I will try some debugging as well on the archiva instance. I think yes you will have to cut an other release. Perso I don't mind you use a new tag (2.2.3) as you prefer. But first find the issue :-)
On 25 April 2017 at 19:01, Martin Stockhammer <[email protected]> wrote: > Yes, you are right. This should be fixed. Currently I don't know why the > host name doesn't match, but will try to reproduce. Had no reverse proxy > environment to check this thoroughly. > But that means I need to create a new version, right? > > Cheers > > Martin > > > > > > > Am 25. April 2017 09:51:06 MESZ schrieb Olivier Lamy <[email protected]>: >> >> Hi >> Yes it's behind a reverse proxy >> logs says >> >> 2017-04-25 07:39:21,524 [qtp1564314458-63] WARN >> org.apache.archiva.redback.rest.services.interceptors.RequestValidationInterceptor >> [] - Referer Header Host does not match refererUrl=https://archiva- >> repository.apache.org/archiva/index.html?request_lang=en, targetUrl= >> http://archiva-repository.apache.org, archiva-repository.apache.org >> >> The security.properties contains >> >> rest.baseUrl=https://archiva-repository.apache.org (I tried with https >> as well) >> >> The referer header has value: https://archiva- >> repository.apache.org/archiva/index.html?request_lang=en >> >> Activating debug: >> >> 2017-04-25 07:49:00,570 [qtp749705282-29] DEBUG >> org.apache.archiva.redback.rest.services.interceptors.RequestValidationInterceptor >> [] - Referer Header URL found: https://archiva-repository. >> apache.org/archiva/index.html?request_lang=en >> >> 2017-04-25 07:49:00,571 [qtp749705282-29] WARN >> org.apache.archiva.redback.rest.services.interceptors.RequestValidationInterceptor >> [] - Referer Header Host does not match refererUrl=https://archiva- >> repository.apache.org/archiva/index.html?request_lang=en, targetUrl= >> http://archiva-repository.apache.org, archiva-repository.apache.org >> >> 2017-04-25 07:49:00,571 [qtp749705282-29] WARN >> org.apache.archiva.redback.rest.services.interceptors.RequestValidationInterceptor >> [] - HTTP Header check failed. Assuming CSRF attack. >> >> >> Well I can disable that but I'd like to not have too many users >> complaining :-) >> >> On 25 April 2017 at 16:54, Martin Stockhammer <[email protected]> >> wrote: >> >>> Hi, >>> >>> It's behind a reverse proxy or something similar? >>> I think it's the request url. It is determined automatically. But you >>> can set a redback configuration property. >>> In security.properties set >>> rest.baseUrl=http://archiva-repository.apache.org >>> >>> Cheers >>> >>> Martin >>> >>> >>> Am 25. April 2017 01:59:29 MESZ schrieb Olivier Lamy <[email protected]>: >>>> >>>> Hi Martin, >>>> Thanks for your effort with the release!! >>>> Works fine locally, all sigs are ok! >>>> I installed the version for https://archiva-repository.apache.org/archiva/ >>>> but I have a problem as cannot log anymore because some REST resources are >>>> marked as 403. >>>> In this particular case: >>>> https://archiva-repository.apache.org/archiva/restServices/archivaServices/commonServices/getAllI18nResources >>>> Any idea? >>>> >>>> On 24 April 2017 at 05:01, Martin <[email protected]> wrote: >>>> >>>> Hi, >>>>> >>>>> I think I now have everything ready and I'd like to release Apache >>>>> Archiva >>>>> 2.2.2 >>>>> >>>>> Note this vote include some parent poms, and redback core. >>>>> >>>>> We fixed these issues: >>>>> https://issues.apache.org/jira/secure/ReleaseNote.jspa? >>>>> projectId=12316920&version=12335832 >>>>> >>>>> The staging repository is available here: >>>>> https://archiva-repository.apache.org/archiva/repository/ >>>>> archiva-releases-stage/ >>>>> >>>>> Dist artifacts here: https://dist.apache.org/repos/dist/dev/archiva/ >>>>> >>>>> Vote open for 72H >>>>> [+1] >>>>> [0] >>>>> [-1] >>>>> >>>>> Greetings >>>>> -- >>>>> Martin Stockhammer >>>> >>>> >>>> >>>> >>>> >>> -- >>> Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet. >>> >> >> >> >> -- >> Olivier Lamy >> http://twitter.com/olamy | http://linkedin.com/in/olamy >> > > -- > Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet. > -- Olivier Lamy http://twitter.com/olamy | http://linkedin.com/in/olamy
