-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Does Jbundler support authentication to private repositories? #50
Comments
jbundler just uses maven under the hood by translating the Jarfile into a pom.xml so everything which works with maven regarding the settings.xml does work with jbundler. yes, documentation is missing here: the repository takes 2 arguments: <repository>
<id>private-repo</id>
<name>private-repo</name>
<url>https://somemavenrepo.com</url>
</repository> I think the adding it into the Jarfile itself is quite a tasks since then the next request will be to "extract" those credentials into an external files and/or encrypt them: maven solved these issues already. let me know if there is still a problem. |
Ahhh, that's the magic for making it work. So the first arg to 'repository' is actually the Maven ID for a server in the settings.xml In the docs (possibly buried in the wiki somewhere) it said that (originally) this argument was only for giving the repo a name for debugging purposes, and it did not actively affect the way Maven works. |
yes, you are right the wiki is wrong - it is more then just debug help ;) I will keep this issue open, since I am planning to expose all those other maven features to the Jarfile DSL as well, like checksum-policy and update-policy then I just need to remember to find all those wiki parts and update them respectively |
You can specify a custom repository easily enough with the 'repository "https://somemavenrepo.com" line, but there's nothing in the documentation saying whether this supports authenticated requests using a standard Maven username/password. Can this be done in the Jarfile itself, perhaps similar to the way a build.gradle file has a credentials block in its repository definition:
Alternatively does Jbundler obey the authentication definition in settings.xml when downloading artefacts from a URL that matches one in the settings.xml?
Given that the most common reason for hosting your own Maven repo is (probably) to host commercial private JAR artefacts protected by authentication, this seems a bit of an oversight.
The text was updated successfully, but these errors were encountered: