You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@maven.apache.org by Ramon Casha <ra...@megabyte.net> on 2014/02/28 11:11:20 UTC

Re: [SPAM-SPF-Fail] - Re: Can I generate "pre-signed" 3rd party artifacts? - Sender is forged (SPF Fail)

On Ġim, 2014-02-28 at 10:36 +0100, Karl Heinz Marbaise wrote: 

	
	Hi,
	
	> No, this does not address my question at all.
	
	Hm...you make a separate project and define your needed artifacts as 
	dependencies and maven-jarsigner-plugin will sign all artifacts and will 
	deploy them as attached to that projects.
	
	The other projects (yours) can use those attached and signed artifacts ?


How can I make those signed artifacts deploy as new artifacts to the repository? Normally only the project's own artifact is deployed.




	
	Kind regards
	Karl Heinz Marbaise
	>
	>
	> On Ġim, 2014-02-28 at 08:55 +0100, Karl Heinz Marbaise wrote:
	>
	> 	
	> 	Hi Ramon,
	> 	
	> 	
	> 	what about:
	> 	
	> 	http://maven.apache.org/plugins/maven-jarsigner-plugin/
	> 	
	> 	
	> 	Kind regards
	> 	Karl Heinz Marbaise
	> 	 > I have an application which depends on a large number of 3rd party
	> 	> artifacts, and which uses webstart to launch. Webstart requires all Jars
	> 	> to be signed using the same certificate. Although the
	> 	> webstart-maven-plugin can take care of the signing, there are so many
	> 	> jar files that it takes quite a long time to sign them all every time I
	> 	> build.
	> 	>
	> 	> Since  the 3rd party artifacts rarely change, I'd like to sign them all
	> 	> once, and store them in a local repository and have the projects all
	> 	> depend on the signed versions. Is there any quick way of doing this?
	> 	>
	> 	> I was thinking of something like a maven project for each dependency
	> 	> which pulls in the JAR, signs it then deploys it to my repository using
	> 	> a modified version number
	> 	> (eg, commons.beanutils-1.8.3.jar -> commons.beanutils-1.8.3-signed.jar).
	> 	>
	> 	
	> 	---------------------------------------------------------------------
	> 	To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
	> 	For additional commands, e-mail: users-help@maven.apache.org
	> 	
	>
	>
	
	
	Mit freundlichem Gruß
	Karl-Heinz Marbaise


-- 

________________________________



Ramon Casha | Technical Specialist | Software Services 
megabyte ltd | e ramon.casha@megabyte.net
t + 356 21421600 | f + 356 21421590 | w www.megabyte.net <http://www.megabyte.net/>  

________________________________



Please consider your environmental responsibility before printing this e-mail 


DISCLAIMER
---------------------- 

The information transmitted in this message and any attachments is strictly confidential and intended only for the individual or entity to whom it is addressed.
Any form of unauthorised review, transmission, disclosure, publication, reproduction, modification or other use of, or the taking of any action in reliance upon any of the information contained in this e-mail by individuals or entities other than the intended recipient is strictly prohibited.
If you are not the named addressee or the person responsible for delivering the message to the named addressee and have received this communication in error, you must not disclose the contents of this e-mail to any other person; or make any copies thereof. If you are not the named recipient please delete/destroy any and all copies that may exist, whether in electronic or hard copy for and notify us immediately on the phone number indicated above and provide us with details about the said e-mail received in error.
Since the Internet is not a secure medium Megabyte cannot guarantee the privacy or confidentiality of any e-mail communications transmitted. All messages sent to and from Megabyte Ltd may be monitored and/or recorded to ensure compliance with internal policies and procedures. We disclaim all responsibility and liability whatsoever in relation to any errors or omissions that may reveal themselves in this message and in relation to any damage that may result from any such errors or omissions. We disclaim all responsibility and liability for any damage that may arise from the unauthorised acts of third parties and/or the corruption of any data contained in this message.
Thank you.