[MANTTASKS-177] artifact:dependencies ignores settings-security.xml and sends password hash to repository
Submitted by Ross Mellgren
git-svn-id: https://svn.apache.org/repos/asf/maven/ant-tasks/trunk@1438231 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/pom.xml b/pom.xml
index 3e3ba88..2bf3144 100644
--- a/pom.xml
+++ b/pom.xml
@@ -135,6 +135,7 @@
<properties>
<mavenVersion>2.2.1</mavenVersion>
<wagonVersion>1.0-beta-6</wagonVersion>
+ <securityDispatcherVersion>1.3</securityDispatcherVersion>
</properties>
<dependencies>
@@ -220,6 +221,11 @@
<artifactId>wagon-provider-api</artifactId>
<version>${wagonVersion}</version>
</dependency>
+ <dependency>
+ <groupId>org.sonatype.plexus</groupId>
+ <artifactId>plexus-sec-dispatcher</artifactId>
+ <version>${securityDispatcherVersion}</version>
+ </dependency>
</dependencies>
<build>
diff --git a/src/main/java/org/apache/maven/artifact/ant/AbstractArtifactTask.java b/src/main/java/org/apache/maven/artifact/ant/AbstractArtifactTask.java
index 2a8bef4..53571d8 100644
--- a/src/main/java/org/apache/maven/artifact/ant/AbstractArtifactTask.java
+++ b/src/main/java/org/apache/maven/artifact/ant/AbstractArtifactTask.java
@@ -73,6 +73,8 @@
import org.codehaus.plexus.util.ReaderFactory;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.plexus.util.xml.pull.XmlPullParserException;
+import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
+import org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException;
/**
* Base class for artifact tasks.
@@ -436,7 +438,23 @@
Server server = getSettings().getServer( repository.getId() );
if ( server != null )
{
- repository.addAuthentication( new Authentication( server ) );
+ Authentication authentication = new Authentication( server );
+
+ String password = authentication.getPassword();
+
+ if (password != null) {
+ try {
+ SecDispatcher securityDispatcher = (SecDispatcher) container.lookup(SecDispatcher.ROLE);
+ password = securityDispatcher.decrypt(password);
+ authentication.setPassword(password);
+ } catch (SecDispatcherException e) {
+ log(e, Project.MSG_ERR);
+ } catch (ComponentLookupException e) {
+ log(e, Project.MSG_ERR);
+ }
+ }
+
+ repository.addAuthentication( authentication );
}
}
@@ -593,7 +611,7 @@
{
protocols.add( entry.getKey() );
}
- return (String[]) protocols.toArray( new String[protocols.size()] );
+ return protocols.toArray( new String[protocols.size()] );
}
catch ( ComponentLookupException e )
{
@@ -682,7 +700,7 @@
Object ref = i.next();
if ( ref instanceof Pom )
{
- result.add( (Pom)ref );
+ result.add( ref );
}
}
return result;
@@ -735,7 +753,8 @@
}
/** @noinspection RefusedBequest */
- public void execute()
+ @Override
+ public void execute()
{
// Display the version if the log level is verbose
showVersion();
diff --git a/src/main/resources/META-INF/plexus/components.xml b/src/main/resources/META-INF/plexus/components.xml
new file mode 100644
index 0000000..594e746
--- /dev/null
+++ b/src/main/resources/META-INF/plexus/components.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<component-set>
+ <components>
+
+ <component>
+ <role>org.sonatype.plexus.components.sec.dispatcher.SecDispatcher</role>
+ <role-hint>maven</role-hint>
+ <implementation>org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher</implementation>
+ <description>Maven Security dispatcher</description>
+ <requirements>
+ <requirement>
+ <role>org.sonatype.plexus.components.cipher.PlexusCipher</role>
+ <field-name>_cipher</field-name>
+ </requirement>
+ <requirement>
+ <role>org.sonatype.plexus.components.sec.dispatcher.PasswordDecryptor</role>
+ <field-name>_decryptors</field-name>
+ </requirement>
+ </requirements>
+ <configuration>
+ <_configuration-file>~/.m2/settings-security.xml</_configuration-file>
+ </configuration>
+ </component>
+ </components>
+</component-set>