maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eddie Webb (JIRA)" <>
Subject [jira] (SCM-710) Use of encrypted password in pom.xml confiuration is ignored
Date Fri, 11 Jan 2013 15:59:13 GMT


Eddie Webb commented on SCM-710:

I'll try the solution you mentioned and get back to you.  

The reason the latter is so valuable (and I really appreciate you taking a look!!) to us is
that we use many different repos on that host, and leverage profiles to provide different
teams an easy way to connect. (team A must specify -PteamA in order to get the proper credentials
for their repo on the build server)  Using the hostname method bypasses the need for profiles
and would require a globally authorized ID, and does not enforce the level of separation we
> Use of encrypted password in pom.xml confiuration is ignored
> ------------------------------------------------------------
>                 Key: SCM-710
>                 URL:
>             Project: Maven SCM
>          Issue Type: Bug
>            Reporter: Eddie Webb
> THe docs for this plugin say I can use encrypted passwords just like we do for the release
> It does not seem to support the same <>non-hostname-id</>
that the release plugin does, so I included the username and encrypted password directory
in the plugin config.
> {noformat}
> ...
>       <plugin>
>         <groupId>org.apache.maven.plugins</groupId>
>         <artifactId>maven-scm-plugin</artifactId>
>         <version>1.8.1</version>
>         <configuration>
>           <username>username</username>
>           <password>{EncycptedStringGeneratedFromMvnPassword=}</password>
>         </configuration>
>       </plugin>
>     </plugins>
> ...
> {noformat}
> But the SCM fails with authentication issue, and the SVN logs determine that no user
ID is sent.
> If I instead include the hostname as a server ID in settings.xml, or include these values
on the command line, in both cases it invokes a 500 from the application server.
>  mvn scm:checkout -Pforge -Dusername=myuser -Dpassword={EncycptedStringGeneratedFromMvnPassword=}
> svn: Server sent unexpected return value (500 Internal Server Error) in response to OPTIONS
request for https://my-svn
> This 500 can be duplicated in a browser by passing the un-encrypted string {foo=}.
> h3. summary
> regardless of where I place the encruypted password it is either ignored, or not decrypted
before being sent to the webserver.  
> Can you please document an example of how to use the encrypted passwords, or support
the same approach as the release plugin.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message