=0" target="_top" rel="nofollow">james@...</a>> wrote:
<br><br>Hey Chris,
<br><br>That sounds like a bug to me... what version of Archiva are you using?
<br><br>Thanks
<br>James
<br><br>On Tue, 2008-10-07 at 17:52 +0000, Chris Brentano wrote:
<br>> I've been digging around the application files, but can't find this. Maybe it's an easy answer.
<br>>
<br>> I'm reverse-proxying Archiva through httpd, so requests for /archiva on my server on port 80 are proxied to port 8080 where the application is running (Archiva standalone). When someone requests a password reset, the URL in the email has the :8080 tacked onto the URL, which I'd like to remove from the URL.
<br>>
<br>> Is there either a file where I can alter this template to remove the :8080, or is there a place where I can specify the URL in the config?
<br>>
<br>> Much thanks.
<br>>
<br>> - Chris
<br><br><br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19869434Re: Change URL in "Welcome to Archiva" email?2008-10-07T16:19:52Z2008-10-07T16:19:52ZJames William DumayHey Chris,
<br><br>That sounds like a bug to me... what version of Archiva are you using?
<br><br>Thanks
<br>James
<br><br>On Tue, 2008-10-07 at 17:52 +0000, Chris Brentano wrote:
<br>> I've been digging around the application files, but can't find this. Maybe it's an easy answer.
<br>>
<br>> I'm reverse-proxying Archiva through httpd, so requests for /archiva on my server on port 80 are proxied to port 8080 where the application is running (Archiva standalone). When someone requests a password reset, the URL in the email has the :8080 tacked onto the URL, which I'd like to remove from the URL.
<br>>
<br>> Is there either a file where I can alter this template to remove the :8080, or is there a place where I can specify the URL in the config?
<br>>
<br>> Much thanks.
<br>>
<br>> - Chris
<br><br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19869312Re: [VOTE] Release Archiva 1.1.32008-10-07T16:11:30Z2008-10-07T16:11:30ZJames William Dumay+1
<br><br>On Wed, 2008-10-08 at 01:56 +1100, Brett Porter wrote:
<div class='shrinkable-quote'><br>> The Archiva 1.1.3 release has been staged. The binaries, including the
<br>> sources, signatures and checksums, are available here:
<br>>
<br>> <a href="http://people.apache.org/builds/archiva/1.1.3/" target="_top" rel="nofollow">http://people.apache.org/builds/archiva/1.1.3/</a><br>>
<br>> You can take a look at the release notes at
<br>> <a href="http://archiva.apache.org/docs/1.1.3/release-notes.html" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3/release-notes.html</a><br>>
<br>> While the staged site can be viewed here:
<br>> <a href="http://archiva.apache.org/docs/1.1.3" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3</a><br>>
<br>> [ ] +1 Release it!
<br>> [ ] 0
<br>> [ ] -1 Don't release it, because..
<br>>
<br>> Note that since this release is to correct a security issue, I would
<br>> like to reduce the vote time from 36 hours, unless anyone indicates
<br>> they would like more time to test it.
<br>>
<br>> Thanks,
<br>> Brett
<br>>
</div><br><p>From forum: <a href="http://www.nabble.com/archiva-dev-f16427.html" embed="fixTarget[16427]" target="_top" >archiva-dev</a></p>tag:www.nabble.com,2006:post-19866559FW: Repository group questions2008-10-07T13:28:49Z2008-10-07T13:28:49ZKraft, Mike-2Well, I should have thought to do this earlier: I use a parent POM with multiple child modules - I had added the 'public' repository to the parent POM, but not the children. So I added it to the children, and now Maven finds remote snapshots properly when I build a child directly.
<br><br>However, if that is the solution, it still does not explain why there was never a problem finding release artifacts - surely Maven should have been just as clueless about those in the absence of a <repository> listing in a child POM? OTOH, perhaps that is a Maven rather than an Archiva issue.
<br><br>Finally, after looking more closely, the issue of what I see at the URL for the 'public' group appears to be a directory listing issue in Archiva. Here's an example of what I mean:
<br> * my artifact 'widget' has two versions: 0.20.0 (from 'internal'), and 0.21.0-SNAPSHOT (from 'snapshots');
<br> * the directory listing at <a href="http://.../archiva/repository/public/widget/widget/" target="_top" rel="nofollow">http://.../archiva/repository/public/widget/widget/</a> currently only shows the SNAPSHOT, but not the release;
<br> * but if I go directly to <a href="http://.../archiva/repository/public/widget/widget/0.20.0" target="_top" rel="nofollow">http://.../archiva/repository/public/widget/widget/0.20.0</a> , the release artifacts are there.
<br><br>So this is not serious, esp. since the 'Browse' view does show everything properly, but it is a little annoying.
<br><br>Mike
<br><br>-----Original Message-----
<br>From: Kraft, Mike [mailto:<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19866559&i=0" target="_top" rel="nofollow">Mike.Kraft@...</a>]
<br>Sent: Tuesday, October 07, 2008 13:06
<br>To: <a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19866559&i=1" target="_top" rel="nofollow">users@...</a>
<br>Subject: FW: Repository group questions
<br><br>Ok, I get the feeling there is something fundamental I do not understand about repositories. Although it took a while, sometime after I promoted 'snapshots' to the top of the group list, the artifacts shown by the 'public' URL changed to only show snapshots - no releases. OTOH, Maven still cannot locate remote snapshot artifacts. But it can find remote release artifacts.
<br>
<br>If anyone can shed any light on this, I would be very appreciative.
<br>
<br>Thanks,
<br>Mike
<br><br>________________________________
<br><br>From: Kraft, Mike
<br>Sent: Tuesday, October 07, 2008 12:25
<br>To: <a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19866559&i=2" target="_top" rel="nofollow">users@...</a>
<br>Subject: Repository group questions
<br><br><br>Hi,
<br>
<br>I have created a group 'public' that contains both the default 'internal' and 'snapshots' repositories. I then created a mirror for * to 'public' in my local settings. I noticed I was having some trouble locating snapshot artifacts that were not already present in my local repository. So I began looking at the settings for the 'public' group. I clicked through on the URL link to the group, and saw that only artifacts from 'internal' showed up - nothing from 'snapshots'. I tried changing the order of the two repositories in the group list, but it did not seem to make any difference.
<br>
<br>Just to be clear, 'snapshots' itself is working - I see the unified view of all the repositories when I go the 'Browse' page.
<br>
<br>Is the groups feature broken, or is it just some weird condition on my server?
<br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19865089FW: Repository group questions2008-10-07T12:05:39Z2008-10-07T12:05:39ZKraft, Mike-2Ok, I get the feeling there is something fundamental I do not understand about repositories. Although it took a while, sometime after I promoted 'snapshots' to the top of the group list, the artifacts shown by the 'public' URL changed to only show snapshots - no releases. OTOH, Maven still cannot locate remote snapshot artifacts. But it can find remote release artifacts.
<br>
<br>If anyone can shed any light on this, I would be very appreciative.
<br>
<br>Thanks,
<br>Mike
<br><br>________________________________
<br><br>From: Kraft, Mike
<br>Sent: Tuesday, October 07, 2008 12:25
<br>To: <a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19865089&i=0" target="_top" rel="nofollow">users@...</a>
<br>Subject: Repository group questions
<br><br><br>Hi,
<br>
<br>I have created a group 'public' that contains both the default 'internal' and 'snapshots' repositories. I then created a mirror for * to 'public' in my local settings. I noticed I was having some trouble locating snapshot artifacts that were not already present in my local repository. So I began looking at the settings for the 'public' group. I clicked through on the URL link to the group, and saw that only artifacts from 'internal' showed up - nothing from 'snapshots'. I tried changing the order of the two repositories in the group list, but it did not seem to make any difference.
<br>
<br>Just to be clear, 'snapshots' itself is working - I see the unified view of all the repositories when I go the 'Browse' page.
<br>
<br>Is the groups feature broken, or is it just some weird condition on my server?
<br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19864325Repository group questions2008-10-07T11:24:39Z2008-10-07T11:24:39ZKraft, Mike-2Hi,
<br>
<br>I have created a group 'public' that contains both the default 'internal' and 'snapshots' repositories. I then created a mirror for * to 'public' in my local settings. I noticed I was having some trouble locating snapshot artifacts that were not already present in my local repository. So I began looking at the settings for the 'public' group. I clicked through on the URL link to the group, and saw that only artifacts from 'internal' showed up - nothing from 'snapshots'. I tried changing the order of the two repositories in the group list, but it did not seem to make any difference.
<br>
<br>Just to be clear, 'snapshots' itself is working - I see the unified view of all the repositories when I go the 'Browse' page.
<br>
<br>Is the groups feature broken, or is it just some weird condition on my server?
<br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19863744Change URL in "Welcome to Archiva" email?2008-10-07T10:52:36Z2008-10-07T10:52:36ZChris BrentanoI've been digging around the application files, but can't find this. Maybe it's an easy answer.
<br><br>I'm reverse-proxying Archiva through httpd, so requests for /archiva on my server on port 80 are proxied to port 8080 where the application is running (Archiva standalone). When someone requests a password reset, the URL in the email has the :8080 tacked onto the URL, which I'd like to remove from the URL.
