maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anders Hammar (JIRA)" <j...@codehaus.org>
Subject [jira] Commented: (MNG-4602) Allow pluggable authentication (using JAAS ?) so that the username and password to connect to a deployment repository can be generated by a Single Sign On-enabled client
Date Wed, 09 Feb 2011 13:08:22 GMT

    [ http://jira.codehaus.org/browse/MNG-4602?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=255428#action_255428
] 

Anders Hammar commented on MNG-4602:
------------------------------------

I believe it could take a while until the m-deploy-plugin uses the Aether API directly, as
that would make it incompatible with Maven 2.x. However, you should create a ticket on that
plugin to increase the likelihood. Maybe there could be a 3.x branch in the same manner as
one exists for m-site-plugin.

> Allow pluggable authentication (using JAAS ?) so that the username and password to connect
to a deployment repository can be generated by a Single Sign On-enabled client
> -------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: MNG-4602
>                 URL: http://jira.codehaus.org/browse/MNG-4602
>             Project: Maven 2 & 3
>          Issue Type: New Feature
>          Components: Artifacts and Repositories, Settings
>            Reporter: David Boden
>            Priority: Minor
>         Attachments: wagon.patch
>
>
> The username and password used to authenticate with the remote repository during deployment
are stored in the user's settings.xml under the <servers/> structure. This structure
allows a username and password to be specified, or for a .ssh private key to be specified.
> It does not allow for pluggable single sign on, where a Java module (perhaps a JAAS LoginModule)
is available on the client to generate a token in place of a password. Many corporates use
this technique for other web applications, generating an LDAP token from the user's PC and
verifying it against an LDAP server on the server side. It adds security by removing the need
to pass the user's password over the wire.
> This Jira is a request for a pluggable entry point for this single sign on module, perhaps
by specifying a class name in the <server/> structure or by setting a system property.
The solution could either define a new interface which Authentication Providers must implement
or can use existing interfaces from JAAS, (Http) Authenticator or other frameworks.
> Please feel free to move this item to the "Maven Wagon" component if you feel that's
the best place to implement the feature. Alternatively, please also feel free to move to the
generic "Maven 2&3" component if you think that the feature has wider scope than just
deployment; perhaps to also authenticate using Single Sign On with an internal company's repository
when *downloading* artifacts (as well as uploading).

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message