mirror of https://github.com/apache/maven.git
[MNG-4033] found more appropriate injection point for password encryption
git-svn-id: https://svn.apache.org/repos/asf/maven/components/trunk@743947 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
48398db0e4
commit
e07ccacaf2
|
@ -19,6 +19,13 @@
|
||||||
* under the License.
|
* under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.io.Reader;
|
||||||
|
import java.io.StringReader;
|
||||||
|
import java.io.StringWriter;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
import org.apache.maven.execution.MavenExecutionRequest;
|
import org.apache.maven.execution.MavenExecutionRequest;
|
||||||
import org.apache.maven.settings.io.xpp3.SettingsXpp3Reader;
|
import org.apache.maven.settings.io.xpp3.SettingsXpp3Reader;
|
||||||
import org.apache.maven.settings.io.xpp3.SettingsXpp3Writer;
|
import org.apache.maven.settings.io.xpp3.SettingsXpp3Writer;
|
||||||
|
@ -34,14 +41,6 @@
|
||||||
import org.codehaus.plexus.util.IOUtil;
|
import org.codehaus.plexus.util.IOUtil;
|
||||||
import org.codehaus.plexus.util.ReaderFactory;
|
import org.codehaus.plexus.util.ReaderFactory;
|
||||||
import org.codehaus.plexus.util.xml.pull.XmlPullParserException;
|
import org.codehaus.plexus.util.xml.pull.XmlPullParserException;
|
||||||
import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
|
|
||||||
|
|
||||||
import java.io.File;
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.io.Reader;
|
|
||||||
import java.io.StringReader;
|
|
||||||
import java.io.StringWriter;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author jdcasey
|
* @author jdcasey
|
||||||
|
@ -54,9 +53,6 @@ public class DefaultMavenSettingsBuilder
|
||||||
@Requirement
|
@Requirement
|
||||||
private SettingsValidator validator;
|
private SettingsValidator validator;
|
||||||
|
|
||||||
@Requirement( hint = "maven" )
|
|
||||||
private SecDispatcher securityDispatcher;
|
|
||||||
|
|
||||||
/** @since 2.1 */
|
/** @since 2.1 */
|
||||||
public Settings buildSettings( MavenExecutionRequest request )
|
public Settings buildSettings( MavenExecutionRequest request )
|
||||||
throws IOException, XmlPullParserException
|
throws IOException, XmlPullParserException
|
||||||
|
@ -104,8 +100,6 @@ public Settings buildSettings( MavenExecutionRequest request )
|
||||||
TrackableBase.GLOBAL_LEVEL );
|
TrackableBase.GLOBAL_LEVEL );
|
||||||
|
|
||||||
userSettings = interpolate( userSettings, request );
|
userSettings = interpolate( userSettings, request );
|
||||||
|
|
||||||
decrypt( userSettings );
|
|
||||||
|
|
||||||
// for the special case of a drive-relative Windows path, make sure it's absolute to save plugins from trouble
|
// for the special case of a drive-relative Windows path, make sure it's absolute to save plugins from trouble
|
||||||
String localRepository = userSettings.getLocalRepository();
|
String localRepository = userSettings.getLocalRepository();
|
||||||
|
@ -122,39 +116,6 @@ public Settings buildSettings( MavenExecutionRequest request )
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* decrypt settings passwords and passphrases
|
|
||||||
*
|
|
||||||
* @param settings settings to process
|
|
||||||
* @throws IOException
|
|
||||||
*/
|
|
||||||
@SuppressWarnings("unchecked")
|
|
||||||
private void decrypt( Settings settings )
|
|
||||||
throws IOException
|
|
||||||
{
|
|
||||||
List<Server> servers = settings.getServers();
|
|
||||||
|
|
||||||
if ( servers != null && !servers.isEmpty() )
|
|
||||||
{
|
|
||||||
try
|
|
||||||
{
|
|
||||||
for ( Server server : servers )
|
|
||||||
{
|
|
||||||
if ( server.getPassword() != null )
|
|
||||||
{
|
|
||||||
server.setPassword( securityDispatcher.decrypt( server.getPassword() ) );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
catch ( Exception e )
|
|
||||||
{
|
|
||||||
// 2009-02-12 Oleg: get do this because 2 levels up Exception is
|
|
||||||
// caught, not exception type does not matter
|
|
||||||
throw new IOException( e.getMessage() );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private Settings interpolate( Settings settings, MavenExecutionRequest request )
|
private Settings interpolate( Settings settings, MavenExecutionRequest request )
|
||||||
throws IOException, XmlPullParserException
|
throws IOException, XmlPullParserException
|
||||||
{
|
{
|
||||||
|
|
|
@ -136,7 +136,7 @@ use a configuration source to pull in the lifecycle information.
|
||||||
</defaultReports>
|
</defaultReports>
|
||||||
<!-- END SNIPPET: default-reports -->
|
<!-- END SNIPPET: default-reports -->
|
||||||
</configuration>
|
</configuration>
|
||||||
</component>
|
</component>
|
||||||
|
|
||||||
<component>
|
<component>
|
||||||
<role>org.sonatype.plexus.components.sec.dispatcher.SecDispatcher</role>
|
<role>org.sonatype.plexus.components.sec.dispatcher.SecDispatcher</role>
|
||||||
|
@ -153,5 +153,6 @@ use a configuration source to pull in the lifecycle information.