<br><br>Is there either a file where I can alter this template to remove the :8080, or is there a place where I can specify the URL in the config?
<br><br>Much thanks.
<br><br>- Chris
<br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19862677[jira] Commented: (MRM-935) Archiva doesn't supports artifact with <version>SNAPSHOT</version>2008-10-07T10:00:08Z2008-10-07T10:00:08ZJIRA jira@codehaus.org<br> [ <a href="http://jira.codehaus.org/browse/MRM-935?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=150228#action_150228" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-935?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=150228#action_150228</a> ]
<br><br>Aaron Hamid commented on MRM-935:
<br>---------------------------------
<br><br>Bit me too. mvn deploy works, but you can't get the artifact back out of the repo, and "Search" function can't find it.
<br><div class='shrinkable-quote'><br>> Archiva doesn't supports artifact with <version>SNAPSHOT</version>
<br>> ------------------------------------------------------------------
<br>>
<br>> Key: MRM-935
<br>> URL: <a href="http://jira.codehaus.org/browse/MRM-935" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-935</a><br>> Project: Archiva
<br>> Issue Type: Bug
<br>> Components: repository scanning
<br>> Affects Versions: 1.1.1
<br>> Reporter: Michal Stochmialek
<br>> Fix For: 1.2
<br>>
<br>>
<br>> We are using SNAPSHOT version of axiom library. In trunk axiom developers are using "SNAPSHOT" string as a version
<br>> (not a X.X.X-SNAPSHOT, but just SNAPSHOT). Link below.
<br>> <a href="http://svn.apache.org/viewvc/webservices/commons/trunk/modules/axiom/pom.xml?view=markup" target="_top" rel="nofollow">http://svn.apache.org/viewvc/webservices/commons/trunk/modules/axiom/pom.xml?view=markup</a><br>> Archiva doesn't support this kind of version. During repository synchronization and also during downloading the artifact
<br>> archiva throws exceptions:
<br>> {noformat}
<br>> 2008-09-08 11:00:39,109 [pool-2-thread-1] ERROR org.apache.maven.archiva.repository.scanner.functors.ConsumerProcessFileClosur
<br>> e - Consumer [repository-purge] had an error when processing file [/home/maven.repo/data/repositories/snapshots/org/apache/ws
<br>> /commons/axiom/axiom-tests/SNAPSHOT/axiom-tests-20070912.093446-2.pom]: String index out of range: -1
<br>> java.lang.StringIndexOutOfBoundsException: String index out of range: -1
<br>> at java.lang.String.substring(String.java:1938)
<br>> at org.apache.maven.archiva.repository.content.FilenameParser.expect(FilenameParser.java:107)
<br>> at org.apache.maven.archiva.repository.content.DefaultPathParser.toArtifactReference(DefaultPathParser.java:119)
<br>> at org.apache.maven.archiva.repository.content.AbstractDefaultRepositoryContent.toArtifactReference(AbstractDefaultRepositoryContent.java:51)
<br>> at org.apache.maven.archiva.repository.content.ManagedDefaultRepositoryContent.toArtifactReference(ManagedDefaultRepositoryContent.java:323)
<br>> at org.apache.maven.archiva.consumers.core.repository.DaysOldRepositoryPurge.process(DaysOldRepositoryPurge.java:81)
<br>> at org.apache.maven.archiva.consumers.core.repository.RepositoryPurgeConsumer.processFile(RepositoryPurgeConsumer.java:186)
<br>> at org.apache.maven.archiva.repository.scanner.functors.ConsumerProcessFileClosure.execute(ConsumerProcessFileClosure.java:51)
<br>> at org.apache.commons.collections.functors.IfClosure.execute(IfClosure.java:117)
<br>> at org.apache.commons.collections.CollectionUtils.forAllDo(CollectionUtils.java:388)
<br>> at org.apache.maven.archiva.repository.scanner.RepositoryScannerInstance.directoryWalkStep(RepositoryScannerInstance.java:137)
<br>> at org.codehaus.plexus.util.DirectoryWalker.fireStep(DirectoryWalker.java:174)
<br>> at org.codehaus.plexus.util.DirectoryWalker.scanDir(DirectoryWalker.java:392)
<br>> at org.codehaus.plexus.util.DirectoryWalker.scanDir(DirectoryWalker.java:386)
<br>> at org.codehaus.plexus.util.DirectoryWalker.scanDir(DirectoryWalker.java:386)
<br>> at org.codehaus.plexus.util.DirectoryWalker.scanDir(DirectoryWalker.java:386)
<br>> at org.codehaus.plexus.util.DirectoryWalker.scanDir(DirectoryWalker.java:386)
<br>> at org.codehaus.plexus.util.DirectoryWalker.scanDir(DirectoryWalker.java:386)
<br>> at org.codehaus.plexus.util.DirectoryWalker.scanDir(DirectoryWalker.java:386)
<br>> at org.codehaus.plexus.util.DirectoryWalker.scanDir(DirectoryWalker.java:386)
<br>> at org.codehaus.plexus.util.DirectoryWalker.scan(DirectoryWalker.java:345)
<br>> at org.apache.maven.archiva.repository.scanner.DefaultRepositoryScanner.scan(DefaultRepositoryScanner.java:122)
<br>> at org.apache.maven.archiva.repository.scanner.DefaultRepositoryScanner.scan(DefaultRepositoryScanner.java:66)
<br>> at org.apache.maven.archiva.scheduled.executors.ArchivaRepositoryScanningTaskExecutor.executeTask(ArchivaRepositoryScanningTaskExecutor.java:111)
<br>> at org.codehaus.plexus.taskqueue.execution.ThreadedTaskQueueExecutor$ExecutorRunnable$1.run(ThreadedTaskQueueExecutor.java:116)
<br>> at edu.emory.mathcs.backport.java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:442)
<br>> at edu.emory.mathcs.backport.java.util.concurrent.FutureTask.run(FutureTask.java:176)
<br>> at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:987)
<br>> at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:528)
<br>> at java.lang.Thread.run(Thread.java:619)
<br>> {noformat}
<br>> {noformat}
<br>> HTTP ERROR: 500
<br>> String index out of range: -1
<br>> RequestURI=/archiva/repository/snapshots/org/apache/ws/commons/axiom/axiom-impl/SNAPSHOT/axiom-impl-20070911.125712-1.pom
<br>> Caused by:
<br>> java.lang.StringIndexOutOfBoundsException: String index out of range: -1
<br>> at java.lang.String.substring(String.java:1938)
<br>> at org.apache.maven.archiva.repository.content.FilenameParser.expect(FilenameParser.java:107)
<br>> at org.apache.maven.archiva.repository.content.DefaultPathParser.toArtifactReference(DefaultPathParser.java:119)
<br>> at org.apache.maven.archiva.repository.content.RepositoryRequest.toArtifactReference(RepositoryRequest.java:79)
<br>> at org.apache.maven.archiva.webdav.ArchivaDavResourceFactory.fetchContentFromProxies(ArchivaDavResourceFactory.java:513)
<br>> at org.apache.maven.archiva.webdav.ArchivaDavResourceFactory.doGet(ArchivaDavResourceFactory.java:423)
<br>> at org.apache.maven.archiva.webdav.ArchivaDavResourceFactory.createResource(ArchivaDavResourceFactory.java:251)
<br>> at org.apache.maven.archiva.webdav.RepositoryServlet.service(RepositoryServlet.java:117)
<br>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
<br>> at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
<br>> at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093)
<br>> at com.opensymphony.webwork.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:189)
<br>> at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
<br>> at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:39)
<br>> at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
<br>> at com.opensymphony.webwork.dispatcher.ActionContextCleanUp.doFilter(ActionContextCleanUp.java:88)
<br>> at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
<br>> at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
<br>> at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
<br>> at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
<br>> at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:722)
<br>> at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:404)
<br>> at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:206)
<br>> at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
<br>> at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
<br>> at org.mortbay.jetty.Server.handle(Server.java:324)
<br>> at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
<br>> at org.mortbay.jetty.ajp.Ajp13Connection.access$2700(Ajp13Connection.java:42)
<br>> at org.mortbay.jetty.ajp.Ajp13Connection$RequestHandler.headerComplete(Ajp13Connection.java:221)
<br>> at org.mortbay.jetty.ajp.Ajp13Parser.parseNext(Ajp13Parser.java:474)
<br>> at org.mortbay.jetty.ajp.Ajp13Parser.parseAvailable(Ajp13Parser.java:142)
<br>> at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
<br>> at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
<br>> at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450)
<br>> {noformat}
<br>> The issue is critical. Archiva should allow at least downloading.
</div><br>--
<br>This message is automatically generated by JIRA.
<br>-
<br>If you think it was sent incorrectly contact one of the administrators: <a href="http://jira.codehaus.org/secure/Administrators.jspa" target="_top" rel="nofollow">http://jira.codehaus.org/secure/Administrators.jspa</a><br>-
<br>For more information on JIRA, see: <a href="http://www.atlassian.com/software/jira" target="_top" rel="nofollow">http://www.atlassian.com/software/jira</a><br><br>
<br><p>From forum: <a href="http://www.nabble.com/Archiva---Issues-f29617.html" embed="fixTarget[29617]" target="_top" >Archiva - Issues</a></p>tag:www.nabble.com,2006:post-19860929Re: [VOTE] Release Archiva 1.1.32008-10-07T08:36:21Z2008-10-07T08:36:21ZFabrice Bellingard-3+1
<br><br>- Fabrice
<br> <a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19860929&i=0" target="_top" rel="nofollow">bellingard@...</a>
<br><br><br>On Tue, Oct 7, 2008 at 4:56 PM, Brett Porter <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19860929&i=1" target="_top" rel="nofollow">brett@...</a>> wrote:
<br><div class='shrinkable-quote'><br>> The Archiva 1.1.3 release has been staged. The binaries, including the
<br>> sources, signatures and checksums, are available here:
<br>>
<br>> <a href="http://people.apache.org/builds/archiva/1.1.3/" target="_top" rel="nofollow">http://people.apache.org/builds/archiva/1.1.3/</a><br>>
<br>> You can take a look at the release notes at
<br>> <a href="http://archiva.apache.org/docs/1.1.3/release-notes.html" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3/release-notes.html</a><br>>
<br>> While the staged site can be viewed here:
<br>> <a href="http://archiva.apache.org/docs/1.1.3" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3</a><br>>
<br>> [ ] +1 Release it!
<br>> [ ] 0
<br>> [ ] -1 Don't release it, because..
<br>>
<br>> Note that since this release is to correct a security issue, I would like
<br>> to reduce the vote time from 36 hours, unless anyone indicates they would
<br>> like more time to test it.
<br>>
<br>> Thanks,
<br>> Brett
<br>>
<br>>
<br></div><p>From forum: <a href="http://www.nabble.com/archiva-dev-f16427.html" embed="fixTarget[16427]" target="_top" >archiva-dev</a></p>tag:www.nabble.com,2006:post-19860673Re: [VOTE] Release Archiva 1.1.32008-10-07T08:25:01Z2008-10-07T08:25:01ZEmmanuel Venisse-2+1
<br>Emmanuel
<br><br>On Tue, Oct 7, 2008 at 4:56 PM, Brett Porter <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19860673&i=0" target="_top" rel="nofollow">brett@...</a>> wrote:
<br><div class='shrinkable-quote'><br>> The Archiva 1.1.3 release has been staged. The binaries, including the
<br>> sources, signatures and checksums, are available here:
<br>>
<br>> <a href="http://people.apache.org/builds/archiva/1.1.3/" target="_top" rel="nofollow">http://people.apache.org/builds/archiva/1.1.3/</a><br>>
<br>> You can take a look at the release notes at
<br>> <a href="http://archiva.apache.org/docs/1.1.3/release-notes.html" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3/release-notes.html</a><br>>
<br>> While the staged site can be viewed here:
<br>> <a href="http://archiva.apache.org/docs/1.1.3" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3</a><br>>
<br>> [ ] +1 Release it!
<br>> [ ] 0
<br>> [ ] -1 Don't release it, because..
<br>>
<br>> Note that since this release is to correct a security issue, I would like
<br>> to reduce the vote time from 36 hours, unless anyone indicates they would
<br>> like more time to test it.
<br>>
<br>> Thanks,
<br>> Brett
<br>>
<br>>
<br></div><p>From forum: <a href="http://www.nabble.com/archiva-dev-f16427.html" embed="fixTarget[16427]" target="_top" >archiva-dev</a></p>tag:www.nabble.com,2006:post-19860275Re: [VOTE] Release Archiva 1.1.32008-10-07T08:05:25Z2008-10-07T08:05:25ZArnaud HERITIER+1
<br><br>Arnaud
<br><br>On Tue, Oct 7, 2008 at 4:59 PM, nicolas de loof <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19860275&i=0" target="_top" rel="nofollow">nicolas@...</a>> wrote:
<br><div class='shrinkable-quote'><br>> +1
<br>>
<br>> 2008/10/7 Brett Porter <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19860275&i=1" target="_top" rel="nofollow">brett@...</a>>
<br>>
<br>> > The Archiva 1.1.3 release has been staged. The binaries, including the
<br>> > sources, signatures and checksums, are available here:
<br>> >
<br>> > <a href="http://people.apache.org/builds/archiva/1.1.3/" target="_top" rel="nofollow">http://people.apache.org/builds/archiva/1.1.3/</a><br>> >
<br>> > You can take a look at the release notes at
<br>> > <a href="http://archiva.apache.org/docs/1.1.3/release-notes.html" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3/release-notes.html</a><br>> >
<br>> > While the staged site can be viewed here:
<br>> > <a href="http://archiva.apache.org/docs/1.1.3" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3</a><br>> >
<br>> > [ ] +1 Release it!
<br>> > [ ] 0
<br>> > [ ] -1 Don't release it, because..
<br>> >
<br>> > Note that since this release is to correct a security issue, I would like
<br>> > to reduce the vote time from 36 hours, unless anyone indicates they would
<br>> > like more time to test it.
<br>> >
<br>> > Thanks,
<br>> > Brett
<br>> >
<br>> >
<br>>
</div><br><br><br>--
<br>..........................................................
<br>Arnaud HERITIER
<br>..........................................................
<br>OCTO Technology - aheritier AT octo DOT com
<br>www.octo.com | blog.octo.com
<br>..........................................................
<br>ASF - aheritier AT apache DOT org
<br>www.apache.org | maven.apache.org
<br>...........................................................
<br><p>From forum: <a href="http://www.nabble.com/archiva-dev-f16427.html" embed="fixTarget[16427]" target="_top" >archiva-dev</a></p>tag:www.nabble.com,2006:post-19860133Re: [VOTE] Release Archiva 1.1.32008-10-07T07:59:22Z2008-10-07T07:59:22Znicolas de loof-3+1
<br><br>2008/10/7 Brett Porter <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19860133&i=0" target="_top" rel="nofollow">brett@...</a>>
<br><div class='shrinkable-quote'><br>> The Archiva 1.1.3 release has been staged. The binaries, including the
<br>> sources, signatures and checksums, are available here:
<br>>
<br>> <a href="http://people.apache.org/builds/archiva/1.1.3/" target="_top" rel="nofollow">http://people.apache.org/builds/archiva/1.1.3/</a><br>>
<br>> You can take a look at the release notes at
<br>> <a href="http://archiva.apache.org/docs/1.1.3/release-notes.html" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3/release-notes.html</a><br>>
<br>> While the staged site can be viewed here:
<br>> <a href="http://archiva.apache.org/docs/1.1.3" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3</a><br>>
<br>> [ ] +1 Release it!
<br>> [ ] 0
<br>> [ ] -1 Don't release it, because..
<br>>
<br>> Note that since this release is to correct a security issue, I would like
<br>> to reduce the vote time from 36 hours, unless anyone indicates they would
<br>> like more time to test it.
<br>>
<br>> Thanks,
<br>> Brett
<br>>
<br>>
<br></div><p>From forum: <a href="http://www.nabble.com/archiva-dev-f16427.html" embed="fixTarget[16427]" target="_top" >archiva-dev</a></p>tag:www.nabble.com,2006:post-19860071[VOTE] Release Archiva 1.1.32008-10-07T07:56:08Z2008-10-07T07:56:08ZbrettporterThe Archiva 1.1.3 release has been staged. The binaries, including the
<br>sources, signatures and checksums, are available here:
<br><br><a href="http://people.apache.org/builds/archiva/1.1.3/" target="_top" rel="nofollow">http://people.apache.org/builds/archiva/1.1.3/</a><br><br>You can take a look at the release notes at
<br><a href="http://archiva.apache.org/docs/1.1.3/release-notes.html" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3/release-notes.html</a><br><br>While the staged site can be viewed here:
<br><a href="http://archiva.apache.org/docs/1.1.3" target="_top" rel="nofollow">http://archiva.apache.org/docs/1.1.3</a><br><br>[ ] +1 Release it!
<br>[ ] 0
<br>[ ] -1 Don't release it, because..
<br><br>Note that since this release is to correct a security issue, I would
<br>like to reduce the vote time from 36 hours, unless anyone indicates
<br>they would like more time to test it.
<br><br>Thanks,
<br>Brett
<br><br><p>From forum: <a href="http://www.nabble.com/archiva-dev-f16427.html" embed="fixTarget[16427]" target="_top" >archiva-dev</a></p>tag:www.nabble.com,2006:post-19858731Re: Failed authentication - archiva 1.1.22008-10-07T06:55:23Z2008-10-07T06:55:23Zsolo1970<br>Dumb question: How do I turn on the debug for secutiry???
<br><br><br><br><blockquote class="quote light-black dark-border-color"><div class="quote light-border-color">
<div class="quote-author" style="font-weight: bold;">Brett Porter wrote:</div>
<div class="quote-message shrinkable-quote">I haven't seen this problem when unlocking users myself.
<br><br>Are you able to turn on debug level logging for the security to see if
<br>it gives any extra advice?
