Details
-
Improvement
-
Resolution: Unresolved
-
Major
-
None
-
3.5.1
-
None
Description
While NEXUS-8306 and NEXUS-12022 cover sending preemptive auth to remote proxy repositories, this issue covers the case for doing this to the HTTP proxy servers configured under HTTP settings in Nexus 3.
Nexus 2, we have no plans to consider this improvement.
The use case is that when the HTTP proxy server is configured with credentials, the credentials are always expected to be needed for a CONNECT request - so Nexus should always send these and not wait for a 407.
While this is a security risk, some people are willing to accept that risk in exchange for less HTTP traffic through their proxy server.
Attachments
Issue Links
- is related to
-
NEXUS-8306 Pre-emptive authentication for remote proxy HTTP requests
-
- Closed
-
-
NEXUS-12022 Allow preemptive authentication for maven proxy repositories
-
- Done
-