How can I eliminate these embedded username and password entries?

[shaun.t.erickson]

Caveat: I'm the SysAdmin in charge of our Artifactory server (to which I'm 
new), and not a developer, so my Maven knowledge is somewhat limited. I'm a 
fast learner though. :)

Our developers have embedded the artifactory username and password in their POM 
files, and I very much wish to not have them do that. If it matters, they are 
using Maven 2.2.1. Here is the relevant, sanitized, portions of their POM files:

  <properties>
    
<artifactory-url>http://my.artifactory.server:8081/artifactory</artifactory-url>
    <artifactory-usr>a_username</artifactory-usr>
    <artifactory-pwd>a_password</artifactory-pwd>
  </properties>

      <plugin>
        <artifactId>maven-antrun-plugin</artifactId>
        <executions>
          <execution>
            <id>metrics-for-eclipse</id>
            <phase>generate-resources</phase>
            <configuration>
              <target>
                <taskdef resource="net/sf/antcontrib/antlib.xml" />
                <if>
                  <equals arg1="${maven.fetch.filters}" arg2="true" />
                  <then>
                    <get
                      
src="${artifactory-url}/libs-release-local/path/to/findbugs-filter.xml"
                      dest="${maven.repo.local}\path\to\findbugs-filter.xml"
                      usetimestamp="true"
                      ignoreerrors="true"
                      username="${artifactory-usr}"
                      password="${artifactory-pwd}"/>
                    <get
                      
src="${artifactory-url}/libs-release-local/path/to/checkstyle.xml"
                      dest="${maven.repo.local}\path\to\checkstyle.xml"
                      usetimestamp="true"
                      ignoreerrors="true"
                      username="${artifactory-usr}"
                      password="${artifactory-pwd}"/>
                    <get 
src="${artifactory-url}/libs-release-local/path/to/pmd-ruleset.xml"
                      dest="${maven.repo.local}\path\to\pmd-ruleset.xml"
                      usetimestamp="true"
                      ignoreerrors="true"
                      username="${artifactory-usr}"
                      password="${artifactory-pwd}"/>
                  </then>
                  <else>
                    <echo>Using local machine's already available Eclipse 
filters. Run with -Dmaven.fetch.filters=true if they are needed.</echo>
                  </else>
                </if>
              </target>
            </configuration>
            <goals>
              <goal>run</goal>
            </goals>
          </execution>
        </executions>
      </plugin>

Is there some other way of retrieving these resources from my artifactory 
server that doesn't require embedding the login information in their POM files?

Thank you, in advance, for any guidance you might offer.

-ste


________________________________
Subject to local law, communications with Accenture and its affiliates 
including telephone calls and emails (including content), may be monitored by 
our systems for the purposes of security and the assessment of internal 
compliance with Accenture policy.
______________________________________________________________________________________

www.accenture.com