akadir's blog

Password encryption in settings.xml via maven

October 15, 2019

Let’s say you are making your developments behind corporate proxy and you need to configure your maven settings according to this proxy configurations but at the same time you don’t want to type your password as plain-text in your settings.xml because of the security considerations.

In order to solve this problem first you need to generate master password to store in settings-security.xml as following structure:

<settingsSecurity>
    <master>{rsB56BJcqoEHZqEZ0R1VR4TIspmODx1Ln8/PVvsgaGw=}</master>
</settingsSecurity>

To generate this master password you need to run this command:

$ mvn -emp mypassword
{rsB56BJcqoEHZqEZ0R1VR4TIspmODx1Ln8/PVvsgaGw=}

After running the command you will get your master password.

And then you need to encrypt your user password. To do this simply running below command will be enough: (Let’s say your password is: loremIpsum)

$ mvn -ep loremIpsum
{7SX3V+1VIcEHBN9GukeB+dwz5e5GLHHzXe2xinPsjLE=}

This command will generate your encrypted password. You can now use your encrypted password in your settings.xml file:

...
<proxies>
    <proxy>
    <id>example-proxy</id>
    <active>true</active>
    <protocol>http</protocol>
    <host>proxy.yourcorporate.com</host>
    <port>8080</port>
    <username>yourUsername</username>
    <password>{7SX3V+1VIcEHBN9GukeB+dwz5e5GLHHzXe2xinPsjLE=}</password>
    <nonProxyHosts>localhost|127.0.0.1</nonProxyHosts>
    </proxy>
</proxies>
...

references and further readings:

- Maven Tips and Tricks: Encrypting Passwords
- Password Encryption

akadir

Personal blog by akadir.