Author: bentmann
Date: Wed Feb 9 23:00:06 2011
New Revision: 1069164
URL: http://svn.apache.org/viewvc?rev=1069164&view=rev
Log:
[SCM-495] Support for encrypted passwords in settings.xml
Added:
maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/SettingsDecrypter.java
(with props)
maven/scm/trunk/maven-scm-plugin/src/main/resources/
maven/scm/trunk/maven-scm-plugin/src/main/resources/META-INF/
maven/scm/trunk/maven-scm-plugin/src/main/resources/META-INF/plexus/
maven/scm/trunk/maven-scm-plugin/src/main/resources/META-INF/plexus/components.xml
(with props)
maven/scm/trunk/maven-scm-plugin/src/test/resources/mojos/checkout/checkoutEncryptedPasswordFromSettings.xml
(with props)
maven/scm/trunk/maven-scm-plugin/src/test/resources/settings-security.xml
(with props)
Modified:
maven/scm/trunk/maven-scm-plugin/pom.xml
maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/AbstractScmMojo.java
maven/scm/trunk/maven-scm-plugin/src/site/apt/examples/bootstrapping-with-pom.apt.vm
maven/scm/trunk/maven-scm-plugin/src/test/java/org/apache/maven/scm/plugin/CheckoutMojoTest.java
Modified: maven/scm/trunk/maven-scm-plugin/pom.xml
URL:
http://svn.apache.org/viewvc/maven/scm/trunk/maven-scm-plugin/pom.xml?rev=1069164&r1=1069163&r2=1069164&view=diff
==============================================================================
--- maven/scm/trunk/maven-scm-plugin/pom.xml (original)
+++ maven/scm/trunk/maven-scm-plugin/pom.xml Wed Feb 9 23:00:06 2011
@@ -118,7 +118,12 @@
<artifactId>file-management</artifactId>
<version>1.2.1</version>
</dependency>
-
+
+ <dependency>
+ <groupId>org.sonatype.plexus</groupId>
+ <artifactId>plexus-sec-dispatcher</artifactId>
+ <version>1.3</version>
+ </dependency>
<!-- Test -->
<dependency>
@@ -142,7 +147,6 @@
</dependencies>
<build>
-
<pluginManagement>
<plugins>
<plugin>
@@ -168,8 +172,53 @@
<stagingSiteURL>scp://people.apache.org/www/maven.apache.org/scm/maven-scm-plugin-${project.version}</stagingSiteURL>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <systemProperties>
+ <property>
+ <name>settings.security</name>
+
<value>${project.build.testOutputDirectory}/settings-security.xml</value>
+ </property>
+ </systemProperties>
+ </configuration>
+ </plugin>
</plugins>
</pluginManagement>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-shade-plugin</artifactId>
+ <version>1.4</version>
+ <executions>
+ <!-- workaround for MNG-4384, we include our own private copy of the
component and avoid interferences with the Maven core -->
+ <execution>
+ <phase>package</phase>
+ <goals>
+ <goal>shade</goal>
+ </goals>
+ <configuration>
+ <createDependencyReducedPom>false</createDependencyReducedPom>
+ <artifactSet>
+ <includes>
+ <include>org.sonatype.plexus:*</include>
+ </includes>
+ </artifactSet>
+ <relocations>
+ <relocation>
+ <pattern>org.sonatype.plexus</pattern>
+
<shadedPattern>org.apache.maven.scm.org.sonatype.plexus</shadedPattern>
+ </relocation>
+ </relocations>
+ <transformers>
+ <transformer
implementation="org.apache.maven.plugins.shade.resource.ComponentsXmlResourceTransformer"/>
+ </transformers>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
</build>
<profiles>
Modified:
maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/AbstractScmMojo.java
URL:
http://svn.apache.org/viewvc/maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/AbstractScmMojo.java?rev=1069164&r1=1069163&r2=1069164&view=diff
==============================================================================
---
maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/AbstractScmMojo.java
(original)
+++
maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/AbstractScmMojo.java
Wed Feb 9 23:00:06 2011
@@ -142,6 +142,11 @@ public abstract class AbstractScmMojo
private ScmManager manager;
/**
+ * @component
+ */
+ private SettingsDecrypter decryptor;
+
+ /**
* The base directory.
*
* @parameter expression="${basedir}"
@@ -384,7 +389,7 @@ public abstract class AbstractScmMojo
if ( password == null )
{
- password = server.getPassword();
+ password = decryptor.decrypt( server.getPassword(), host );
}
if ( privateKey == null )
@@ -394,7 +399,7 @@ public abstract class AbstractScmMojo
if ( passphrase == null )
{
- passphrase = server.getPassphrase();
+ passphrase = decryptor.decrypt( server.getPassphrase(),
host );
}
}
}
Added:
maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/SettingsDecrypter.java
URL:
http://svn.apache.org/viewvc/maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/SettingsDecrypter.java?rev=1069164&view=auto
==============================================================================
---
maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/SettingsDecrypter.java
(added)
+++
maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/SettingsDecrypter.java
Wed Feb 9 23:00:06 2011
@@ -0,0 +1,49 @@
+package org.apache.maven.scm.plugin;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.codehaus.plexus.logging.AbstractLogEnabled;
+import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
+import org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException;
+
+/**
+ * When this plugin requires Maven 3.0 as minimum, this class can be removed
and o.a.m.s.c.SettingsDecrypter be used
+ * instead.
