Author: buildbot Date: Mon Apr 4 18:16:48 2016 New Revision: 984714 Log: Staging update by buildbot for maven
Modified: websites/staging/maven/trunk/content/ (props changed) websites/staging/maven/trunk/content/guides/mini/guide-encryption.html websites/staging/maven/trunk/content/maven-site-1.0-site.jar Propchange: websites/staging/maven/trunk/content/ ------------------------------------------------------------------------------ --- cms:source-revision (original) +++ cms:source-revision Mon Apr 4 18:16:48 2016 @@ -1 +1 @@ -1737711 +1737714 Modified: websites/staging/maven/trunk/content/guides/mini/guide-encryption.html ============================================================================== --- websites/staging/maven/trunk/content/guides/mini/guide-encryption.html (original) +++ websites/staging/maven/trunk/content/guides/mini/guide-encryption.html Mon Apr 4 18:16:48 2016 @@ -471,7 +471,7 @@ Robert Scholte" /> <h3><a name="How_to_create_a_master_password">How to create a master password</a></h3> <p>Use the following command line:</p> <div class="source"><pre class="prettyprint linenums">mvn --encrypt-master-password <password></pre></div> -<p><i>Note:</i> Since Maven 3.2.1 the password is an optional argument. If not provided, Maven will prompt for the password. Earlier versions of Maven will not prompt for a password, so it must be typed on the command-line in plaintext. See <a href="#Tips">Tips</a> below for more information.</p> +<p><i>Note:</i> Since Maven 3.2.1 the password argument should no longer be used (see <a href="#Tips">Tips</a> below for more information). Maven will prompt for the password. Earlier versions of Maven will not prompt for a password, so it must be typed on the command-line in plaintext.</p> <p>This command will produce an encrypted version of the password, something like</p> <div class="source"><pre class="prettyprint linenums">{jSMOWnoPFgsHVpMvz5VrIt5kRbzGpI8u+9EF1iFQyJQ=}</pre></div> <p>Store this password in the <tt>~/.m2/settings-security.xml</tt>; it should look like</p> @@ -483,7 +483,7 @@ Robert Scholte" /> <h3><a name="How_to_encrypt_server_passwords">How to encrypt server passwords</a></h3> <p>You will have to use the following command line:</p> <div class="source"><pre class="prettyprint linenums">mvn --encrypt-password <password></pre></div> -<p><i>Note:</i>Just like <tt>--encrypt-master-password</tt> the password argument is optional since Maven 3.2.1.</p> +<p><i>Note:</i>Just like <tt>--encrypt-master-password</tt> the password argument should no longer be used since Maven 3.2.1 (see <a href="#Tips">Tips below for more information.</a>).</p> <p>This command will produce an encrypted version of it, something like</p> <div class="source"><pre class="prettyprint linenums">{COQLCE6DU6GtcS5P=}</pre></div> <p>Cut-n-paste it into your <tt>settings.xml</tt> file in the server section. This will look like:</p> @@ -556,9 +556,9 @@ Robert Scholte" /> <p>If you are on a linux/unix platform you should use single quotes for the above master password otherwise you will be astonished that the usage of the master-password will not work (caused by the dollar sign and furthermore the exclamation mark).</p></div> <div class="section"> <h4><a name="Prompting_for_Password"></a>Prompting for Password</h4> -<p>In Maven before version 3.2.1 you have to give the password on command line which means you might need to escape your password etc. and might cause problems related to the history funcitonality of your command line processor.</p> -<p>Starting with Maven 3.2.1 the password is an optional argument which means if you omit the password you will be prompted for the password which can prevent many problems with escaping the password and history issues as well. </p> -<p>So we strongly recomment to use Maven 3.2.1 and above to prevent problems with escaping special characters and of course security issues related to bash history or environment issues in relationship with the password.</p></div></div></div> +<p>In Maven before version 3.2.1 you have to give the password on command line as argument which means you might need to escape your password. In addition usually the shell stores the full history of commands you have entered, therefore anyone with access to your computer could restore the password from the shell`s history.</p> +<p>Starting with Maven 3.2.1 the password is an optional argument which means if you omit the password you will be prompted for it which prevents all the issues mentioned above.</p> +<p>Therefore we strongly recommend to use Maven 3.2.1 and above to prevent problems with escaping special characters and of course security issues related to bash history or environment issues in relationship with the password.</p></div></div></div> </div> </div> </div> Modified: websites/staging/maven/trunk/content/maven-site-1.0-site.jar ============================================================================== Binary files - no diff available.