You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@maven.apache.org by Eric Kolotyluk <er...@gmail.com> on 2012/08/15 14:41:22 UTC
Best Practices for Passwords and Usernames
Are there some best practices around how and where to store usernames,
passwords and other secret information wrt the local user?
For example, what I have been doing in my user settings.xml is (the
following), but is there some other best practice I should be following?
In particular, I am trying to set up conventions to be used from our
corporate POM that are based on a common 'user' profile.
Cheers, Eric
<?xml version="1.0" encoding="utf-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
http://maven.apache.org/xsd/settings-1.0.0.xsd">
<profiles>
<profile>
<id>user</id>
<properties>
<com.perforce.p4maven.username>Eric_Kolotyluk</com.perforce.p4maven.username>
<com.perforce.p4maven.password>secret</com.perforce.p4maven.password>
<org.apache.maven.plugins.maven-release-plugin.username>${com.perforce.p4maven.username}</org.apache.maven.plugins.maven-release-plugin.username>
<org.apache.maven.plugins.maven-release-plugin.password>${com.perforce.p4maven.password}</org.apache.maven.plugins.maven-release-plugin.password>
</properties>
</profile>
</profiles>
<activeProfiles>
<activeProfile>user</activeProfile>
</activeProfiles>
</settings>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
AW: Best Practices for Passwords and Usernames
Posted by Tobias Maslowski <to...@gmail.com>.
I don't think they misunderstood what you were asking for, you just seem to have different grasps on the matter, thus a misunderstanding.
To your concern:
What you read seems to be right, user/password are client specific(pom is project specific, they are pretty public) settings, you can/should put those into settings.xml(this file is local in most cases, so pretty private) in the section settings/servers/server(http://maven.apache.org/settings.html).
Most SCM-Providers will be able to authenticate using the settings made there. You link the server-element (in the settings.xml) to the scm-element(in the pom) with the id-element of server(I'm sure you'll find out how).
The other guys eventually knew this stuff, took it for given and wanted to hint(you asked for best practice) that you can encrypt the passwords now stored in your settings.xml(for security reasons).
Hoping I did understand you correctly and best regards.
-----Ursprüngliche Nachricht-----
Von: Eric Kolotyluk [mailto:eric.kolotyluk@gmail.com]
Gesendet: Mittwoch, 15. August 2012 21:55
An: Maven Users List
Betreff: Re: Best Practices for Passwords and Usernames
OK, now I see why I cannot find any documentation for what I want. 3 different people misunderstood what I was asking for. I must be asking it wrong, or thinking about it wrong.
Basically, when I have a situation where I have some username and password for the scm plugin, where do I store such information, and how do I configure the scm plugin, the release plugin, etc. to find that information?
I was reading
http://www.mosabuam.com/2009/10/company-super-pom-a-maven-practice and he says to put the passwords in your settings.xml file, but I have no idea what his intent is without any tangible example.
Cheers, Eric
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Best Practices for Passwords and Usernames
Posted by Manfred Moser <ma...@mosabuam.com>.
On Wed, August 15, 2012 5:11 pm, Eric Kolotyluk wrote:
>>
> After visiting http://www.simpligility.com/ I was not sure where to go
> next for something relevant to this discussion. Did you have a more
> specific URL?
No... this is just where I blog my technical stuff now so newer stuff will
be there..
> We are using Perforce for our SCM.
>
> So, what I am currently doing is creating a profile called "user" in my
> local settings.xml file, and in that profile I set the password and
> username properties, then I activate that profile. It seems to work fine
> for me and it fairly straightforward to document and explain to people.
> Then in our corporate POM I reference those password and username
> properties in the scm and p4maven plug-in configurations. Does what I am
> doing makes sense, or is there a better way to do it? The general idea
> is that all personal information stays in a person's personal
> settings.xml file.
Thats what I was alluding this. Sounds good to me.
> I considered using environment variables as you suggested, Manfred, but
> somehow keeping all Maven stuff in a personal settings.xml file seem
> easier to document.
I agree.. I just mentioned it as an alternative.. specifically it can be
useful for CI servers..
> I understand the vulnerability of putting any passwords or secret
> information in clear-text in a file, but security always needs to be
> balanced with complexity and conveniences. I will have to read up more
> on all the password protection schemes others have pointed out, but they
> do seem more complicated.
Yes.. they are a pita to use especially if you have policies that require
regular password changes..