+ */
+public class SettingsDecrypter
+ extends AbstractLogEnabled
+{
+
+ private SecDispatcher secDispatcher;
+
+ public String decrypt( String str, String server )
+ {
+ try
+ {
+ return secDispatcher.decrypt( str );
+ }
+ catch ( SecDispatcherException e )
+ {
+ getLogger().warn( "Failed to decrypt password/passphrase for
server " + server + ", using auth token as is" );
+ return str;
+ }
+ }
+
+}
Propchange:
maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/SettingsDecrypter.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
maven/scm/trunk/maven-scm-plugin/src/main/java/org/apache/maven/scm/plugin/SettingsDecrypter.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added:
maven/scm/trunk/maven-scm-plugin/src/main/resources/META-INF/plexus/components.xml
URL:
http://svn.apache.org/viewvc/maven/scm/trunk/maven-scm-plugin/src/main/resources/META-INF/plexus/components.xml?rev=1069164&view=auto
==============================================================================
---
maven/scm/trunk/maven-scm-plugin/src/main/resources/META-INF/plexus/components.xml
(added)
+++
maven/scm/trunk/maven-scm-plugin/src/main/resources/META-INF/plexus/components.xml
Wed Feb 9 23:00:06 2011
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<component-set>
+ <components>
+ <component>
+ <role>org.apache.maven.scm.plugin.SettingsDecrypter</role>
+ <role-hint>default</role-hint>
+
<implementation>org.apache.maven.scm.plugin.SettingsDecrypter</implementation>
+ <requirements>
+ <requirement>
+
<role>org.sonatype.plexus.components.sec.dispatcher.SecDispatcher</role>
+ <role-hint>mng-4384</role-hint>
+ <field-name>secDispatcher</field-name>
+ </requirement>
+ </requirements>
+ </component>
+
+ <component>
+ <role>org.sonatype.plexus.components.sec.dispatcher.SecDispatcher</role>
+ <role-hint>mng-4384</role-hint>
+
<implementation>org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher</implementation>
+ <requirements>
+ <requirement>
+ <role>org.sonatype.plexus.components.cipher.PlexusCipher</role>
+ <field-name>_cipher</field-name>
+ </requirement>
+ </requirements>
+ <configuration>
+ <_configuration-file>~/.m2/settings-security.xml</_configuration-file>
+ </configuration>
+ </component>
+ </components>
+</component-set>
Propchange:
maven/scm/trunk/maven-scm-plugin/src/main/resources/META-INF/plexus/components.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
maven/scm/trunk/maven-scm-plugin/src/main/resources/META-INF/plexus/components.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Modified:
maven/scm/trunk/maven-scm-plugin/src/site/apt/examples/bootstrapping-with-pom.apt.vm
URL:
http://svn.apache.org/viewvc/maven/scm/trunk/maven-scm-plugin/src/site/apt/examples/bootstrapping-with-pom.apt.vm?rev=1069164&r1=1069163&r2=1069164&view=diff
==============================================================================
---
maven/scm/trunk/maven-scm-plugin/src/site/apt/examples/bootstrapping-with-pom.apt.vm
(original)
+++
maven/scm/trunk/maven-scm-plugin/src/site/apt/examples/bootstrapping-with-pom.apt.vm
Wed Feb 9 23:00:06 2011
@@ -77,9 +77,9 @@ Bootstrapping a Project Using a POM
Configuring Authentication
Most public repositories requires developers to authenticate first before
they can pull the source from the repository.
- For repository requiring authentication, the scm plugin needs to be
configured in the <<<pom.xml>>>
+ For repositories requiring authentication, the scm plugin needs to be
configured in one of the following ways:
- * specifying the username and password for svn and starteam
+ * In the <<<poml.xml>>>
+-----------+
<project>
@@ -102,3 +102,21 @@ Configuring Authentication
...
</project>
+-----------+
+
+ * In the <<<settings.xml>>> via a <<<server>>> entry, using the host name
from the connection URL as the server id
+
++-----------+
+<settings>
+ ...
+ <servers>
+ <server>
+ <id>hostname</id>
+ <username>username</username>
+ <password>password</password>
+ </server>
+ </servers>
+ ...
+</settings>
++-----------+
+
+ Since version 1.5, the plugin also recognizes
{{{http://maven.apache.org/guides/mini/guide-encryption.html}encrypted
passwords}}.