<br><br>Cheers,
<br>Brett
<br><br>2008/10/7 solo1970 <sonia.lodovichetti@ericsson.com>:
<br>>
<br>> I've noticeed something else:
<br>>
<br>> If a user gets "locked", I go in with admin rights and unlock it,
<br>> But then when I logout and log back in with my admin account the other user
<br>> is still locked!!!
<br>>
<br>> Help!
<br>>
<br>>
<br>>
<br>>
<br>> solo1970 wrote:
<br>>>
<br>>> I will look into it and let you know, thanks
<br>>>
<br>>> Sonia
<br>>>
<br>>>
<br>>>
<br>>> Brett Porter wrote:
<br>>>>
<br>>>> Did you retain your user's database in the upgrade? It seems that you
<br>>>> have not granted permissions to the release repository to the user
<br>>>> that is attempting to do the deployment.
<br>>>>
<br>>>> Cheers,
<br>>>> Brett
<br>>>>
<br>>>> 2008/9/27 solo1970 <sonia.lodovichetti@ericsson.com>:
<br>>>>>
<br>>>>> Hello,
<br>>>>>
<br>>>>> I am new to this list and the whole Archiva world, so please be
<br>>>>> patient...
<br>>>>>
<br>>>>> We've recently upgraded to Archiva 1.1.2 and we are now getting the
<br>>>>> following error when trying to deploy using Maven to the Archiva
<br>>>>> repository:
<br>>>>>
<br>>>>> ...
<br>>>>> [INFO] [deploy:deploy]
<br>>>>> altDeploymentRepository =
<br>>>>> release::default::dav:<a href="http://maven.xxxx.se:8888/repository/release" target="_top" rel="nofollow">http://maven.xxxx.se:8888/repository/release</a><br>>>>> [INFO] Using alternate deployment repository
<br>>>>> release::default::dav:<a href="http://maven.xxxx.se:8888/repository/release" target="_top" rel="nofollow">http://maven.xxxx.se:8888/repository/release</a><br>>>>> Uploading:
<br>>>>> <a href="http://maven.xxxx.se:8888/repository/release/com/xxxx/riot/riot-parent/3.0.0-R2A01/riot-parent-3.0.0-R2A01.pom" target="_top" rel="nofollow">http://maven.xxxx.se:8888/repository/release/com/xxxx/riot/riot-parent/3.0.0-R2A01/riot-parent-3.0.0-R2A01.pom</a><br>>>>> Sep 26, 2008 10:30:52 AM org.apache.commons.httpclient.HttpMethodBase
<br>>>>> processAuthenticationResponse
<br>>>>> INFO: Already tried to authenticate with 'Repository Archiva Managed
<br>>>>> Repository' authentication realm at maven.xxxx.se, but still receiving:
<br>>>>> HTTP/1.1 401 Unauthorized
<br>>>>> Sep 26, 2008 10:30:52 AM org.apache.commons.httpclient.HttpMethodBase
<br>>>>> processAuthenticationResponse
<br>>>>> INFO: Already tried to authenticate with 'Repository Archiva Managed
<br>>>>> release
<br>>>>> Repository' authentication realm at maven.xxxx.se, but still receiving:
<br>>>>> HTTP/1.1 401 Unauthorized
<br>>>>> ...
<br>>>>>
<br>>>>> Thanks!
<br>>>>>
<br>>>>> solo
<br>>>>> --
<br>>>>> View this message in context:
<br>>>>> <a href="http://www.nabble.com/Failed-authentication---archiva-1.1.2-tp19692615p19692615.html" target="_top">http://www.nabble.com/Failed-authentication---archiva-1.1.2-tp19692615p19692615.html</a><br>>>>> Sent from the archiva-users mailing list archive at Nabble.com.
<br>>>>>
<br>>>>>
<br>>>>
<br>>>>
<br>>>>
<br>>>> --
<br>>>> Brett Porter
<br>>>> Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a><br>>>>
<br>>>>
<br>>>
<br>>>
<br>>
<br>> --
<br>> View this message in context: <a href="http://www.nabble.com/Failed-authentication---archiva-1.1.2-tp19692615p19842211.html" target="_top">http://www.nabble.com/Failed-authentication---archiva-1.1.2-tp19692615p19842211.html</a><br>> Sent from the archiva-users mailing list archive at Nabble.com.
<br>>
<br>>
<br><br><br><br>--
<br>Brett Porter
<br>Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a></div>
</div></blockquote>
<p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19853893Re: does Archiva cache corrupted artifacts somehow?2008-10-07T01:47:46Z2008-10-07T01:47:46ZBrett PorterThere is a feature to cache failures on proxy connectors. This was
<br>improved in Archiva 1.1, so I would encourage upgrading if possible.
<br><br>- Brett
<br><br>2008/10/7 <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19853893&i=0" target="_top" rel="nofollow">torsten.reinhard@...</a>>:
<div class='shrinkable-quote'><br>> Hi,
<br>>
<br>> some of the artifacts deployed in central repo or other repos are
<br>> corrupted - there´s no pom.xml available,
<br>> the pom.xml is not correct (version info missing), no sources.jar
<br>> available and so on.
<br>>
<br>> some examples are:
<br>> axis/axis-ant/1.4/ (pom missing)
<br>> com/sun/xml/stream/buffer/streambuffer/0.4/streambuffer-0.4.pom (version
<br>> missing)
<br>> org/apache/santuario/xmlsec/1.4.2/ (pom missing)
<br>> ....
<br>>
<br>> When referencing those artifacts in a build, Archiva at first looks in its
<br>> own (internal) repository and afterwards it always tries to find them in
<br>> all proxied internet repositories - without success.
<br>> The next time a build starts (or even the next module in a multimodule
<br>> build) the search starts from the beginning and ends without success.
<br>>
<br>> Is there a way or a new feature in Archiva to prevent it from trying to
<br>> find not available artifacts in internet repos?
<br>> I´m using Archiva 1.0.2 - and my blacklists are getting longer and
<br>> longer.......
<br>>
<br>> thanx, Torsten
<br>>
</div><br><br><br>--
<br>Brett Porter
<br>Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a><br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19853791does Archiva cache corrupted artifacts somehow?2008-10-07T01:35:15Z2008-10-07T01:35:15Ztorsten.reinhardHi,
<br><br>some of the artifacts deployed in central repo or other repos are
<br>corrupted - there´s no pom.xml available,
<br>the pom.xml is not correct (version info missing), no sources.jar
<br>available and so on.
<br><br>some examples are:
<br>axis/axis-ant/1.4/ (pom missing)
<br>com/sun/xml/stream/buffer/streambuffer/0.4/streambuffer-0.4.pom (version
<br>missing)
<br>org/apache/santuario/xmlsec/1.4.2/ (pom missing)
<br>....
<br><br>When referencing those artifacts in a build, Archiva at first looks in its
<br>own (internal) repository and afterwards it always tries to find them in
<br>all proxied internet repositories - without success.
<br>The next time a build starts (or even the next module in a multimodule
<br>build) the search starts from the beginning and ends without success.
<br><br>Is there a way or a new feature in Archiva to prevent it from trying to
<br>find not available artifacts in internet repos?
<br>I´m using Archiva 1.0.2 - and my blacklists are getting longer and
<br>longer.......
<br><br>thanx, Torsten
<br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19851477[jira] Commented: (MRM-967) Security Issue: If repository observer role is enabled for the 'guest' user, an invalid user is able to deploy to that repository2008-10-06T22:48:09Z2008-10-06T22:48:09ZJIRA jira@codehaus.org<br> [ <a href="http://jira.codehaus.org/browse/MRM-967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=150155#action_150155" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=150155#action_150155</a> ]
<br><br>Gwen Harold Autencio commented on MRM-967:
<br>------------------------------------------
<br><br>Using the 'mvn deploy:deploy-file'
<br><br>gwen@gautencio:~$ mvn deploy:deploy-file -Dfile=NUnit.Framework.dll-2.4.8.0.dll -DgroupId=NUnit -Dversion=2.4.8.0 -Dpackaging=dll -DartifactId=NUnit.Framework.dll -DrepositoryId=archiva-snapshots -Durl=<a href="http://localhost:9091/repository/snapshots/" target="_top" rel="nofollow">http://localhost:9091/repository/snapshots/</a> -DgeneratePom=true
<br><br>[INFO] Scanning for projects...
<br>[INFO] Searching repository for plugin with prefix: 'deploy'.
<br>[INFO] ------------------------------------------------------------------------
<br>[INFO] Building Maven Default Project
<br>[INFO] task-segment: [deploy:deploy-file] (aggregator-style)
<br>[INFO] ------------------------------------------------------------------------
<br>[INFO] [deploy:deploy-file]
<br>Uploading: <a href="http://localhost:9091/repository/snapshots//NUnit/NUnit.Framework.dll/2.4.8.0/NUnit.Framework.dll-2.4.8.0.dll" target="_top" rel="nofollow">http://localhost:9091/repository/snapshots//NUnit/NUnit.Framework.dll/2.4.8.0/NUnit.Framework.dll-2.4.8.0.dll</a><br><br>31K uploaded
<br>[INFO] ------------------------------------------------------------------------
<br>[ERROR] BUILD ERROR
<br>[INFO] ------------------------------------------------------------------------
<br>[INFO] Error deploying artifact: Failed to transfer file: <a href="http://localhost:9091/repository/snapshots//NUnit/NUnit.Framework.dll/2.4.8.0/NUnit.Framework.dll-2.4.8.0.dll" target="_top" rel="nofollow">http://localhost:9091/repository/snapshots//NUnit/NUnit.Framework.dll/2.4.8.0/NUnit.Framework.dll-2.4.8.0.dll</a>. Return code is: 401
<br><br><br>[INFO] ------------------------------------------------------------------------
<br>[INFO] For more information, run Maven with the -e switch
<br>[INFO] ------------------------------------------------------------------------
<br>[INFO] Total time: 1 second
<br>[INFO] Finished at: Mon Oct 06 18:29:15 GMT+08:00 2008
<br><br>[INFO] Final Memory: 3M/5M
<br>[INFO] ------------------------------------------------------------------------
<br><div class='shrinkable-quote'><br>> Security Issue: If repository observer role is enabled for the 'guest' user, an invalid user is able to deploy to that repository
<br>> ---------------------------------------------------------------------------------------------------------------------------------
<br>>
<br>> Key: MRM-967
<br>> URL: <a href="http://jira.codehaus.org/browse/MRM-967" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-967</a><br>> Project: Archiva
<br>> Issue Type: Bug
<br>> Components: Users/Security, WebDAV interface
<br>> Affects Versions: 1.1.2
<br>> Reporter: Maria Odea Ching
<br>> Assignee: Maria Odea Ching
<br>> Priority: Critical
<br>> Fix For: 1.1.3
<br>>
<br>>
<br>> Steps to reproduce (using repository 'snapshots'):
<br>> 1. Configure the <distributionManagement> of your project's pom to deploy your project to 'snapshots' repository, as follows:
<br>> <distributionManagement>
<br>> <repository>
<br>> <id>releases</id>
<br>> <name>Releases Repository</name>
<br>> <layout>default</layout>
<br>> <url>dav:<a href="http://localhost:8080/archiva/repository/releases/" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/releases/</a></url>
<br>> </repository>
<br>> <snapshotRepository>
<br>> <id>snapshots</id>
<br>> <uniqueVersion>true</uniqueVersion>
<br>> <name>Snapshots Repository</name>
<br>> <layout>default</layout>
<br>> <url>dav:<a href="http://localhost:8080/archiva/repository/snapshots/" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/snapshots/</a></url>
<br>> </snapshotRepository>
<br>> </distributionManagement>
<br>> 2. Enable the 'snapshots' repository observer role for 'guest' user
<br>> 3. Add an invalid user credentials in your settings.xml for 'snapshots' repository, as shown below:
<br>> <server>
<br>> <id>snapshots</id>
<br>> <username>invalidusername</username>
<br>> <password>password</password>
<br>> </server>
<br>> 4. Execute 'mvn clean deploy' in your project.
<br>> Alternatively, you can also use the deploy-file goal to replicate the issue so you won't need to configure your pom (ex. 'mvn deploy:deploy-file -Dfile=nunit.framework.dll -DgroupId=NUnit -Dversion=2.4.8.0 -Dpackaging=dll -DartifactId=NUnit.Framework.dll -DrepositoryId=snapshots -Durl=<a href="http://localhost:8080/archiva/repository/snapshots" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/snapshots</a> -DgeneratePom=true')
</div><br>--
<br>This message is automatically generated by JIRA.
<br>-
<br>If you think it was sent incorrectly contact one of the administrators: <a href="http://jira.codehaus.org/secure/Administrators.jspa" target="_top" rel="nofollow">http://jira.codehaus.org/secure/Administrators.jspa</a><br>-
<br>For more information on JIRA, see: <a href="http://www.atlassian.com/software/jira" target="_top" rel="nofollow">http://www.atlassian.com/software/jira</a><br><br>
<br><p>From forum: <a href="http://www.nabble.com/Archiva---Issues-f29617.html" embed="fixTarget[29617]" target="_top" >Archiva - Issues</a></p>tag:www.nabble.com,2006:post-19851461[jira] Commented: (MRM-967) Security Issue: If repository observer role is enabled for the 'guest' user, an invalid user is able to deploy to that repository2008-10-06T22:46:09Z2008-10-06T22:46:09ZJIRA jira@codehaus.org<br> [ <a href="http://jira.codehaus.org/browse/MRM-967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=150154#action_150154" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=150154#action_150154</a> ]
<br><br>Gwen Harold Autencio commented on MRM-967:
<br>------------------------------------------
<br><br>Using the 'mvn deploy' command, tested the archiva-1.1.x
<br><br>Result : Tested archiva-1.1.x using the mvn deploy command.
<br><br>gwen@gautencio:~/Desktop/my-app$ mvn deploy
<br>[INFO] Scanning for projects...
<br>[INFO] ------------------------------------------------------------------------
<br>[INFO] Building my-app
<br>[INFO] task-segment: [deploy]
<br>[INFO] ------------------------------------------------------------------------
<br>[INFO] [resources:resources]
<br>[INFO] Using default encoding to copy filtered resources.
<br>[INFO] [compiler:compile]
<br>[INFO] Nothing to compile - all classes are up to date
<br>[INFO] [resources:testResources]
<br>[INFO] Using default encoding to copy filtered resources.
<br>[INFO] [compiler:testCompile]
<br>[INFO] Nothing to compile - all classes are up to date
<br>[INFO] [surefire:test]
<br>[INFO] Surefire report directory: /home/gwen/Desktop/my-app/target/surefire-reports
<br><br>-------------------------------------------------------
<br> T E S T S
<br>-------------------------------------------------------
<br>Running com.mycompany.app.AppTest
<br>Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.038 sec
<br><br>Results :
<br><br>Tests run: 1, Failures: 0, Errors: 0, Skipped: 0
<br><br>[INFO] [jar:jar]
<br>[INFO] [install:install]
<br>[INFO] Installing /home/gwen/Desktop/my-app/target/my-app-1.0-SNAPSHOT.jar to /home/gwen/.m2/repository/com/mycompany/app/my-app/1.0-SNAPSHOT/my-app-1.0-SNAPSHOT.jar
<br>[INFO] [deploy:deploy]
<br>altDeploymentRepository = null
<br>[INFO] Retrieving previous build number from archiva-internal
<br>Uploading: <a href="http://localhost:9091/repository/internal//com/mycompany/app/my-app/1.0-SNAPSHOT/my-app-1.0-20081007.034214-2.jar" target="_top" rel="nofollow">http://localhost:9091/repository/internal//com/mycompany/app/my-app/1.0-SNAPSHOT/my-app-1.0-20081007.034214-2.jar</a><br><br>2K uploaded
<br>[INFO] ------------------------------------------------------------------------
<br>[ERROR] BUILD ERROR
<br>[INFO] ------------------------------------------------------------------------
<br>[INFO] Error deploying artifact: Failed to transfer file: <a href="http://localhost:9091/repository/internal//com/mycompany/app/my-app/1.0-SNAPSHOT/my-app-1.0-20081007.034214-2.jar" target="_top" rel="nofollow">http://localhost:9091/repository/internal//com/mycompany/app/my-app/1.0-SNAPSHOT/my-app-1.0-20081007.034214-2.jar</a>. Return code is: 401
<br><br><br>[INFO] ------------------------------------------------------------------------
<br>[INFO] For more information, run Maven with the -e switch
<br>[INFO] ------------------------------------------------------------------------
<br>[INFO] Total time: 5 seconds
<br>[INFO] Finished at: Tue Oct 07 11:42:14 GMT+08:00 2008
<br>[INFO] Final Memory: 9M/16M
<br>[INFO] ------------------------------------------------------------------------
<br><div class='shrinkable-quote'><br>> Security Issue: If repository observer role is enabled for the 'guest' user, an invalid user is able to deploy to that repository
<br>> ---------------------------------------------------------------------------------------------------------------------------------
<br>>
<br>> Key: MRM-967
<br>> URL: <a href="http://jira.codehaus.org/browse/MRM-967" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-967</a><br>> Project: Archiva
<br>> Issue Type: Bug
<br>> Components: Users/Security, WebDAV interface
<br>> Affects Versions: 1.1.2
<br>> Reporter: Maria Odea Ching
<br>> Assignee: Maria Odea Ching
<br>> Priority: Critical
<br>> Fix For: 1.1.3
<br>>
<br>>
<br>> Steps to reproduce (using repository 'snapshots'):
<br>> 1. Configure the <distributionManagement> of your project's pom to deploy your project to 'snapshots' repository, as follows:
<br>> <distributionManagement>
<br>> <repository>
<br>> <id>releases</id>
<br>> <name>Releases Repository</name>
<br>> <layout>default</layout>
<br>> <url>dav:<a href="http://localhost:8080/archiva/repository/releases/" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/releases/</a></url>
<br>> </repository>
<br>> <snapshotRepository>
<br>> <id>snapshots</id>
<br>> <uniqueVersion>true</uniqueVersion>
<br>> <name>Snapshots Repository</name>
<br>> <layout>default</layout>
<br>> <url>dav:<a href="http://localhost:8080/archiva/repository/snapshots/" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/snapshots/</a></url>
<br>> </snapshotRepository>
<br>> </distributionManagement>
<br>> 2. Enable the 'snapshots' repository observer role for 'guest' user
<br>> 3. Add an invalid user credentials in your settings.xml for 'snapshots' repository, as shown below:
<br>> <server>
<br>> <id>snapshots</id>
<br>> <username>invalidusername</username>
<br>> <password>password</password>
<br>> </server>
<br>> 4. Execute 'mvn clean deploy' in your project.