> Anyway, things are becoming more clear to me, but much of this stills
> seems like another dark art aspect of Maven :-)
Haha... its not that complicated is it? You seem to be mastering it just
fine ;-)
manfred
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Best Practices for Passwords and Usernames
Posted by Eric Kolotyluk <er...@gmail.com>.
On 2012-08-15 1:36 PM, Manfred Moser wrote:
> On Wed, August 15, 2012 12:54 pm, Eric Kolotyluk wrote:
>> OK, now I see why I cannot find any documentation for what I want. 3
>> different people misunderstood what I was asking for. I must be asking it
>> wrong, or thinking about it wrong.
>>
>> Basically, when I have a situation where I have some username and password
>> for the scm plugin, where do I store such information, and how do I
>> configure the scm plugin, the release plugin, etc. to find that
>> information?
>>
>> I was reading
>> http://www.mosabuam.com/2009/10/company-super-pom-a-maven-practice and he
>> says to put the passwords in your settings.xml file, but I have no idea
>> what his intent is without any tangible example.
> That is a post of mine from ages ago that should really point to my new
> website at http://simpligility.com at this stage or even have the content
> updated and moved to the new site .. but then there is so much other stuff
> to blog about too ;-) .. and the username and password there was meant for
> the deployment to a repo server and for that you can use the maven
> settings encryption stuff (although I think that is a rather painful
> process..)
>
> Anyway.. in terms of the scm passwords you can do a few things depending
> on your scm system.
>
> - with git you can just use ssh and authenticate once on the machine and
> never worry again.
>
> - with svn you can add user name and password to the url in the scm
> section right in the pom or you could add them as properties in the pom
> and then set the properties in your settings.xml or so
>
> - another option is to set them as environment variables and reference
> them in the pom as property like ${env.SVN_USER_NAME} or along these lines
>
> - with the svn scm provider you can also set username and password in the
> plugin configuration rather than the connection url, and you can then fill
> these values again from properties or environment variable values
>
> imho the git option is the cleanest but is of course limited to using git
> (or svn with the git-svn bridge ;-)
>
> It all depends on how secure you really need it to be what option you want
> to choose..
>
> manfred
>
>
>
After visiting http://www.simpligility.com/ I was not sure where to go
next for something relevant to this discussion. Did you have a more
specific URL?
We are using Perforce for our SCM.
So, what I am currently doing is creating a profile called "user" in my
local settings.xml file, and in that profile I set the password and
username properties, then I activate that profile. It seems to work fine
for me and it fairly straightforward to document and explain to people.
Then in our corporate POM I reference those password and username
properties in the scm and p4maven plug-in configurations. Does what I am
doing makes sense, or is there a better way to do it? The general idea
is that all personal information stays in a person's personal
settings.xml file.
I considered using environment variables as you suggested, Manfred, but
somehow keeping all Maven stuff in a personal settings.xml file seem
easier to document.
I understand the vulnerability of putting any passwords or secret
information in clear-text in a file, but security always needs to be
balanced with complexity and conveniences. I will have to read up more
on all the password protection schemes others have pointed out, but they
do seem more complicated.
Anyway, things are becoming more clear to me, but much of this stills
seems like another dark art aspect of Maven :-)
Cheers, Eric
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Best Practices for Passwords and Usernames
Posted by Manfred Moser <ma...@mosabuam.com>.
On Wed, August 15, 2012 12:54 pm, Eric Kolotyluk wrote:
> OK, now I see why I cannot find any documentation for what I want. 3
> different people misunderstood what I was asking for. I must be asking it
> wrong, or thinking about it wrong.
>
> Basically, when I have a situation where I have some username and password
> for the scm plugin, where do I store such information, and how do I
> configure the scm plugin, the release plugin, etc. to find that
> information?
>
> I was reading
> http://www.mosabuam.com/2009/10/company-super-pom-a-maven-practice and he
> says to put the passwords in your settings.xml file, but I have no idea
> what his intent is without any tangible example.
That is a post of mine from ages ago that should really point to my new
website at http://simpligility.com at this stage or even have the content
updated and moved to the new site .. but then there is so much other stuff
to blog about too ;-) .. and the username and password there was meant for
the deployment to a repo server and for that you can use the maven
settings encryption stuff (although I think that is a rather painful
process..)
Anyway.. in terms of the scm passwords you can do a few things depending
on your scm system.
