Details
-
Story
-
Resolution: Fixed
-
Major
-
3.0.0
-
4
Description
Background
Preemptive auth in general is bad (this is why clients like Maven does not do them by default). Still, there are valid user cases when it would be perfectly acceptable to have proxy repository outbound requests which are known to require authentication to use pre-emptive auth.
- the remote is a known internal endpoint that is implicitly trusted
- the remote is known to ALWAYS require auth, instead of for just some URLs
- the connection is over a https connection
- bandwidth needs to be conserved, this type of auth only sends one request with credentials instead of sending two,
- Load (network, disk, CPU) can be reduced
- outbound request logging is reduced ( 1 instead of 2)
- latency to resolve the incoming request is reduced
Acceptance
- Admins have a way of enabling pre-emptive authentication for maven proxy repositories
- Pre-emptive auth requires an HTTPS remote URL; this is enforced by validation for both UI and REST repo definition/configuration
Attachments
Issue Links
- is depended on by
-
-
- Done
-
- is duplicated by
-
NEXUS-9025 Proxy NPM Repository does not send authentication upstream
-
- Closed
-
-
NEXUS-9360 Use preemptive authentication while communicate with authenticated proxy
-
- Closed
-
- is related to
-
-
- Closed
-
- relates
-
-
- New
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- New
-
-
-
- New
-
- mentioned in
-
Page Loading...
