Maven
  1. Maven
  2. MNG-5269

settings.xml's password overridden when downloading dependencies

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Incomplete
    • Affects Version/s: 2.2.1
    • Fix Version/s: None
    • Component/s: Dependencies
    • Labels:
      None

      Description

      I wrote a plugin that access the Settings object. That object is instantiated by maven, and contains the merge of all settings available (M2_HOME/conf/settings.xml, ~/.m2/settings.xml and "-s settings.xml").
      with my plugin, I look after my corporate encoded passwords, decode them, and update the Settings object with the decoded value.
      I linked my plugin with initialize, generate-resources and process-resources phases. My debug shows me that at the very first phase (initialize), the Settings object is well updated (password decrypted using our corporate tool), and the two next phases show the correctly updated Settings object - having the passwords decrypted.

      However, when maven goes for downloading dependencies, it fails because maven takes the encrypted version of the password. IMHO, I think that maven reads again the settings.xml file, whether it should use the Settings object.

        Activity

          People

          • Assignee:
            Unassigned
            Reporter:
            xavier l
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development