On Mon, Jan 12, 2004 at 11:05:09AM -0500, Jason van Zyl wrote: > On Mon, 2004-01-12 at 08:32, Paul Spencer wrote: > > I have a maven repository that, because of licensing issues, must be > > protected. How can I define setup a maven repository that will require > > a username and password? The solution can use HTTP, HTTPS, SCP, or FTP. > > > > How should the project be setup to connect to the protected repository? > > I added support for Mike Cannon-Brooks for a password protected > repository but I don't think it ever got tested. > > Just looking at the code it looks like I added support for > > http://username:[EMAIL PROTECTED] > > > Paul Spencer > >
I have set up an apache server that requires a certificate from connecting clients (https). Here's a rough guide, what you have to do, if you want to set it up like I did: 1. create a (self-signed) certificate for your CA (certificate authority) 2. create a certificate request for your webserver & sign it with your CA 3. create a certificate request for the client (with JDK keytool) & sign it with your CA 4. make the server accept https only, let in only clients that have a certificate signed by your CA 5. import CA certificate and the signed certificate into your java keystore 6. when calling maven make sure the javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword system properties are set That's about it. You will probably have to read documentation for the Apache Webserver, OpenSSL (for creating/signing certificates) and the keytool (documented on Sun's JDK site). And one more important thing: DO NOT use maven-1.0-rc1 for this. Accessing the remote repository with https does not work with that maven version. Build&use the current CVS HEAD instead. Well. That's how I did it. Edmund --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
