On Tue, Apr 5, 2011 at 2:37 AM, sebb <seb...@gmail.com> wrote: > On 5 April 2011 09:32, Jochen Wiedmann <jochen.wiedm...@gmail.com> wrote: >> On Tue, Apr 5, 2011 at 10:22 AM, Henri Yandell <flame...@gmail.com> wrote: >> >>> [Side note; this is insane: >>> http://maven.apache.org/guides/mini/guide-encryption.html - I vomit >>> every time it's implied I should put passwords in the Maven settings >>> file] >> >> Totally agreed! > > There are a couple of ways around that. > > 1) Use settings-security.xml <relocation> to store the real > settings-security.xml on a removable device.
Vomiting more :) At least I know when I physically lose my laptop. The docs also need to be pushing "encrypted removable device" more. It's taken as read that people will do that. > 2) It would be nice if Maven supported a keyserver of some kind (cf. > Pageant for Putty), but it does not. However one can use the > <relocation> element to point to a server that returns the passwords. > I wrote a Java app that acts as a simple keyserver; of course that > needs its own password. > > If the device is not present, or the server is not running, you get a > warning message when starting Maven builds. > [When using the keyserver I normally give it a dummy password, as that > avoids the time delay when Maven looks for the server; however one > still gets warnings] Entering at the command line is fine for me. :) Hen --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
