On 28/01/2009, at 5:48 AM, Oleg Gusakov wrote:
After a long and interesting discussion last August (http://docs.codehaus.org/display/MAVEN/Secured+Passwords
) and several meetings with users, I felt it's overdue to do the
actual implementation.
I massaged my old, vintage 2007 code and put it into 2.1.x trunk.
Great! Been much anticipated :)
* user encrypts a master password with CLI and stores it in ~/.m2/
sec.xml
** there is an option to store it on a removable drive and reference
that from ~/.m2/sec.xml
Any reason not to use a new field in settings.xml? I think 2.1.x can
be capable of updating the model version.
* user encrypts server password with CLI ans stores it in settings.xml
* Maven decrypts the password in memory and everything works like it
was before
** help:effective-settings (tested) and other tools (did not test
though) still show encrypted passwords
Sounds good. BTW, how is the encryption key configured?
What's left before this is releasable as part of 2.1.x?
Cheers,
Brett
--
Brett Porter
[email protected]
http://blogs.exist.com/bporter/
