maven-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Evgeny Goldin <>
Subject Re: How can I eliminate these embedded username and password entries?
Date Tue, 22 May 2012 23:36:12 GMT

Artifactory passwords stored in "settings.xml" can be further secured by
switching to encrypted passwords:

On Wed, May 23, 2012 at 1:30 AM, Barrie Treloar <> wrote:

> On Wed, May 23, 2012 at 8:26 AM,  <> wrote:
> > Thanks for your quick reply.
> >
> > There are other processes that deploy those resources to our artifactory
> server. I'm okay with them being there, but want to eliminate the need to
> embed that login info.
> >
> > That info has to be in the settings.xml file, in the <server> sections,
> so that they can deploy to artifactory. Can I also define these properties
> in the settings file and have the POMs inherit them? Then the POMs would
> have the info they need, but I can keep the login info restricted to the
> one settings file.
> Someone else has also suggested a different way of obtaining those
> resources.
> But to answer your question, separating this into two parts "deploy"
> and "access" means, as you have said, the deploy bit can be in
> settings.xml server sections and the access bit in the pom.
> So the question is why do the values in the pom need credentials?
> Get rid of that requirements and your problem is solved.
> For future reference, when you want replaceable property values they
> go in profiles in your setttings.xml, see
> Be very wary of creating a build process that is not repeatable.
> Profiles have been abused many times before.
> Barrie
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message