<br>> Alternatively, you can also use the deploy-file goal to replicate the issue so you won't need to configure your pom (ex. 'mvn deploy:deploy-file -Dfile=nunit.framework.dll -DgroupId=NUnit -Dversion=2.4.8.0 -Dpackaging=dll -DartifactId=NUnit.Framework.dll -DrepositoryId=snapshots -Durl=<a href="http://localhost:8080/archiva/repository/snapshots" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/snapshots</a> -DgeneratePom=true')
</div><br>--
<br>This message is automatically generated by JIRA.
<br>-
<br>If you think it was sent incorrectly contact one of the administrators: <a href="http://jira.codehaus.org/secure/Administrators.jspa" target="_top" rel="nofollow">http://jira.codehaus.org/secure/Administrators.jspa</a><br>-
<br>For more information on JIRA, see: <a href="http://www.atlassian.com/software/jira" target="_top" rel="nofollow">http://www.atlassian.com/software/jira</a><br><br>
<br><p>From forum: <a href="http://www.nabble.com/Archiva---Issues-f29617.html" embed="fixTarget[29617]" target="_top" >Archiva - Issues</a></p>tag:www.nabble.com,2006:post-19851444[jira] Commented: (MRM-967) Security Issue: If repository observer role is enabled for the 'guest' user, an invalid user is able to deploy to that repository2008-10-06T22:43:10Z2008-10-06T22:43:10ZJIRA jira@codehaus.org<br> [ <a href="http://jira.codehaus.org/browse/MRM-967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=150153#action_150153" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=150153#action_150153</a> ]
<br><br>Maria Odea Ching commented on MRM-967:
<br>--------------------------------------
<br><br>Btw, thanks Brett for finding/discovering the security issue :)
<br><div class='shrinkable-quote'><br>> Security Issue: If repository observer role is enabled for the 'guest' user, an invalid user is able to deploy to that repository
<br>> ---------------------------------------------------------------------------------------------------------------------------------
<br>>
<br>> Key: MRM-967
<br>> URL: <a href="http://jira.codehaus.org/browse/MRM-967" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-967</a><br>> Project: Archiva
<br>> Issue Type: Bug
<br>> Components: Users/Security, WebDAV interface
<br>> Affects Versions: 1.1.2
<br>> Reporter: Maria Odea Ching
<br>> Assignee: Maria Odea Ching
<br>> Priority: Critical
<br>> Fix For: 1.1.3
<br>>
<br>>
<br>> Steps to reproduce (using repository 'snapshots'):
<br>> 1. Configure the <distributionManagement> of your project's pom to deploy your project to 'snapshots' repository, as follows:
<br>> <distributionManagement>
<br>> <repository>
<br>> <id>releases</id>
<br>> <name>Releases Repository</name>
<br>> <layout>default</layout>
<br>> <url>dav:<a href="http://localhost:8080/archiva/repository/releases/" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/releases/</a></url>
<br>> </repository>
<br>> <snapshotRepository>
<br>> <id>snapshots</id>
<br>> <uniqueVersion>true</uniqueVersion>
<br>> <name>Snapshots Repository</name>
<br>> <layout>default</layout>
<br>> <url>dav:<a href="http://localhost:8080/archiva/repository/snapshots/" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/snapshots/</a></url>
<br>> </snapshotRepository>
<br>> </distributionManagement>
<br>> 2. Enable the 'snapshots' repository observer role for 'guest' user
<br>> 3. Add an invalid user credentials in your settings.xml for 'snapshots' repository, as shown below:
<br>> <server>
<br>> <id>snapshots</id>
<br>> <username>invalidusername</username>
<br>> <password>password</password>
<br>> </server>
<br>> 4. Execute 'mvn clean deploy' in your project.
<br>> Alternatively, you can also use the deploy-file goal to replicate the issue so you won't need to configure your pom (ex. 'mvn deploy:deploy-file -Dfile=nunit.framework.dll -DgroupId=NUnit -Dversion=2.4.8.0 -Dpackaging=dll -DartifactId=NUnit.Framework.dll -DrepositoryId=snapshots -Durl=<a href="http://localhost:8080/archiva/repository/snapshots" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/snapshots</a> -DgeneratePom=true')
</div><br>--
<br>This message is automatically generated by JIRA.
<br>-
<br>If you think it was sent incorrectly contact one of the administrators: <a href="http://jira.codehaus.org/secure/Administrators.jspa" target="_top" rel="nofollow">http://jira.codehaus.org/secure/Administrators.jspa</a><br>-
<br>For more information on JIRA, see: <a href="http://www.atlassian.com/software/jira" target="_top" rel="nofollow">http://www.atlassian.com/software/jira</a><br><br>
<br><p>From forum: <a href="http://www.nabble.com/Archiva---Issues-f29617.html" embed="fixTarget[29617]" target="_top" >Archiva - Issues</a></p>tag:www.nabble.com,2006:post-19851404[jira] Closed: (MRM-967) Security Issue: If repository observer role is enabled for the 'guest' user, an invalid user is able to deploy to that repository2008-10-06T22:39:08Z2008-10-06T22:39:08ZJIRA jira@codehaus.org<br> [ <a href="http://jira.codehaus.org/browse/MRM-967?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-967?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel</a> ]
<br><br>Maria Odea Ching closed MRM-967.
<br>--------------------------------
<br><br> Assignee: Maria Odea Ching
<br> Resolution: Fixed
<br> Fix Version/s: 1.1.3
<br><br>Fixed in trunk -r702027 and merged in 1.1.x branch -r702032.
<br><div class='shrinkable-quote'><br>> Security Issue: If repository observer role is enabled for the 'guest' user, an invalid user is able to deploy to that repository
<br>> ---------------------------------------------------------------------------------------------------------------------------------
<br>>
<br>> Key: MRM-967
<br>> URL: <a href="http://jira.codehaus.org/browse/MRM-967" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-967</a><br>> Project: Archiva
<br>> Issue Type: Bug
<br>> Components: Users/Security, WebDAV interface
<br>> Affects Versions: 1.1.2
<br>> Reporter: Maria Odea Ching
<br>> Assignee: Maria Odea Ching
<br>> Priority: Critical
<br>> Fix For: 1.1.3
<br>>
<br>>
<br>> Steps to reproduce (using repository 'snapshots'):
<br>> 1. Configure the <distributionManagement> of your project's pom to deploy your project to 'snapshots' repository, as follows:
<br>> <distributionManagement>
<br>> <repository>
<br>> <id>releases</id>
<br>> <name>Releases Repository</name>
<br>> <layout>default</layout>
<br>> <url>dav:<a href="http://localhost:8080/archiva/repository/releases/" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/releases/</a></url>
<br>> </repository>
<br>> <snapshotRepository>
<br>> <id>snapshots</id>
<br>> <uniqueVersion>true</uniqueVersion>
<br>> <name>Snapshots Repository</name>
<br>> <layout>default</layout>
<br>> <url>dav:<a href="http://localhost:8080/archiva/repository/snapshots/" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/snapshots/</a></url>
<br>> </snapshotRepository>
<br>> </distributionManagement>
<br>> 2. Enable the 'snapshots' repository observer role for 'guest' user
<br>> 3. Add an invalid user credentials in your settings.xml for 'snapshots' repository, as shown below:
<br>> <server>
<br>> <id>snapshots</id>
<br>> <username>invalidusername</username>
<br>> <password>password</password>
<br>> </server>
<br>> 4. Execute 'mvn clean deploy' in your project.
<br>> Alternatively, you can also use the deploy-file goal to replicate the issue so you won't need to configure your pom (ex. 'mvn deploy:deploy-file -Dfile=nunit.framework.dll -DgroupId=NUnit -Dversion=2.4.8.0 -Dpackaging=dll -DartifactId=NUnit.Framework.dll -DrepositoryId=snapshots -Durl=<a href="http://localhost:8080/archiva/repository/snapshots" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/snapshots</a> -DgeneratePom=true')
</div><br>--
<br>This message is automatically generated by JIRA.
