[
http://jira.codehaus.org/browse/MANT-62?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Paul Gier moved MANTRUN-134 to MANT-62:
---------------------------------------
Affects Version/s: (was: 1.4)
(was: 1.3)
(was: 1.2)
(was: 1.1)
(was: 1.0)
Key: MANT-62 (was: MANTRUN-134)
Project: Maven 2.x Ant Plugin (was: Maven 2.x Antrun Plugin)
> Prevent passwords (or any 'secret' data) to go into maven-build.properties
> --------------------------------------------------------------------------
>
> Key: MANT-62
> URL: http://jira.codehaus.org/browse/MANT-62
> Project: Maven 2.x Ant Plugin
> Issue Type: Wish
> Environment: NA
> (FYI: eclipse, maven 2, windows)
> Reporter: Etienne
>
> Hi,
> I'm the main developper of jupload, an open-source project hosted on
> sourceforge. (FYI: an applet, which helps sending files to the server).
> This applet needs to be signed, thus I need to store on the local
> configuration two properties: the file containing the keystore, and its
> password. In my case, these properties are stored in a specific profilen
> named 'jupload', in the settings.xml.
> These properties must remain secret.
> I currently want to use your (nice!) ant plugin, to allow non mavenized
> users to work on the applet.
> But ...
> ... when using the ant:ant goal, all available properties are stored into the
> maven-build.properties file. So I must be careful, not to through my keystore
> password away.
> So, my wish is: have a way to hide 'secret' properties.
> I see several way to do this, without knowing what is feasible:
> 1) Prevent the ant:ant goal to capture properties. These properties could be
> managed like the build.xml file: have a maven-build.properties (with maven
> and project properties), and another properties file. This last file would be
> created once, like the build.properties, and would be overriden only with a
> specific configuration parameter, like the build.xml file.
> 2) Disallow the profile 'jupload', which contain the password. Would be the
> better, as it would also work if I create additionnaly properties there.
> 3) Allow to undefine properties. A message could be add into the
> maven-build.properties, to list the properties that must be defined locally,
> as an ant property for instance.
> 4) Have a way to filter properties, based on their name or by a regular
> expression (like jupload.* for instance)
> Etienne
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
