[jira] (SCM-710) Use of encrypted password in pom.xml confiuration is ignored

Thu, 10 Jan 2013 13:54:38 -0800 

    [ 
https://jira.codehaus.org/browse/SCM-710?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=317126#comment-317126
 ] 

Robert Scholte commented on SCM-710:
------------------------------------

Have you followed the instructions of 
http://maven.apache.org/guides/mini/guide-encryption.html ?
Be sure you have a {{settings-security.xml}} with an encrypted master-password.
                
> Use of encrypted password in pom.xml confiuration is ignored
> ------------------------------------------------------------
>
>                 Key: SCM-710
>                 URL: https://jira.codehaus.org/browse/SCM-710
>             Project: Maven SCM
>          Issue Type: Bug
>            Reporter: Eddie Webb
>
> THe docs for this plugin say I can use encrypted passwords just like we do 
> for the release plugin.
> It does not seem to support the same 
> <project.scm.id>non-hostname-id</project.scm.id> that the release plugin 
> does, so I included the username and encrypted password directory in the 
> plugin config.
> {noformat}
> ...
>       <plugin>
>         <groupId>org.apache.maven.plugins</groupId>
>         <artifactId>maven-scm-plugin</artifactId>
>         <version>1.8.1</version>
>         <configuration>
>           <username>username</username>
>           <password>{EncycptedStringGeneratedFromMvnPassword=}</password>
>         </configuration>
>       </plugin>
>     </plugins>
> ...
> {noformat}
> But the SCM fails with authentication issue, and the SVN logs determine that 
> no user ID is sent.
> If I instead include the hostname as a server ID in settings.xml, or include 
> these values on the command line, in both cases it invokes a 500 from the 
> application server.
>  mvn scm:checkout -Pforge -Dusername=myuser 
> -Dpassword={EncycptedStringGeneratedFromMvnPassword=}
> svn: Server sent unexpected return value (500 Internal Server Error) in 
> response to OPTIONS request for https://my-svn
> This 500 can be duplicated in a browser by passing the un-encrypted string 
> {foo=}.
> h3. summary
> regardless of where I place the encruypted password it is either ignored, or 
> not decrypted before being sent to the webserver.  
> Can you please document an example of how to use the encrypted passwords, or 
> support the same approach as the release plugin.
> http://jira.codehaus.org/browse/MRELEASE-420

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to