Modified:
maven/scm/trunk/maven-scm-plugin/src/test/java/org/apache/maven/scm/plugin/CheckoutMojoTest.java
URL:
http://svn.apache.org/viewvc/maven/scm/trunk/maven-scm-plugin/src/test/java/org/apache/maven/scm/plugin/CheckoutMojoTest.java?rev=1069164&r1=1069163&r2=1069164&view=diff
==============================================================================
---
maven/scm/trunk/maven-scm-plugin/src/test/java/org/apache/maven/scm/plugin/CheckoutMojoTest.java
(original)
+++
maven/scm/trunk/maven-scm-plugin/src/test/java/org/apache/maven/scm/plugin/CheckoutMojoTest.java
Wed Feb 9 23:00:06 2011
@@ -22,6 +22,7 @@ package org.apache.maven.scm.plugin;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.testing.AbstractMojoTestCase;
import org.apache.maven.scm.ScmTestCase;
+import org.apache.maven.scm.provider.ScmProviderRepositoryWithHost;
import org.apache.maven.scm.provider.svn.SvnScmTestUtils;
import org.codehaus.plexus.util.FileUtils;
import org.codehaus.plexus.util.StringUtils;
@@ -160,5 +161,18 @@ public class CheckoutMojoTest
assertTrue( new File( checkoutDir, "src/main/java/.svn" ).exists() );
assertTrue( new File( checkoutDir, "src/main/.svn" ).exists() );
}
-
+
+ public void testEncryptedPasswordFromSettings()
+ throws Exception
+ {
+ File pom = getTestFile(
"src/test/resources/mojos/checkout/checkoutEncryptedPasswordFromSettings.xml" );
+ CheckoutMojo mojo = (CheckoutMojo) lookupMojo( "checkout", pom );
+ ScmProviderRepositoryWithHost repo =
+ (ScmProviderRepositoryWithHost)
mojo.getScmRepository().getProviderRepository();
+
+ assertEquals( "testuser", repo.getUser() );
+ assertEquals( "testpass", repo.getPassword() );
+ assertEquals( "testphrase", repo.getPassphrase() );
+ }
+
}
Added:
maven/scm/trunk/maven-scm-plugin/src/test/resources/mojos/checkout/checkoutEncryptedPasswordFromSettings.xml
URL:
http://svn.apache.org/viewvc/maven/scm/trunk/maven-scm-plugin/src/test/resources/mojos/checkout/checkoutEncryptedPasswordFromSettings.xml?rev=1069164&view=auto
==============================================================================
---
maven/scm/trunk/maven-scm-plugin/src/test/resources/mojos/checkout/checkoutEncryptedPasswordFromSettings.xml
(added)
+++
maven/scm/trunk/maven-scm-plugin/src/test/resources/mojos/checkout/checkoutEncryptedPasswordFromSettings.xml
Wed Feb 9 23:00:06 2011
@@ -0,0 +1,42 @@
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<project>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-scm-plugin</artifactId>
+ <configuration>
+ <settings implementation="org.apache.maven.settings.Settings">
+ <servers>
+ <server>
+ <id>localhost</id>
+ <username>testuser</username>
+
<password>{Ael0S2tnXv8H3X+gHKpZAvAA25D8+gmU2w2RrGaf5v8=}</password>
+
<passphrase>{7zK9P8hNVeUHbTsjiA/vnOs0zUXbND+9MBNPvdvl+x4=}</passphrase>
+ </server>
+ </servers>
+ </settings>
+ <connectionType>connection</connectionType>
+
<connectionUrl>scm:svn:svn://localhost/repository/trunk</connectionUrl>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
\ No newline at end of file
Propchange:
maven/scm/trunk/maven-scm-plugin/src/test/resources/mojos/checkout/checkoutEncryptedPasswordFromSettings.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
maven/scm/trunk/maven-scm-plugin/src/test/resources/mojos/checkout/checkoutEncryptedPasswordFromSettings.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: maven/scm/trunk/maven-scm-plugin/src/test/resources/settings-security.xml
URL:
http://svn.apache.org/viewvc/maven/scm/trunk/maven-scm-plugin/src/test/resources/settings-security.xml?rev=1069164&view=auto
==============================================================================
--- maven/scm/trunk/maven-scm-plugin/src/test/resources/settings-security.xml
(added)
+++ maven/scm/trunk/maven-scm-plugin/src/test/resources/settings-security.xml
Wed Feb 9 23:00:06 2011
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<settingsSecurity>
+ <master>{1wQaa6S/o8MH7FnaTNL53XmhT5O0SEGXQi3gC49o6OY=}</master>
+</settingsSecurity>
Propchange:
maven/scm/trunk/maven-scm-plugin/src/test/resources/settings-security.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
maven/scm/trunk/maven-scm-plugin/src/test/resources/settings-security.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
