I have used this minimalistic proxy service:
http://www.jcgonzalez.com/java-simple-proxy-socket-server-examples#1
and just added a "System.out.println("read: " + new String(request));" after the "outToServer.flush();"
then in my settings.xml I point the mirror to localhost instead of the real Nexus Repository service, and I start my proxy pointing to Nexus and listening on port 80. This way, I can intercept all http request issued by Maven.
The result is quite simple:
Starting proxy for nexus-java:80 on port 80
read: GET /content/repositories/approved-from-central/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.pom HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.3.9 (Java 1.8.0_102; Windows 7 6.1)
Host: localhost
Connection: Keep-Alive
read: GET /content/repositories/approved-from-central/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.pom.sha1 HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.3.9 (Java 1.8.0_102; Windows 7 6.1)
Host: localhost
Connection: Keep-Alive
read: GET /content/repositories/approved-from-central/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.jar HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.3.9 (Java 1.8.0_102; Windows 7 6.1)
Host: localhost
Connection: Keep-Alive
read: GET /content/repositories/approved-from-central/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.jar.sha1 HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.3.9 (Java 1.8.0_102; Windows 7 6.1)
Host: localhost
Connection: Keep-Alive
read: GET /content/repositories/approved-from-central/commons-lang/commons-lang/2.1/commons-lang-2.1.pom HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.3.9 (Java 1.8.0_102; Windows 7 6.1)
Host: localhost
Connection: Keep-Alive
read: GET /content/repositories/approved-from-central/commons-lang/commons-lang/2.1/commons-lang-2.1.pom.sha1 HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.3.9 (Java 1.8.0_102; Windows 7 6.1)
Host: localhost
Connection: Keep-Alive
read: GET /content/repositories/approved-from-central/commons-lang/commons-lang/2.1/commons-lang-2.1.jar HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.3.9 (Java 1.8.0_102; Windows 7 6.1)
Host: localhost
Connection: Keep-Alive
read: GET /content/repositories/approved-from-central/commons-lang/commons-lang/2.1/commons-lang-2.1.jar.sha1 HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.3.9 (Java 1.8.0_102; Windows 7 6.1)
Host: localhost
Connection: Keep-Alive
so it's extremely easy to parse the GET command and implement a firewall/filter to block components that you know are harmful.
Tuesday, October 31, 2017
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment