geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <j...@apache.org>
Subject [jira] Commented: (GERONIMO-3969) maven2 module goals should use standard server definitions.
Date Sun, 20 Apr 2008 05:52:21 GMT

    [ https://issues.apache.org/jira/browse/GERONIMO-3969?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12590742#action_12590742
] 

David Jencks commented on GERONIMO-3969:
----------------------------------------

Could you explain how this is relevant to the car-maven-plugin?

I'm not entirely clear on what configuration you are objecting to, an example would have clarified
substantially.
For the geronimo-maven-plugin, I haven't looked at the configuration recently, but imagine
it has something like
<configuration>
<userName>system</userName>
<password>manager</password>
</configuration>

(an example where the values are hardcoded)

Normally, maven doesn't provide any automatic way of setting these values from elsewhere,
but the normal way to set up configuration with such settings is like this:
<configuration>
<userName>${geronimo.user}</userName>
<password>${geronimo.password}</password>
</configuration>

and you can then define the substitution variables in your settings.xml file in an appropriate
profile.

Does this not work here?  If so, can you provide more details of what goes wrong?



> maven2 module goals should use standard server definitions.
> -----------------------------------------------------------
>
>                 Key: GERONIMO-3969
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-3969
>             Project: Geronimo
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: car-maven-plugin, geronimo-maven-plugin
>    Affects Versions: 2.1
>         Environment: Geronimo 2.1
>            Reporter: Brill Pappin
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> The maven 2 geronimo plugins should be using the server definitions that are usually
entered in the settings.xml file.
> However it appears that I have to add the administrators username and password to the
plugin definition, which in turn means that some highly secured information will get checked
into source control.
> If it does userthe server definitions, then that fact is not documented on the plugin
site (that I could find). located at: http://geronimo.apache.org/maven/server/maven-plugins/geronimo-maven-plugin/plugin-info.html
> I hesitate to call this a bug because it may still work, but its darn close because of
the security implications (in my case it makes it unusable).

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message