Ce contenu n'est pas disponible dans la langue sélectionnée.
14.6. Securely Accessing Maven Repositories
Overview
In a Fabric environment, you can implement basic authentication for secure access to Maven repositories. To do this, you add some configuration settings to the
default container profile.
Obtain encrypted Maven passwords
The
default profile has the maven-settings.xml template file and the maven-settings-secure.xml template file. You need to update these files to specify encrypted Maven passwords. Before you can do that, you must obtain an encryption of the master Maven password and and an encryption of the ordinary Maven password as follows:
- Invoke the
fabric:maven-passwordcommand to view Maven security settings:JBossFuse:karaf@root> fabric:maven-password Maven security configuration in Fabric environment defined in io.fabric8.maven and io.fabric8.agent PID. Security settings file: /data/servers/jboss-fuse-6.3.0.redhat-311/etc/maven-settings-security.xml Encrypted Maven master password: {PMFs1x/vuOMHhjzIZpzst/d5Kpna+WqNu3P15ZcIP8g=} - Decrypt the master Maven password that is in the security settings:
JBossFuse:karaf@root> fabric:maven-password -d Maven security configuration in Fabric environment defined in io.fabric8.maven and io.fabric8.agent PID. Security settings file: /data/servers/jboss-fuse-6.3.0.redhat-311/etc/maven-settings-security.xml Decrypted Maven master password: fabric:changeit - Obtain an encryption for the master Maven password by entering it twice at the prompts:
JBossFuse:karaf@root> fabric:maven-password --encrypt-master-password Master Maven password: Verify master Maven password: Encrypted master Maven password to use in security-settings.xml: {94gq/tbm0IYHZl4M6BstgfnY/iErAy+GKlfXiptLL/Q=} - Obtain an encryption for the regular Maven password:
JBossFuse:karaf@root> fabric:maven-password --encrypt-password Looking up master Maven password in /data/servers/jboss-fuse-6.3.0.redhat-311/etc/maven-settings-security.xml... Done! Maven password: Verify Maven password: Encrypted Maven password to use in settings.xml for server and proxy authentication: {WCUxIVlatO4HZG2xrqtVBziJIeDTTuVK1oCNEA2eKEQ=}
Procedure
To securely access Maven repositories in a Fabric environment:
- Obtain an encrypted master Maven password and an encrypted regular Maven password, as described in the previous section.
- In the
defaultprofile, configureio.fabric8.agent.properties/org.ops4j.pax.url.mvn.repositoriesas follows:org.ops4j.pax.url.mvn.repositories= http://localhost:8081/repository/maven-releases@id=nexus
- In the
defaultprofile, edit themaven-settings.xmlfile to specify the encrypted regular Maven password. For example:<servers> <server> <id>nexus</id> <username>developer</username> <password>{WCUxIVlatO4HZG2xrqtVBziJIeDTTuVK1oCNEA2eKEQ}</password> </server> ... </servers> - In the
defaultprofile, edit themaven-settings-security.xmlfile to specify the encrypted master Maven password. For example:<settingsSecurity> <master>{94gq/tbm0IYHZl4M6BstgfnY/iErAy+GKlfXiptLL/Q=}</master> </settingsSecurity> - Refresh the
defaultprofile so thatfabric-agentuses the updated configuration:profile-refresh default
- Restart the
fabric-mavenbundle so that the updates are available to the Maven URI handler and to thefabric-maven-proxybundle:bundle:stop io.fabric8.fabric-maven bundle:start io.fabric8.fabric-maven
