There is no support for accessing maven repositories that require authentication apart from the plugin repositories which can be added manually by editing plugin-repositories.properties. We should add something like that or enhance parsing out basic authentication from the url (http/s://user:password@rest_of_url).
This should be done in a place where everyone will benefit (command-line parameters, the car-maven-plugin, etc).
I found a todo in the org.apache.geronimo.deployment.cli.CommandListConfigurations class....
//todo: provide a way to handle a username and password for the remote repo?