You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@archiva.apache.org by "Brett Porter (JIRA)" <ji...@codehaus.org> on 2011/01/21 07:03:58 UTC

[jira] Commented: (MRM-1449) Remote connections for many repos exhausts proxy limits

    [ http://jira.codehaus.org/browse/MRM-1449?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=252303#action_252303 ] 

Brett Porter commented on MRM-1449:
-----------------------------------

interesting feature. We might consider having this both on incoming connections and outgoing proxy connections.

Would you be interested in helping with a patch?

> Remote connections for many repos exhausts proxy limits
> -------------------------------------------------------
>
>                 Key: MRM-1449
>                 URL: http://jira.codehaus.org/browse/MRM-1449
>             Project: Archiva
>          Issue Type: New Feature
>          Components: remote proxy
>            Reporter: Mike R. Haller
>
> Our Archiva installation uses a company-internal caching proxy (ISA Server) to connect to remote repositories.
> When there are many remote repositories and many developers trying to look up artifacts (existing and non-existing artifacts, e.g. often -sources and -javadoc attachments), Archiva is creating many HTTP connections to the remote repositories.
> This leads to a situation where the caching proxy thinks Archiva is creating too many connections. The ISA warning mail even suggests the host computer may be infected with a worm because it creates so many new connections and blocks the host completely for all outgoing HTTP requests.
> The policies for the remote repositories are configured for retrieving "once", "never" or "daily", depending on whether it's releases or snapshots. Caching failures is disabled and i'm trying with enabled failure caching, but it doesn't make much difference and the problem still occurs once in a while.
> I think Archiva should have a configurable way to limit the number of (new) connections made per time unit, e.g. "max 60 connections / minute" to prevent this. It's kind of a potential denial of service vulnerability.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira