Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
3.0-alpha-4
-
None
Description
When we introduced MNG-553, the passwords were only decrypted at the transport layer and the Settings instance kept in memory was kept encrypted. E.g. to save plugins from accidentally dumping the plain text passwords on the console or such.
This does currently not hold for 3.0-alpha-4 as org.apache.maven.plugin:maven-help-plugin:2.0:effective-settings shows.
Attachments
Issue Links
- is related to
-
MNG-553 Secure Storage of Server Passwords
- Closed