|
||||||
<_configuration-file>~/.m2/settings-security.xml</_configuration-file>
|
<_configuration-file>~/.m2/settings-security.xml</_configuration-file>
|
||||||
</configuration>
|
</configuration>
|
||||||
</component>
|
</component>
|
||||||
|
|
||||||
</components>
|
</components>
|
||||||
</component-set>
|
</component-set>
|
||||||
|
|
|
@ -60,6 +60,8 @@
|
||||||
import org.codehaus.plexus.logging.AbstractLogEnabled;
|
import org.codehaus.plexus.logging.AbstractLogEnabled;
|
||||||
import org.codehaus.plexus.util.StringUtils;
|
import org.codehaus.plexus.util.StringUtils;
|
||||||
import org.codehaus.plexus.util.xml.Xpp3Dom;
|
import org.codehaus.plexus.util.xml.Xpp3Dom;
|
||||||
|
import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
|
||||||
|
import org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Things that we deal with in this populator to ensure that we have a valid {@MavenExecutionRequest}
|
* Things that we deal with in this populator to ensure that we have a valid {@MavenExecutionRequest}
|
||||||
|
@ -89,7 +91,12 @@ public class DefaultMavenExecutionRequestPopulator
|
||||||
|
|
||||||
@Requirement
|
@Requirement
|
||||||
private MavenTools mavenTools;
|
private MavenTools mavenTools;
|
||||||
|
|
||||||
|
// 2009-02-12 Oleg: this component is defined in maven-core components.xml
|
||||||
|
// because it already has another declared (not generated) component
|
||||||
|
@Requirement( hint = "maven" )
|
||||||
|
private SecDispatcher securityDispatcher;
|
||||||
|
|
||||||
public MavenExecutionRequest populateDefaults( MavenExecutionRequest request,
|
public MavenExecutionRequest populateDefaults( MavenExecutionRequest request,
|
||||||
Configuration configuration )
|
Configuration configuration )
|
||||||
throws MavenEmbedderException
|
throws MavenEmbedderException
|
||||||
|
@ -454,8 +461,12 @@ private void resolveParameters( Settings settings )
|
||||||
for ( Iterator i = settings.getServers().iterator(); i.hasNext(); )
|
for ( Iterator i = settings.getServers().iterator(); i.hasNext(); )
|
||||||
{
|
{
|
||||||
Server server = (Server) i.next();
|
Server server = (Server) i.next();
|
||||||
|
|
||||||
|
String pass = securityDispatcher.decrypt( server.getPassword() );
|
||||||
|
|
||||||
|
String phrase = securityDispatcher.decrypt( server.getPassphrase() );
|
||||||
|
|
||||||
wagonManager.addAuthenticationInfo( server.getId(), server.getUsername(), server.getPassword(), server.getPrivateKey(), server.getPassphrase() );
|
wagonManager.addAuthenticationInfo( server.getId(), server.getUsername(), pass, server.getPrivateKey(), phrase );
|
||||||
|
|
||||||
wagonManager.addPermissionInfo( server.getId(), server.getFilePermissions(), server.getDirectoryPermissions() );
|
wagonManager.addPermissionInfo( server.getId(), server.getFilePermissions(), server.getDirectoryPermissions() );
|
||||||
|
|
||||||
|
@ -480,12 +491,49 @@ private void resolveParameters( Settings settings )
|
||||||
wagonManager.addMirror( mirror.getId(), mirror.getMirrorOf(), mirror.getUrl() );
|
wagonManager.addMirror( mirror.getId(), mirror.getMirrorOf(), mirror.getUrl() );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
catch ( SecDispatcherException e )
|
||||||
|
{
|
||||||
|
throw new SettingsConfigurationException( e.getMessage() );
|
||||||
|
}
|
||||||
finally
|
finally
|
||||||
{
|
{
|
||||||
container.release( wagonManager );
|
container.release( wagonManager );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* decrypt settings passwords and passphrases
|
||||||
|
*
|
||||||
|
* @param settings settings to process
|
||||||
|
* @throws IOException
|
||||||
|
*/
|
||||||
|
@SuppressWarnings("unchecked")
|
||||||
|
private void decrypt( Settings settings )
|
||||||
|
throws IOException
|
||||||
|
{
|
||||||
|
List<Server> servers = settings.getServers();
|
||||||
|
|
||||||
|
if ( servers != null && !servers.isEmpty() )
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
for ( Server server : servers )
|
||||||
|
{
|
||||||
|
if ( server.getPassword() != null )
|
||||||
|
{
|
||||||
|
server.setPassword( securityDispatcher.decrypt( server.getPassword() ) );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
catch ( Exception e )
|
||||||
|
{
|
||||||
|
// 2009-02-12 Oleg: get do this because 2 levels up Exception is
|
||||||
|
// caught, not exception type does not matter
|
||||||
|
throw new IOException( e.getMessage() );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public ArtifactRepository createLocalRepository( MavenExecutionRequest request, Settings settings, Configuration configuration )
|
public ArtifactRepository createLocalRepository( MavenExecutionRequest request, Settings settings, Configuration configuration )
|
||||||
throws MavenEmbedderException
|
throws MavenEmbedderException
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue