Details
-
Improvement
-
Resolution: Fixed
-
Major
-
12.10
-
None
Description
When configuring a Maven repository, it is usually possible to set specific HTTP headers used when communicating with these repositories. Below is an example of configuration :
<server>
<id>MY_REPOSITORY_ID</id>
<configuration>
<httpHeaders>
<property>
<name>MY_HEADER<name>
<value>MY_HEADER_VALUE</value>
</property>
</httpHeaders>
</configuration>
</server>
These headers can be used to authenticate against the repository as a replacement to the more standard HTTP Basic authentication used by default for Maven repositories. Even though the use of basic authentication seems still widespread, some other actors seem to start providing alternative ways to authenticate through repositories. Sending a custom HTTP header is one of these alternative ways, and it's especially used in GitLab, when trying to access the artifact registry associated with a specific project [1].
As XWiki is already capable of fetching and installing some extensions once it has access to a Maven repository, it would be nice to actually add support for that mechanism (that is, configuring custom HTTP headers on a specific repository), so that XWiki could potentially connect to GitLab-managed Maven repositories, or maybe any other repository that is secured using a similar authentication mechanism.
The proposal would then be to provide a configuration like this one :
extension.repositories.MY_REPOSITORY_ID.httpHeaders.MY_HEADER_NAME=MY_HEADER_VALUE
… that should then be forwarded to the RepositorySystemSession upon creation of the repository.
[1] See https://docs.gitlab.com/ee/user/packages/maven_repository/index.html for more information
Attachments
Issue Links
- is related to
-
-
- Open
-
- relates to
-
XCOMMONS-2237 It is not possible to install a XAR extension directly from a Maven repository accessible through custom HTTP headers
-
- Open
-