diff --git a/maven-core/src/main/java/org/apache/maven/settings/DefaultMavenSettingsBuilder.java b/maven-core/src/main/java/org/apache/maven/settings/DefaultMavenSettingsBuilder.java index 12a8c9b90e..dc245b0535 100644 --- a/maven-core/src/main/java/org/apache/maven/settings/DefaultMavenSettingsBuilder.java +++ b/maven-core/src/main/java/org/apache/maven/settings/DefaultMavenSettingsBuilder.java @@ -19,6 +19,13 @@ package org.apache.maven.settings; * under the License. */ +import java.io.File; +import java.io.IOException; +import java.io.Reader; +import java.io.StringReader; +import java.io.StringWriter; +import java.util.List; + import org.apache.maven.execution.MavenExecutionRequest; import org.apache.maven.settings.io.xpp3.SettingsXpp3Reader; import org.apache.maven.settings.io.xpp3.SettingsXpp3Writer; @@ -34,14 +41,6 @@ import org.codehaus.plexus.logging.AbstractLogEnabled; import org.codehaus.plexus.util.IOUtil; import org.codehaus.plexus.util.ReaderFactory; import org.codehaus.plexus.util.xml.pull.XmlPullParserException; -import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher; - -import java.io.File; -import java.io.IOException; -import java.io.Reader; -import java.io.StringReader; -import java.io.StringWriter; -import java.util.List; /** * @author jdcasey @@ -54,9 +53,6 @@ public class DefaultMavenSettingsBuilder @Requirement private SettingsValidator validator; - @Requirement( hint = "maven" ) - private SecDispatcher securityDispatcher; - /** @since 2.1 */ public Settings buildSettings( MavenExecutionRequest request ) throws IOException, XmlPullParserException @@ -104,8 +100,6 @@ public class DefaultMavenSettingsBuilder TrackableBase.GLOBAL_LEVEL ); userSettings = interpolate( userSettings, request ); - - decrypt( userSettings ); // for the special case of a drive-relative Windows path, make sure it's absolute to save plugins from trouble String localRepository = userSettings.getLocalRepository(); @@ -122,39 +116,6 @@ public class DefaultMavenSettingsBuilder } - /** - * decrypt settings passwords and passphrases - * - * @param settings settings to process - * @throws IOException - */ - @SuppressWarnings("unchecked") - private void decrypt( Settings settings ) - throws IOException - { - List servers = settings.getServers(); - - if ( servers != null && !servers.isEmpty() ) - { - try - { - for ( Server server : servers ) - { - if ( server.getPassword() != null ) - { - server.setPassword( securityDispatcher.decrypt( server.getPassword() ) ); - } - } - } - catch ( Exception e ) - { - // 2009-02-12 Oleg: get do this because 2 levels up Exception is - // caught, not exception type does not matter - throw new IOException( e.getMessage() ); - } - } - } - private Settings interpolate( Settings settings, MavenExecutionRequest request ) throws IOException, XmlPullParserException { diff --git a/maven-core/src/main/resources/META-INF/plexus/components.xml b/maven-core/src/main/resources/META-INF/plexus/components.xml index ddf80793b0..3b2cd7a1e6 100644 --- a/maven-core/src/main/resources/META-INF/plexus/components.xml +++ b/maven-core/src/main/resources/META-INF/plexus/components.xml @@ -136,7 +136,7 @@ use a configuration source to pull in the lifecycle information. - + org.sonatype.plexus.components.sec.dispatcher.SecDispatcher @@ -153,5 +153,6 @@ use a configuration source to pull in the lifecycle information. <_configuration-file>~/.m2/settings-security.xml + diff --git a/maven-embedder/src/main/java/org/apache/maven/embedder/execution/DefaultMavenExecutionRequestPopulator.java b/maven-embedder/src/main/java/org/apache/maven/embedder/execution/DefaultMavenExecutionRequestPopulator.java index a70342c7dc..4ced7e5358 100644 --- a/maven-embedder/src/main/java/org/apache/maven/embedder/execution/DefaultMavenExecutionRequestPopulator.java +++ b/maven-embedder/src/main/java/org/apache/maven/embedder/execution/DefaultMavenExecutionRequestPopulator.java @@ -60,6 +60,8 @@ import org.codehaus.plexus.component.repository.exception.ComponentLookupExcepti import org.codehaus.plexus.logging.AbstractLogEnabled; import org.codehaus.plexus.util.StringUtils; import org.codehaus.plexus.util.xml.Xpp3Dom; +import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher; +import org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException; /** * Things that we deal with in this populator to ensure that we have a valid {@MavenExecutionRequest} @@ -89,7 +91,12 @@ public class DefaultMavenExecutionRequestPopulator @Requirement private MavenTools mavenTools; - + + // 2009-02-12 Oleg: this component is defined in maven-core components.xml + // because it already has another declared (not generated) component + @Requirement( hint = "maven" ) + private SecDispatcher securityDispatcher; + public MavenExecutionRequest populateDefaults( MavenExecutionRequest request, Configuration configuration ) throws MavenEmbedderException @@ -454,8 +461,12 @@ public class DefaultMavenExecutionRequestPopulator for ( Iterator i = settings.getServers().iterator(); i.hasNext(); ) { Server server = (Server) i.next(); + + String pass = securityDispatcher.decrypt( server.getPassword() ); + + String phrase = securityDispatcher.decrypt( server.getPassphrase() ); - wagonManager.addAuthenticationInfo( server.getId(), server.getUsername(), server.getPassword(), server.getPrivateKey(), server.getPassphrase() ); + wagonManager.addAuthenticationInfo( server.getId(), server.getUsername(), pass, server.getPrivateKey(), phrase ); wagonManager.addPermissionInfo( server.getId(), server.getFilePermissions(), server.getDirectoryPermissions() ); @@ -480,12 +491,49 @@ public class DefaultMavenExecutionRequestPopulator wagonManager.addMirror( mirror.getId(), mirror.getMirrorOf(), mirror.getUrl() ); } } + catch ( SecDispatcherException e ) + { + throw new SettingsConfigurationException( e.getMessage() ); + } finally { container.release( wagonManager ); } } + /** + * decrypt settings passwords and passphrases + * + * @param settings settings to process + * @throws IOException + */ + @SuppressWarnings("unchecked") + private void decrypt( Settings settings ) + throws IOException + { + List servers = settings.getServers(); + + if ( servers != null && !servers.isEmpty() ) + { + try + { + for ( Server server : servers ) + { + if ( server.getPassword() != null ) + { + server.setPassword( securityDispatcher.decrypt( server.getPassword() ) ); + } + } + } + catch ( Exception e ) + { + // 2009-02-12 Oleg: get do this because 2 levels up Exception is + // caught, not exception type does not matter + throw new IOException( e.getMessage() ); + } + } + } + public ArtifactRepository createLocalRepository( MavenExecutionRequest request, Settings settings, Configuration configuration ) throws MavenEmbedderException {