You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@maven.apache.org by adasal <ad...@gmail.com> on 2009/09/24 15:10:14 UTC
M2Eclipse - Security issue
I'm sure there is an obvious answer but can someone help me out.
I have an internal project that has dependencies on various open source
projects.
I want to index those repos etc. However, the way I have setup my pom, each
of the maven repos is also searched for my internal artefacts, which means
that the request will exist on that server. This is something I don't want
as the names of files (possibly) shouldn't be in the public domain.
How do I control this behaviour, is this done through dependency management
- or other?
Best,
Adam Saltiel
Re: M2Eclipse - Security issue
Posted by adasal <ad...@gmail.com>.
Justin,
Thanks for immediate response. OK, I know now, that's good. Good reason to
have a repository manager.
Adam
2009/9/24 Edelson, Justin <Ju...@mtvstaff.com>
> To my mind, the only way to solve this problem is to use a repository
> manager which supports routing. You would configure Maven to direct all
> traffic to the repository manager and configure the repository manager with
> explicit rules regarding which repositories to search for which artifacts.
> Something like:
>
> /com/myco/secretplantotakeovertheworld/* -> myco (an internal repository)
> everything else -> myco & central
>
> Maven doesn't support this routing feature - it can only be done at the
> repository manager layer.
>
> Justin
>
> ________________________________
>
> From: adasal [mailto:adam.saltiel@gmail.com]
> Sent: Thu 9/24/2009 9:10 AM
> To: Maven Users List
> Subject: M2Eclipse - Security issue
>
>
>
> I'm sure there is an obvious answer but can someone help me out.
> I have an internal project that has dependencies on various open source
> projects.
> I want to index those repos etc. However, the way I have setup my pom, each
> of the maven repos is also searched for my internal artefacts, which means
> that the request will exist on that server. This is something I don't want
> as the names of files (possibly) shouldn't be in the public domain.
> How do I control this behaviour, is this done through dependency management
> - or other?
>
> Best,
> Adam Saltiel
>
>
>
RE: M2Eclipse - Security issue
Posted by "Edelson, Justin" <Ju...@mtvstaff.com>.
To my mind, the only way to solve this problem is to use a repository manager which supports routing. You would configure Maven to direct all traffic to the repository manager and configure the repository manager with explicit rules regarding which repositories to search for which artifacts. Something like:
/com/myco/secretplantotakeovertheworld/* -> myco (an internal repository)
everything else -> myco & central
Maven doesn't support this routing feature - it can only be done at the repository manager layer.
Justin
________________________________
From: adasal [mailto:adam.saltiel@gmail.com]
Sent: Thu 9/24/2009 9:10 AM
To: Maven Users List
Subject: M2Eclipse - Security issue
I'm sure there is an obvious answer but can someone help me out.
I have an internal project that has dependencies on various open source
projects.
I want to index those repos etc. However, the way I have setup my pom, each
of the maven repos is also searched for my internal artefacts, which means
that the request will exist on that server. This is something I don't want
as the names of files (possibly) shouldn't be in the public domain.
How do I control this behaviour, is this done through dependency management
- or other?
Best,
Adam Saltiel