[
https://issues.apache.org/jira/browse/MANT-62?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov closed MANT-62.
------------------------------
Resolution: Auto Closed
This issue has been auto closed because it has been inactive for a long period
of time. If you think this issue still applies, retest your problem with the
most recent version of Maven and the affected component, reopen and post your
results.
> Prevent passwords (or any 'secret' data) to go into maven-build.properties
> --------------------------------------------------------------------------
>
> Key: MANT-62
> URL: https://issues.apache.org/jira/browse/MANT-62
> Project: Maven Ant Plugin
> Issue Type: Wish
> Environment: NA
> (FYI: eclipse, maven 2, windows)
> Reporter: etienne_sf
>
> Hi,
> I'm the main developper of jupload, an open-source project hosted on
> sourceforge. (FYI: an applet, which helps sending files to the server).
> This applet needs to be signed, thus I need to store on the local
> configuration two properties: the file containing the keystore, and its
> password. In my case, these properties are stored in a specific profilen
> named 'jupload', in the settings.xml.
> These properties must remain secret.
> I currently want to use your (nice!) ant plugin, to allow non mavenized
> users to work on the applet.
> But ...
> ... when using the ant:ant goal, all available properties are stored into the
> maven-build.properties file. So I must be careful, not to through my keystore
> password away.
> So, my wish is: have a way to hide 'secret' properties.
> I see several way to do this, without knowing what is feasible:
> 1) Prevent the ant:ant goal to capture properties. These properties could be
> managed like the build.xml file: have a maven-build.properties (with maven
> and project properties), and another properties file. This last file would be
> created once, like the build.properties, and would be overriden only with a
> specific configuration parameter, like the build.xml file.
> 2) Disallow the profile 'jupload', which contain the password. Would be the
> better, as it would also work if I create additionnaly properties there.
> 3) Allow to undefine properties. A message could be add into the
> maven-build.properties, to list the properties that must be defined locally,
> as an ant property for instance.
> 4) Have a way to filter properties, based on their name or by a regular
> expression (like jupload.* for instance)
> Etienne
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
