[ 
https://jira.codehaus.org/browse/MNG-5265?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=339929#comment-339929
 ] 

Jason van Zyl commented on MNG-5265:
------------------------------------

Olivier, do you consider this to be closed now?
                
> enforce repository url verification for passing authz
> -----------------------------------------------------
>
>                 Key: MNG-5265
>                 URL: https://jira.codehaus.org/browse/MNG-5265
>             Project: Maven 2 & 3
>          Issue Type: Improvement
>          Components: Settings
>    Affects Versions: 2.0.10, 2.2.1, 3.0.2, 3.0.3, 3.0.4
>            Reporter: Olivier Lamy
>             Fix For: 3.2
>
>
> Related discussion: http://markmail.org/message/7pswshucxc7qwtef
> in your settings you have:
> {code}
>     <server>
>       <username>olamy</username>
>       <password>reallycomplicatedpassword</password>
>       <id>foo.org</id>
>     </server>
> {code}
> During dependencies resolution, you get a pom with a repository.
> {code}
>     <repository>
>       <id>foo.org</id>
>       <url>http://yourpasswordwillbehacked.org/</url>
>     </repository>
> {code}
> Idea id in settings must contains the target hostname.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to