Thanks all, I will investigate!
On Mon, Jun 24, 2019 at 10:12 PM Romain Manni-Bucau <[email protected]>
wrote:
> Here is what i'm using:
>
> @Parameter(property = "myplugin.repository")
> private String repository;
>
> @Parameter(defaultValue = "${session}", readonly = true)
> private MavenSession session;
>
> @Component
> private SettingsDecrypter settingsDecrypter;
>
> void someMethod() {
> Server credentials =
> session.getSettings().getServer(repository);
> if (credentials != null) {
> credentials =
> ofNullable(settingsDecrypter.decrypt(new
> DefaultSettingsDecryptionRequest(credentials)))
>
> .map(SettingsDecryptionResult::getServer) // can be null if it does not
> need decryption
> .orElse(credentials);
> }
> }
>
> Romain Manni-Bucau
> @rmannibucau <https://twitter.com/rmannibucau> | Blog
> <https://rmannibucau.metawerx.net/> | Old Blog
> <http://rmannibucau.wordpress.com> | Github <
> https://github.com/rmannibucau> |
> LinkedIn <https://www.linkedin.com/in/rmannibucau> | Book
> <
> https://www.packtpub.com/application-development/java-ee-8-high-performance
> >
>
>
> Le lun. 24 juin 2019 à 12:34, Martin Gainty <[email protected]> a écrit
> :
>
> > <server>
> > <id>server001</id>
> > <username>my_login</username>
> > <password>my_password</password>
> > <privateKey>${user.home}/.ssh/id_dsa</privateKey>
> > <passphrase>some_passphrase</passphrase>
> > <filePermissions>664</filePermissions>
> > <directoryPermissions>775</directoryPermissions>
> > <configuration></configuration>
> > </server>
> >
> > from ${MAVEN_HOME}/conf/settings.xml
> >
> >
> >
> https://maven.apache.org/ref/3.3.9/maven-settings-builder/apidocs/org/apache/maven/settings/crypto/SettingsDecryptionRequest.html#setServers(java.util.List)
> >
> > so your
> > org.apache.maven.settings.crypto.SettingsDecryptionRequest.setServers
> needs
> > to gather up
> > the list of server ids from {MAVEN_HOME}/conf/settings.xml
> >
> > not so clear as javadoc is missing from maven-settings-builder
> > site..romain can you post this info on
> > http://maven.apache.org/ref/3.6.1/maven-settings-builder/
> >
> > ?
> > thanks
> >
> > ________________________________
> > From: Romain Manni-Bucau <[email protected]>
> > Sent: Monday, June 24, 2019 1:11 AM
> > To: Maven Developers List
> > Subject: Re: Maven Security, @Component and MNG-4384
> >
> > Hi
> >
> > Did you have a look to
> org.apache.maven.settings.crypto.SettingsDecrypter?
> >
> > It can be injected as a component then you can call decrypt on it
> passing a
> > request to the method. You get a new null server if it is not encrypted
> or
> > the new server with everything in clear.
> >
> > Would that work better for you?
> >
> > Romain
> >
> > Le lun. 24 juin 2019 à 03:31, Chris Graham <[email protected]> a
> écrit
> > :
> >
> > > Hi everyone,
> > >
> > > I need to add the ability to load users, passwords etc in a 3rd party
> > > plugin.
> > >
> > > It currently requires a userid and password in the <configuration>
> > section
> > > of the pom (ugh), ideally, I'd like to look them up from the <servers>
> > > section of settings.xml, and even better yet, make use of being able to
> > > decrypt passwords.
> > >
> > > So I did what we all do, and go and look to see what has been done
> > before,
> > > and I came across this:
> > >
> > >
> > >
> >
> /maven-scm/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/AbstractScmMojo.java:
> > >
> > > /**
> > > * When this plugin requires Maven 3.0 as minimum, this component
> can
> > > be removed and o.a.m.s.c.SettingsDecrypter be
> > > * used instead.
> > > */
> > > @Component( hint = "mng-4384" )
> > > private SecDispatcher secDispatcher;
> > >
> > > and:
> > >
> > >
> > >
> >
> /maven-scm/maven-scm-plugin/src/main/resources/META-INF/plexus/components.xml:
> > >
> > > <component-set>
> > > <components>
> > > <component>
> > >
> > >
> <role>org.sonatype.plexus.components.sec.dispatcher.SecDispatcher</role>
> > > <role-hint>mng-4384</role-hint>
> > >
> > >
> > >
> >
> <implementation>org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher</implementation>
> > > <requirements>
> > > <requirement>
> > >
> <role>org.sonatype.plexus.components.cipher.PlexusCipher</role>
> > > <role-hint>mng-4384</role-hint>
> > > <field-name>_cipher</field-name>
> > > </requirement>
> > > </requirements>
> > > <configuration>
> > >
> > > <_configuration-file>~/.m2/settings-security.xml</_configuration-file>
> > > </configuration>
> > > </component>
> > > <component>
> > > <role>org.sonatype.plexus.components.cipher.PlexusCipher</role>
> > > <role-hint>mng-4384</role-hint>
> > >
> > >
> > >
> >
> <implementation>org.sonatype.plexus.components.cipher.DefaultPlexusCipher</implementation>
> > > </component>
> > > </components>
> > > </component-set>
> > >
> > > So, I'm left with the question, what is the current, correct way of
> > > accessing userids, passwords (encrypted or not)?
> > >
> > > I could simply, copy the same approach, but I'd prefer not too, as
> it's a
> > > good opportunity 'to do it right'.
> > >
> > > Any suggestions?
> > >
> > > Would we then consider updating the existing maven plugins to support
> > this?
> > >
> > > @Stephen, sounds like a good idea for a blog entry? ;)
> > >
> >
>