<br>-
<br>If you think it was sent incorrectly contact one of the administrators: <a href="http://jira.codehaus.org/secure/Administrators.jspa" target="_top" rel="nofollow">http://jira.codehaus.org/secure/Administrators.jspa</a><br>-
<br>For more information on JIRA, see: <a href="http://www.atlassian.com/software/jira" target="_top" rel="nofollow">http://www.atlassian.com/software/jira</a><br><br>
<br><p>From forum: <a href="http://www.nabble.com/Archiva---Issues-f29617.html" embed="fixTarget[29617]" target="_top" >Archiva - Issues</a></p>tag:www.nabble.com,2006:post-19851377[jira] Created: (MRM-967) Security Issue: If repository observer role is enabled for the 'guest' user, an invalid user is able to deploy to that repository2008-10-06T22:36:08Z2008-10-06T22:36:08ZJIRA jira@codehaus.orgSecurity Issue: If repository observer role is enabled for the 'guest' user, an invalid user is able to deploy to that repository
<br>---------------------------------------------------------------------------------------------------------------------------------
<br><br> Key: MRM-967
<br> URL: <a href="http://jira.codehaus.org/browse/MRM-967" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM-967</a><br> Project: Archiva
<br> Issue Type: Bug
<br> Components: Users/Security, WebDAV interface
<br> Affects Versions: 1.1.2
<br> Reporter: Maria Odea Ching
<br> Priority: Critical
<br><br><br>Steps to reproduce (using repository 'snapshots'):
<br>1. Configure the <distributionManagement> of your project's pom to deploy your project to 'snapshots' repository, as follows:
<br><br><distributionManagement>
<br> <repository>
<br> <id>releases</id>
<br> <name>Releases Repository</name>
<br> <layout>default</layout>
<br> <url>dav:<a href="http://localhost:8080/archiva/repository/releases/" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/releases/</a></url>
<br> </repository>
<br> <snapshotRepository>
<br> <id>snapshots</id>
<br> <uniqueVersion>true</uniqueVersion>
<br> <name>Snapshots Repository</name>
<br> <layout>default</layout>
<br> <url>dav:<a href="http://localhost:8080/archiva/repository/snapshots/" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/snapshots/</a></url>
<br> </snapshotRepository>
<br></distributionManagement>
<br><br>2. Enable the 'snapshots' repository observer role for 'guest' user
<br>3. Add an invalid user credentials in your settings.xml for 'snapshots' repository, as shown below:
<br><br><server>
<br> <id>snapshots</id>
<br> <username>invalidusername</username>
<br> <password>password</password>
<br></server>
<br><br>4. Execute 'mvn clean deploy' in your project.
<br><br>Alternatively, you can also use the deploy-file goal to replicate the issue so you won't need to configure your pom (ex. 'mvn deploy:deploy-file -Dfile=nunit.framework.dll -DgroupId=NUnit -Dversion=2.4.8.0 -Dpackaging=dll -DartifactId=NUnit.Framework.dll -DrepositoryId=snapshots -Durl=<a href="http://localhost:8080/archiva/repository/snapshots" target="_top" rel="nofollow">http://localhost:8080/archiva/repository/snapshots</a> -DgeneratePom=true')
<br><br><br>--
<br>This message is automatically generated by JIRA.
<br>-
<br>If you think it was sent incorrectly contact one of the administrators: <a href="http://jira.codehaus.org/secure/Administrators.jspa" target="_top" rel="nofollow">http://jira.codehaus.org/secure/Administrators.jspa</a><br>-
<br>For more information on JIRA, see: <a href="http://www.atlassian.com/software/jira" target="_top" rel="nofollow">http://www.atlassian.com/software/jira</a><br><br>
<br><p>From forum: <a href="http://www.nabble.com/Archiva---Issues-f29617.html" embed="fixTarget[29617]" target="_top" >Archiva - Issues</a></p>tag:www.nabble.com,2006:post-19850427Re: Merging repositories2008-10-06T20:21:32Z2008-10-06T20:21:32ZDan Tran+1 for that,
<br><br>currently i deploy my staging to Archiva and use stage plugin to do
<br>the merge. It would be
<br>wonderful to see Archiva do this task in one click :-)
<br><br>-D
<br><br>On Mon, Oct 6, 2008 at 8:13 PM, Wendy Smoak <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19850427&i=0" target="_top" rel="nofollow">wsmoak@...</a>> wrote:
<div class='shrinkable-quote'><br>> I find that I need to "merge" repositories quite often. Someone
<br>> delivers a bunch of artifacts in Maven repo format, and I want to copy
<br>> them into an existing repository, updating the metadata as needed, and
<br>> *not* overwriting any duplicates that are already in my repo.
<br>> (Released artifacts shouldn't change.)
<br>>
<br>> Would this be a good feature for Archiva?
<br>>
<br>> Or would it just be better to write a script that checks to see if the
<br>> file is already present before copying, and let Archiva fix the
<br>> metadata later when it scans/updates?
<br>>
<br>> --
<br>> Wendy
<br>>
<br></div><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19850359Merging repositories2008-10-06T20:13:41Z2008-10-06T20:13:41ZWendy Smoak-3I find that I need to "merge" repositories quite often. Someone
<br>delivers a bunch of artifacts in Maven repo format, and I want to copy
<br>them into an existing repository, updating the metadata as needed, and
<br>*not* overwriting any duplicates that are already in my repo.
<br>(Released artifacts shouldn't change.)
<br><br>Would this be a good feature for Archiva?
<br><br>Or would it just be better to write a script that checks to see if the
<br>file is already present before copying, and let Archiva fix the
<br>metadata later when it scans/updates?
<br><br>--
<br>Wendy
<br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19848901Re: Guest user authentication2008-10-06T17:25:16Z2008-10-06T17:25:16ZBrett PorterMaven 1 paths are automatically translated, so you don't need to do
<br>anything special - set up a group as normal and then use that
<br>repository from Maven 1 and it should work.
<br><br>Cheers,
<br>Brett
<br><br>2008/10/7 emerson cargnin <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19848901&i=0" target="_top" rel="nofollow">echofloripa.yell@...</a>>:
<div class='shrinkable-quote'><br>> Hi Maria
<br>> Thanks for answering.
<br>> I'm using already the 1.1.2 version. AN yes, I ended up finding that
<br>> new repositories had to be explicitly enabled for the guest role )
<br>> If you allow me to ask you, is it possible to proxy from a maven1
<br>> repository (and cache in a maven2 repo) and at the same time serve
<br>> this cached (together with other maven2 repositories) as maven 1 using
<br>> a repository group?
<br>>
<br>> I couldn't find a way to set up a repository group for maven 1
<br>>
<br>> Thanks a lot
<br>> Emerson
<br>>
<br>> 2008/10/2 Maria Odea Ching <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19848901&i=1" target="_top" rel="nofollow">oching@...</a>>:
<br>>> Hi Emerson,
<br>>>
<br>>> There's a default 'guest' user configured in Archiva. Just enable the
<br>>> Repository Observer role (for the specific repository) for the guest user.
<br>>> The Repository Observer role is for read access, and if you want to disable
<br>>> authentication on write access, just grant the 'guest' user the Repository
<br>>> Manager role (for the specific repository).
<br>>>
<br>>> Btw, 1.1.1 & 1.1.2 have already been released.. there are a number of fixes
<br>>> in them for 1.1, so you might want to upgrade to the latest version :)
<br>>>
<br>>> Thanks,
<br>>> Deng
<br>>>
<br>>> On Thu, Oct 2, 2008 at 2:20 AM, emerson cargnin
<br>>> <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19848901&i=2" target="_top" rel="nofollow">echofloripa.yell@...</a>>wrote:
<br>>>
<br>>>> I took 3 hours to find out why I couldn't runt he build from my
<br>>>> anthill server. It was asking for authentication.
<br>>>> I just upgraded to archiva1.1, and this problem started (well, among
<br>>>> others:)).
<br>>>>
<br>>>> How do I get users to access the repository without authentication?
<br>>>>
<br>>>> regards
<br>>>> Emerson
<br>>>>
<br>>>
<br>>
</div><br><br><br>--
<br>Brett Porter
<br>Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a><br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19848886Re: Failed authentication - archiva 1.1.22008-10-06T17:24:17Z2008-10-06T17:24:17ZBrett PorterI haven't seen this problem when unlocking users myself.
<br><br>Are you able to turn on debug level logging for the security to see if
<br>it gives any extra advice?
<br><br>Cheers,
<br>Brett
<br><br>2008/10/7 solo1970 <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19848886&i=0" target="_top" rel="nofollow">sonia.lodovichetti@...</a>>:
<div class='shrinkable-quote'><br>>
<br>> I've noticeed something else:
<br>>
<br>> If a user gets "locked", I go in with admin rights and unlock it,
<br>> But then when I logout and log back in with my admin account the other user
<br>> is still locked!!!
<br>>
<br>> Help!
<br>>
<br>>
<br>>
<br>>
<br>> solo1970 wrote:
<br>>>
<br>>> I will look into it and let you know, thanks
<br>>>
<br>>> Sonia
<br>>>
<br>>>
<br>>>
<br>>> Brett Porter wrote:
<br>>>>
<br>>>> Did you retain your user's database in the upgrade? It seems that you
<br>>>> have not granted permissions to the release repository to the user
<br>>>> that is attempting to do the deployment.
<br>>>>
<br>>>> Cheers,
<br>>>> Brett
<br>>>>
<br>>>> 2008/9/27 solo1970 <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19848886&i=1" target="_top" rel="nofollow">sonia.lodovichetti@...</a>>:
<br>>>>>
<br>>>>> Hello,
<br>>>>>
<br>>>>> I am new to this list and the whole Archiva world, so please be
<br>>>>> patient...
<br>>>>>
<br>>>>> We've recently upgraded to Archiva 1.1.2 and we are now getting the
<br>>>>> following error when trying to deploy using Maven to the Archiva
<br>>>>> repository:
<br>>>>>
<br>>>>> ...
<br>>>>> [INFO] [deploy:deploy]
<br>>>>> altDeploymentRepository =
<br>>>>> release::default::dav:<a href="http://maven.xxxx.se:8888/repository/release" target="_top" rel="nofollow">http://maven.xxxx.se:8888/repository/release</a><br>>>>> [INFO] Using alternate deployment repository
<br>>>>> release::default::dav:<a href="http://maven.xxxx.se:8888/repository/release" target="_top" rel="nofollow">http://maven.xxxx.se:8888/repository/release</a><br>>>>> Uploading:
<br>>>>> <a href="http://maven.xxxx.se:8888/repository/release/com/xxxx/riot/riot-parent/3.0.0-R2A01/riot-parent-3.0.0-R2A01.pom" target="_top" rel="nofollow">http://maven.xxxx.se:8888/repository/release/com/xxxx/riot/riot-parent/3.0.0-R2A01/riot-parent-3.0.0-R2A01.pom</a><br>>>>> Sep 26, 2008 10:30:52 AM org.apache.commons.httpclient.HttpMethodBase
<br>>>>> processAuthenticationResponse
<br>>>>> INFO: Already tried to authenticate with 'Repository Archiva Managed
<br>>>>> Repository' authentication realm at maven.xxxx.se, but still receiving:
<br>>>>> HTTP/1.1 401 Unauthorized
<br>>>>> Sep 26, 2008 10:30:52 AM org.apache.commons.httpclient.HttpMethodBase
<br>>>>> processAuthenticationResponse
<br>>>>> INFO: Already tried to authenticate with 'Repository Archiva Managed
<br>>>>> release
<br>>>>> Repository' authentication realm at maven.xxxx.se, but still receiving:
<br>>>>> HTTP/1.1 401 Unauthorized
<br>>>>> ...
<br>>>>>
<br>>>>> Thanks!
<br>>>>>
<br>>>>> solo
<br>>>>> --
<br>>>>> View this message in context:
<br>>>>> <a href="http://www.nabble.com/Failed-authentication---archiva-1.1.2-tp19692615p19692615.html" target="_top">http://www.nabble.com/Failed-authentication---archiva-1.1.2-tp19692615p19692615.html</a><br>>>>> Sent from the archiva-users mailing list archive at Nabble.com.
<br>>>>>
<br>>>>>
<br>>>>
<br>>>>
<br>>>>
<br>>>> --
<br>>>> Brett Porter
<br>>>> Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a><br>>>>
<br>>>>
<br>>>
<br>>>
<br>>
<br>> --
<br>> View this message in context: <a href="http://www.nabble.com/Failed-authentication---archiva-1.1.2-tp19692615p19842211.html" target="_top">http://www.nabble.com/Failed-authentication---archiva-1.1.2-tp19692615p19842211.html</a><br>> Sent from the archiva-users mailing list archive at Nabble.com.
<br>>
<br>>
</div><br><br><br>--
<br>Brett Porter
<br>Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a><br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19848402Re: get last access date report2008-10-06T16:36:27Z2008-10-06T16:36:27ZBrett PorterWe don't currently track accesses, though Jetty comes preconfigured
<br>with a request log so that could be loaded into the database and a
<br>query run to find out what has not been accessed in a certain
<br>timeframe.
<br><br>To implement this within Archiva itself you would need to start
<br>tracking the accesses in the database (or at least the last access
<br>time in the artifact records).
<br><br>- Brett
<br><br>2008/10/3 Michael Delaney <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19848402&i=0" target="_top" rel="nofollow">mdelaney@...</a>>:
<div class='shrinkable-quote'><br>> I thought it would be interesting if a repot would tell you when the
<br>> last time a file was access based off of a date range. For example,
<br>> Archiva would compile a report of all Artifacts that have not been
<br>> accessed in a year, or three months ... etc.
<br>>
<br>>
<br>>
<br>> How hard to you think that would be to implement?
<br>>
<br>>
</div><br><br><br>--
<br>Brett Porter
<br>Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a><br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19847753Re: Archiva Left menu issue2008-10-06T15:43:07Z2008-10-06T15:43:07ZBrett Porterthat sounds like a bug - can you file it at <a href="http://jira.codehaus.org/browse/MRM" target="_top" rel="nofollow">http://jira.codehaus.org/browse/MRM</a>?
<br><br>2008/10/7 Cotonéa Loic <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19847753&i=0" target="_top" rel="nofollow">l.cotonea@...</a>>:
<div class='shrinkable-quote'><br>> Hi,
<br>>
<br>>
<br>> I'm using Archiva 1.1.2.
<br>>
<br>>
<br>>
<br>> I've configured a user that have « Repository manager » role on several
<br>> repository. When I'm logging with this user, the left menu panel contains
<br>> only Find menu (Search, Find artefact and browse). Then this user seems to
<br>> not upload an artefact. But if I use the
<br>> <a href="http://host/archiva/upload.actionurl" target="_top" rel="nofollow">http://host/archiva/upload.actionurl</a>, I can access to the upload page.
<br>> Then I think there an issue on the
<br>> menu access.
<br>>
<br>>
<br>> Regards
<br>>
<br>>
<br>>
<br>>
<br>> PS:
<br>>
<br>> I've consult the mailing history, and I didn't any message that report this
<br>> problem. So if it's a known issue, I'm sorry with advance to this post.
<br>>
</div><br><br><br>--
<br>Brett Porter
<br>Blog: <a href="http://blogs.exist.com/bporter/" target="_top" rel="nofollow">http://blogs.exist.com/bporter/</a><br><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19844822Re: Guest user authentication2008-10-06T12:35:50Z2008-10-06T12:35:50Zemerson cargninHi Maria
<br>Thanks for answering.
<br>I'm using already the 1.1.2 version. AN yes, I ended up finding that
<br>new repositories had to be explicitly enabled for the guest role )
<br>If you allow me to ask you, is it possible to proxy from a maven1
<br>repository (and cache in a maven2 repo) and at the same time serve
<br>this cached (together with other maven2 repositories) as maven 1 using
<br>a repository group?
<br><br>I couldn't find a way to set up a repository group for maven 1
<br><br>Thanks a lot
<br>Emerson
<br><br>2008/10/2 Maria Odea Ching <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19844822&i=0" target="_top" rel="nofollow">oching@...</a>>:
<div class='shrinkable-quote'><br>> Hi Emerson,
<br>>
<br>> There's a default 'guest' user configured in Archiva. Just enable the
<br>> Repository Observer role (for the specific repository) for the guest user.
<br>> The Repository Observer role is for read access, and if you want to disable
<br>> authentication on write access, just grant the 'guest' user the Repository
<br>> Manager role (for the specific repository).
<br>>
<br>> Btw, 1.1.1 & 1.1.2 have already been released.. there are a number of fixes
<br>> in them for 1.1, so you might want to upgrade to the latest version :)
<br>>
<br>> Thanks,
<br>> Deng
<br>>
<br>> On Thu, Oct 2, 2008 at 2:20 AM, emerson cargnin
<br>> <<a href="http://www.nabble.com/user/SendEmail.jtp?type=post&post=19844822&i=1" target="_top" rel="nofollow">echofloripa.yell@...</a>>wrote:
<br>>
<br>>> I took 3 hours to find out why I couldn't runt he build from my
<br>>> anthill server. It was asking for authentication.
<br>>> I just upgraded to archiva1.1, and this problem started (well, among
<br>>> others:)).
<br>>>
<br>>> How do I get users to access the repository without authentication?
<br>>>
<br>>> regards
<br>>> Emerson
<br>>>
<br>>
<br></div><p>From forum: <a href="http://www.nabble.com/archiva-users-f16426.html" embed="fixTarget[16426]" target="_top" >archiva-users</a></p>tag:www.nabble.com,2006:post-19842211Re: Failed authentication - archiva 1.1.22008-10-06T10:13:51Z2008-10-06T10:13:51Zsolo1970I've noticeed something else:
<br><br>If a user gets "locked", I go in with admin rights and unlock it,
<br>But then when I logout and log back in with my admin account the other user is still locked!!!
<br><br>Help!
<br><br><br><br><quote author="solo1970"><br>I will look into it and let you know, thanks
<br><br>Sonia
<br><br><br><blockquote class="quote light-black dark-border-color"><div class="quote light-border-color">
<div class="quote-author" style="font-weight: bold;">Brett Porter wrote:</div>
<div class="quote-message shrinkable-quote">Did you retain your user's database in the upgrade? It seems that you
<br>have not granted permissions to the release repository to the user
<br>that is attempting to do the deployment.
<br><br>Cheers,
<br>Brett
<br><br>2008/9/27 solo1970 <sonia.lodovichetti@ericsson.com>:
<br>>
<br>> Hello,
<br>>
<br>> I am new to this list and the whole Archiva world, so please be patient...
<br>>
<br>> We've recently upgraded to Archiva 1.1.2 and we are now getting the
<br>> following error when trying to deploy using Maven to the Archiva repository:
<br>>
<br>> ...