mavendeploymentsettingsartifactory

Maven: Trying to Deploy with credentials in settings.xml file


This seemed to be working last week and now it doesn't.

I can deploy to the repository by embedding my credentials in the server URL on the command line:

 $ mvn deploy:deploy-file \
     -Durl=http://deployer:swordfish@repo.veggiecorp.com/artifactory/ext-release-local \
     -Dfile=crypto.jar \
     -DpomFile=pom.xml \
     -Did=VeggieCorp
  yadda...yadda...yadda...
  [INFO] ------------------------------------------------------------------------
  [INFO] BUILD SUCCESS
  [INFO] ------------------------------------------------------------------------
  [INFO] Total time: 0.962s
  [INFO] Finished at: Mon Aug 20 10:06:04 CDT 2012
  [INFO] Final Memory: 4M/118M
  [INFO] ------------------------------------------------------------------------

However, that whole deployment gets logged and my credentials would be visible in the log. Therefore, I want to be able to deploy without my credentials on the command line. To do that, I have a $HOME/.m2/settings.xml file:

<settings>
    <proxies>
        <proxy>
            <active>true</active>
            <protocol>http</protocol>
            <host>proxy.veggiecorp.com</host>
            <port>3128</port>
            <nonProxyHosts>*.veggiecorp.com</nonProxyHosts>
        </proxy>
    </proxies>
    <servers>
        <server>
            <id>VeggieCorp</id>
            <username>deployer</username>
            <password>swordfish</password>
        </server>
    </servers>
    <profiles>
        <profile>
            <id>VeggieCorp</id>
            <activation>
                 <activeByDefault>true</activeByDefault>
            </activation>
            <repositories>
                <repository>
                    <id>VeggieCorp</id>
                    <name>VeggieCorp's Maven Repository</name>
                    <releases>
                        <enabled>true</enabled>
                        <updatePolicy>always</updatePolicy>
                        <checksumPolicy>warn</checksumPolicy>
                    </releases>
                    <snapshots>
                        <enabled>false</enabled>
                        <updatePolicy>always</updatePolicy>
                        <checksumPolicy>warn</checksumPolicy>
                    </snapshots>
                    <url>http://repo.veggiecorp.com/artifactory/ext-release-local</url>
                    <layout>default</layout>
                </repository>
            </repositories>
        </profile>
    </profiles>
    <activeProfiles>
        <activeProfile>VeggieCorp</activeProfile>
    </activeProfiles>
</settings>

Now, I'll try deploying again, but without putting the user name and password in the URL:

 $ mvn deploy:deploy-file \
     -Durl=http://repo.veggiecorp.com/artifactory/ext-release-local \
     -Dfile=crypto.jar \
     -DpomFile=pom.xml \
     -Did=VeggieCorp
yadda...yadda...yadda
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 0.751s
[INFO] Finished at: Mon Aug 20 10:17:15 CDT 2012
[INFO] Final Memory: 4M/119M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy-  file (default-cli) on project crypto:
 Failed to deploy artifacts: Could not transfer artifact  
    com.veggiecorp:crypto:jar:2.0.0 from/to remote-repository 
    (http://mvn.veggiecorp.com/artifactory/ext-release-local):
    Failed to transfer file:
    http://mvn.veggiecorp.com/artifactory/ext-release-local/com/veggiecorp/crypto/2.0.0/crypto-2.0.0.jar.
    Return code is: 401, ReasonPhrase:Unauthorized. -> [Help 1]

(I've reformatted the output to make it easier to see. I'm getting a 401 "Unauthorized" error)

So, what am I doing wrong? Why can't I use my .settings.xml file to do my credentials? The proxy part does work because it can download the needed plugins from the main Maven repository.


Solution

  • You need to provide the repositoryId=VeggieCorp (not id) property so that maven knows from which <server> configuration it has to read the credentials.

    $ mvn deploy:deploy-file \
     -Durl=http://repo.veggiecorp.com/artifactory/ext-release-local \
     -Dfile=crypto.jar \
     -DpomFile=pom.xml \
     -DrepositoryId=VeggieCorp
    

    See http://maven.apache.org/plugins/maven-deploy-plugin/deploy-file-mojo.html

    Server Id to map on the <id> under <server> section of settings.xml In most cases, this parameter will be required for authentication.