- with git you can just use ssh and authenticate once on the machine and
never worry again.
- with svn you can add user name and password to the url in the scm
section right in the pom or you could add them as properties in the pom
and then set the properties in your settings.xml or so
- another option is to set them as environment variables and reference
them in the pom as property like ${env.SVN_USER_NAME} or along these lines
- with the svn scm provider you can also set username and password in the
plugin configuration rather than the connection url, and you can then fill
these values again from properties or environment variable values
imho the git option is the cleanest but is of course limited to using git
(or svn with the git-svn bridge ;-)
It all depends on how secure you really need it to be what option you want
to choose..
manfred
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Best Practices for Passwords and Usernames
Posted by Eric Kolotyluk <er...@gmail.com>.
On 2012-08-15 1:46 PM, Laird Nelson wrote:
> On Wed, Aug 15, 2012 at 12:54 PM, Eric Kolotyluk
> <eric.kolotyluk@gmail.com <ma...@gmail.com>> wrote:
>
> Basically, when I have a situation where I have some username and
> password
> for the scm plugin, where do I store such information, and how do I
> configure the scm plugin, the release plugin, etc. to find that
> information?
>
>
> When a server of any kind is referenced in a pom.xml, if you have an
> equivalently-identified <server> element in your settings.xml, then
> its <username> and <password> entries are used for credentials. (See
> http://www.sonatype.com/books/mvnref-book/reference/appendix-settings-sect-details.html#appendix-settings-sect-servers.)
That text would be more clear if it specified which settings.xml file -
as there are two. Do you mean the global settings.xml file or the
personal/local settings.xml file in the user's home directory
${user.home}/.m2/settings.xml? And what would this look like if I was
trying to handle credentials for Perforce via the scm or release
plug-ins? The use of the term 'server' here is kind of confusing.
>
> A settings.xml file is a local file stored under your home directory,
> in a directory named .m2. (See
> http://maven.apache.org/ref/3.0.4/maven-settings/settings.html.)
OK, that makes sense, and it would make more sense if
http://www.sonatype.com/books/mvnref-book/reference/appendix-settings-sect-details.html#appendix-settings-sect-servers
was clear on that.
>
> Storing your password in plain text in your settings.xml file is
> sometimes (always?) bad practice. In that case you should look into
> encrypting the passwords that are contained therein. (See
> http://www.sonatype.com/books/mvnref-book/reference/appendix-settings-sect-details.html#appendix-settings-sect-encrypting-passwords.)
OK, that link is much better, thanks :-)
>
> Hope that helps,
> Best,
> Laird
>
> --
> http://about.me/lairdnelson
>
I think much of the problem with technical documentation these days is
that many people still write as if they expect people to read the whole
document. There is too much context because important information is
factored out. Increasingly, people do not read whole documents anymore
(I know I don't) and get to parts of the document often by URL or Google
search, so they have no context. Consequently, documents need to be more
context free. True this makes them wordier and longer, but it meshes
more with how people read theses days.
For example, I am often frustrated by the abuse of acronyms. Too many
writers define the acronyms maybe once at the beginning of the document
(or not at all). If you skip to the middle of the document you have no
idea what the acronyms mean, or where they might be defined.
For the most part, I strive to make my writing increasingly context
free, or I keep redefining the context as often as possible.
Cheers, Eric
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Best Practices for Passwords and Usernames
Posted by Eric Kolotyluk <er...@gmail.com>.
On 2012-08-15 2:22 PM, Wayne Fay wrote:
>> Storing your password in plain text in your settings.xml file is sometimes
>> (always?) bad practice. In that case you should look into encrypting the
>> passwords that are contained therein. (See
> I personally disagree with this if you are using a reasonable
> filesystem with reasonable security norms. This would mean your home
> dir is not world-readable etc if you are on a multi-user system so no
> one should be able to find their way to your ~/.m2/ directory and be
> able to look at your settings.xml file in the first place.
>
> I don't believe the extra work of encrypting those strings is worth a
> whole lot. It is simply security theatre.
>
> Wayne
Yes - security is always a trade-off between complexity and convenience.
In some environments you need to be hyper vigilant, and in others you
don't. It is always best to know the consequences and the options.
Cheers, Eric
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Best Practices for Passwords and Usernames
Posted by Barrie Treloar <ba...@gmail.com>.
On Thu, Aug 16, 2012 at 6:52 AM, Wayne Fay <wa...@gmail.com> wrote:
>> Storing your password in plain text in your settings.xml file is sometimes
>> (always?) bad practice. In that case you should look into encrypting the
>> passwords that are contained therein. (See
>
> I personally disagree with this if you are using a reasonable
> filesystem with reasonable security norms. This would mean your home
> dir is not world-readable etc if you are on a multi-user system so no
> one should be able to find their way to your ~/.m2/ directory and be
> able to look at your settings.xml file in the first place.
>
> I don't believe the extra work of encrypting those strings is worth a
> whole lot. It is simply security theatre.
The reason it is "security theatre"
(http://en.wikipedia.org/wiki/Security_theater) is because it
"provides the feeling of improved security while doing little or
nothing to actually improve security"
Someone has to be able to use your unencrypted password.
In this case it is Maven, so that means Maven must be capable of
unencrypting the value.
By encrypting the passwords in settings.xml you stop casual users from
looking at the file and seeing the value. (Which is exactly what a
decent operating system with file level permissions provides, and not
letting someone else use your computer).
But a more sophisticated user could grab you file, write a maven
plugin, (or maybe just attach the debugger) and pull out the
unencrypted password.
This is why SSH is a better option because it does not use a single
"key to the kingdom" in the form a password that can probably be used
everywhere on your corporate network to access other resources.
And access to those other resources is where all the risk is. The
risk that someone checks something into your scm as a different user
isn't a risk worth worrying about (for all but the most paranoid of
companies)
Security is about risk trade-offs and
http://en.wikipedia.org/wiki/Bruce_Schneier is a good start to point
people to increase their understanding.
In reality, its more like http://xkcd.com/538/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Best Practices for Passwords and Usernames
Posted by Wayne Fay <wa...@gmail.com>.
> Storing your password in plain text in your settings.xml file is sometimes
> (always?) bad practice. In that case you should look into encrypting the
> passwords that are contained therein. (See
I personally disagree with this if you are using a reasonable
filesystem with reasonable security norms. This would mean your home
dir is not world-readable etc if you are on a multi-user system so no
one should be able to find their way to your ~/.m2/ directory and be
able to look at your settings.xml file in the first place.
I don't believe the extra work of encrypting those strings is worth a
whole lot. It is simply security theatre.
Wayne
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Best Practices for Passwords and Usernames
Posted by Laird Nelson <lj...@gmail.com>.
On Wed, Aug 15, 2012 at 12:54 PM, Eric Kolotyluk
<er...@gmail.com>wrote:
>
> Basically, when I have a situation where I have some username and password
> for the scm plugin, where do I store such information, and how do I
> configure the scm plugin, the release plugin, etc. to find that
> information?
>
When a server of any kind is referenced in a pom.xml, if you have an
equivalently-identified <server> element in your settings.xml, then its
<username> and <password> entries are used for credentials. (See
http://www.sonatype.com/books/mvnref-book/reference/appendix-settings-sect-details.html#appendix-settings-sect-servers
.)
A settings.xml file is a local file stored under your home directory, in a
directory named .m2. (See
http://maven.apache.org/ref/3.0.4/maven-settings/settings.html.)
Storing your password in plain text in your settings.xml file is sometimes
(always?) bad practice. In that case you should look into encrypting the
passwords that are contained therein. (See
http://www.sonatype.com/books/mvnref-book/reference/appendix-settings-sect-details.html#appendix-settings-sect-encrypting-passwords
.)
Hope that helps,
Best,
Laird
--
http://about.me/lairdnelson
Re: Best Practices for Passwords and Usernames
Posted by Eric Kolotyluk <er...@gmail.com>.
OK, now I see why I cannot find any documentation for what I want. 3
different people misunderstood what I was asking for. I must be asking it
wrong, or thinking about it wrong.
Basically, when I have a situation where I have some username and password
for the scm plugin, where do I store such information, and how do I
configure the scm plugin, the release plugin, etc. to find that information?
I was reading
http://www.mosabuam.com/2009/10/company-super-pom-a-maven-practice and he
says to put the passwords in your settings.xml file, but I have no idea
what his intent is without any tangible example.
Cheers, Eric
Re: Best Practices for Passwords and Usernames
Posted by Laird Nelson <lj...@gmail.com>.
On Wed, Aug 15, 2012 at 5:41 AM, Eric Kolotyluk <er...@gmail.com>wrote:
> Are there some best practices around how and where to store usernames,
> passwords and other secret information wrt the local user?
You may have already read this, but:
http://maven.apache.org/guides/mini/guide-encryption.html
Best,
Laird
RE: Best Practices for Passwords and Usernames
Posted by Martin Gainty <mg...@hotmail.com>.
once you have stored the password in a secure environment
you can use either PHP or MySQL to generate 128bit md5
or 160bit sha1
http://phpsec.org/articles/2005/password-hashing.html
(Notice the use of a long salt to stop brute-force attempts to extract clear-text passwords)
HTH
Martin
______________________________________________
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
> From: markus@headcrashing.eu
> To: users@maven.apache.org
> Subject: RE: Best Practices for Passwords and Usernames
> Date: Wed, 15 Aug 2012 19:27:24 +0200
>
> For security reasons it is a good idea to have the passwords encrypted on a
> USB stick, see http://maven.apache.org/guides/mini/guide-encryption.html
>
>
> > -----Original Message-----
> > From: Eric Kolotyluk [mailto:eric.kolotyluk@gmail.com]
> > Sent: Mittwoch, 15. August 2012 14:41
> > To: maven users
> > Subject: Best Practices for Passwords and Usernames
> >
> > Are there some best practices around how and where to store usernames,
> > passwords and other secret information wrt the local user?
> >
> > For example, what I have been doing in my user settings.xml is (the
> > following), but is there some other best practice I should be
> > following?
> > In particular, I am trying to set up conventions to be used from our
> > corporate POM that are based on a common 'user' profile.
> >
> > Cheers, Eric
> >
> > <?xml version="1.0" encoding="utf-8"?>
> > <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
> > http://maven.apache.org/xsd/settings-1.0.0.xsd">
> >
> > <profiles>
> > <profile>
> > <id>user</id>
> > <properties>
> > <com.perforce.p4maven.username>Eric_Kolotyluk</com.perforce.p4maven.use
> > rname>
> > <com.perforce.p4maven.password>secret</com.perforce.p4maven.password>
> > <org.apache.maven.plugins.maven-release-
> > plugin.username>${com.perforce.p4maven.username}</org.apache.maven.plug
> > ins.maven-release-plugin.username>
> > <org.apache.maven.plugins.maven-release-
> > plugin.password>${com.perforce.p4maven.password}</org.apache.maven.plug
> > ins.maven-release-plugin.password>
> > </properties>
> > </profile>
> > </profiles>
> >
> > <activeProfiles>
> > <activeProfile>user</activeProfile>
> > </activeProfiles>
> >
> > </settings>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> > For additional commands, e-mail: users-help@maven.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
RE: Best Practices for Passwords and Usernames
Posted by Markus KARG <ma...@headcrashing.eu>.
For security reasons it is a good idea to have the passwords encrypted on a
USB stick, see http://maven.apache.org/guides/mini/guide-encryption.html
> -----Original Message-----
> From: Eric Kolotyluk [mailto:eric.kolotyluk@gmail.com]
> Sent: Mittwoch, 15. August 2012 14:41
> To: maven users
> Subject: Best Practices for Passwords and Usernames
>
> Are there some best practices around how and where to store usernames,
> passwords and other secret information wrt the local user?
>
> For example, what I have been doing in my user settings.xml is (the
> following), but is there some other best practice I should be
> following?
> In particular, I am trying to set up conventions to be used from our
> corporate POM that are based on a common 'user' profile.
>
> Cheers, Eric
>
> <?xml version="1.0" encoding="utf-8"?>
> <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
> http://maven.apache.org/xsd/settings-1.0.0.xsd">
>
> <profiles>
> <profile>
> <id>user</id>
> <properties>
> <com.perforce.p4maven.username>Eric_Kolotyluk</com.perforce.p4maven.use
> rname>
> <com.perforce.p4maven.password>secret</com.perforce.p4maven.password>
> <org.apache.maven.plugins.maven-release-
> plugin.username>${com.perforce.p4maven.username}</org.apache.maven.plug
> ins.maven-release-plugin.username>
> <org.apache.maven.plugins.maven-release-
> plugin.password>${com.perforce.p4maven.password}</org.apache.maven.plug
> ins.maven-release-plugin.password>
> </properties>
> </profile>
> </profiles>
>
> <activeProfiles>
> <activeProfile>user</activeProfile>
> </activeProfiles>
>
> </settings>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org