[ https://jira.codehaus.org/browse/MPH-86?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=318539#comment-318539
]
Robert Scholte commented on MPH-86:
-----------------------------------
The difference between the {{Settings}} and {{MavenProject}} is that for Settings we know
which fields contain a password. For a pom it is either a property or a configuration-field.
For configuration there might be a solution if a plugin developer could specify which field
values should be hidden. That option is not there and could be quite complex.
For properties I don't see a solution. I don't want to add some magic basic on a naming convention.
The best solution is to use {{<server>}}-entries in the {{settings.xml}}. Both the {{maven-scm-plugin}}
and {{maven-release-plugin}} are capable to get the username+password based on a server id,
so you can even encrypt your password.
> Hide passwords for effective-pom
> --------------------------------
>
> Key: MPH-86
> URL: https://jira.codehaus.org/browse/MPH-86
> Project: Maven 2.x Help Plugin
> Issue Type: Bug
> Affects Versions: 2.1.1
> Environment: Apache Maven 3.0.3 (r1075438; 2011-02-28 18:31:09+0100)
> Maven home: C:\Program Files (x86)\RscApplications\Maven3\bin\..
> Java version: 1.6.0, vendor: IBM Corporation
> Java home: C:\programs\ejbdeploy_base_v7\java\jre
> Default locale: de_DE, platform encoding: Cp1252
> OS name: "windows 7", version: "6.1 build 7601 service pack 1", arch: "x86", family:
"windows"
> Reporter: Stefan Cordes
>
> Executing
> {{mvn help:effective-pom -Doutput=pom-effective.txt}}
> with
> {code:xml}
> <profiles>
> <profile>
> <id>default</id>
> <activation>
> <activeByDefault>true</activeByDefault>
> </activation>
> <properties>
> <maven.scm.username>MyUserId</maven.scm.username>
> <maven.scm.password>MyVerySecretPassword</maven.scm.password>
> </properties>
> </profile>
> </profiles>
> </settings>
> {code}
> in
> {{%userprofile%\.m2\settings.xml}}
> results in an pom-effective.txt
> which contains
> {code:xml}
> <properties>
> <maven.scm.username>MyUserId</maven.scm.username>
> <maven.scm.password>MyVerySecretPassword</maven.scm.password>
> </properties>
> {code}
> As (in our case) the pom-effective.txt should be checked in version control system for
later debug support we strongly need to hide the password analog to
> "MPH-44 Hide passwords for effective-settings":
> {code:xml}
> <properties>
> <maven.scm.username>MyUserId</maven.scm.username>
> <maven.scm.password>***</maven.scm.password>
> </properties>
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
|