At the Maven site the documentation is somwhat hidden, so I'll just describe the process in short and put up a link to the relevant documentation.
How it works
Maven employs a two-step approach to securing your passwords.
The first step to security is to define a master password that is stored separateley from your normal Maven settings.xml file.
This is done by invoking Maven with the following commandline:
mvn -emp [master password]
This yields an ecrypted password that looks like:
{8XfdxChqWiIHuQtHizPd+kawVIzRF1WWmsKmGUbMcLw=}Put the encrypted password in a file named settings-security.xml in your home folder ($HOME/.m2/settings-security.xml)
<settingsSecurity>
<master>{8XfdxChqWiIHuQtHizPd+kawVIzRF1WWmsKmGUbMcLw=}</master>
</settingsSecurity>
After defining your master password you can simply encode your server passwords with
mvn -ep [server password]and put the resulting encoded password in the password-Tag of your server-definitions in settings.xml.
If you are particularly concerned about your passwords you can also store your password on removable media.
This approach is described in detail in the Mini-HowTo at the Apache Maven site (see below for link).
For more information have a look at the original mini HowTo: http://maven.apache.org/guides/mini/guide-encryption.html
No comments:
Post a Comment