You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "justin georgeson (JIRA)" <ji...@apache.org> on 2016/07/20 14:17:20 UTC

[jira] [Commented] (MNG-5585) match server credentials based on server realm

    [ https://issues.apache.org/jira/browse/MNG-5585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15385923#comment-15385923 ] 

justin georgeson commented on MNG-5585:
---------------------------------------

At an organization where the internal artifact repository requires authentication, requiring unique pairings of _settings.servers.server.id_ with _project.repositories.repository.id_ the required settings.xml can get out of hand with <server> blocks quite quickly. At present make use of Artifactory's virtual repository feature to create aggregated repository URLs that follow a pattern, and then define a single global repository in the organizational parent POM, using a property reference for the URL. But this method has its own issues. For example we have a case where we want to put the SCM branch in the URL, but the property with the branch is set by a plugin which runs during the initialize phase so it's too late.

With the proposed feature, our users could enter a single set of credentials in settings.xml, for the authentication realm of our internal server, then we could define the needed repositories directly in their project's parent POM.

> match server credentials based on server realm
> ----------------------------------------------
>
>                 Key: MNG-5585
>                 URL: https://issues.apache.org/jira/browse/MNG-5585
>             Project: Maven
>          Issue Type: Improvement
>          Components: Settings
>    Affects Versions: 3.x / Backlog
>            Reporter: nicolas de loof
>
> credentials for repositories are identified based on arbitrary ID. This is error prone and fragile design, especially as there's no way to diagnose which credentials are used (see MNG-5584).
> A realm-based server matching would better follow the way HTTP security is defined, and could be easily used for other protocols based (for sample) on domain name.
> <server>
>      <id>xxx</id>  
>      <realm>[optional protocol://]repo.acme.com</realm>
>     ..
> </server>



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)