05 - Running Maven

5. Running Maven

            5.1 Run from Command Line

            5.2 Run from Eclipse

            5.3 Running in Offline Mode

            5.4 Encrypting Passwords in settings.xml

 

Maven can change its properties on the fly (at runtime).This means that Maven can be customized in different ways in order to support any software environment:

                                                                

Running Maven requires write access to the ~/.m2 home directory and network access to download dependencies.

If the environment is restricted or a firewall existsthen in the file settings.xml inside the tag <proxies> the protocol, host, proxy password and user have to be added inside in order to have full network access to download the dependencies:

<settings>
…
<proxies>
<proxy>
<active>true</active>
<protocol>http</protocol>
<host>proxy.somewhere.com</host>
<port>8080</port>
<username>proxyuser</username>
<password>proxypassssword</password>
<nonProxyHosts></nonProxyHosts>
</proxy>
</proxies>
…
</settings>

 

5.1 Run from Command Line

Maven is a command line tooland can be started from a terminal. A build with Maven can be run from the folder where pom.xml is located with the command:

             mvn install.

With this command Maven will compile, build and install the build result in the local repository.

 

The build result will be deposited in the target folder.

                  

 

With the help command line will be obtained the maven available parameters:

              mvn –help

or                    

              mvn–h

Profiles can be activated in CLI with the option:

             - P, --activate-profiles

Logging can be made in Maven with the following options:

-e, ---errors

Error messages

-X, --debug

Debug output

-q, --quiet

Onlyshows errors

The –X option is used especially from the developers to diagnose difficult problems with dependencies or classpath during the development.

 

5.2 Run from Eclipse

Maven can be run from Eclipse with the aid of M2Eclipse Plugin. If the project is composed of multiple modules Maven should be run on the parent module because it will run the same goal on its children, according to the dependency order.

               

 

or

                 

 

Maven Run configuration window will be opened. This window allows the user to create its own configuration and save after, specify multiple goals and profiles. (see left menu – New configuration from the bellow screenshot ).

It provides options like “skip tests” or “update snapshots” and also customizes JRE or the environment variable.

                

Enter the Goals: clean install (with empty space between them)

Configure Maven Runtime: the window from Preferences menu will be opened and if Maven was not selected it can be selected as Embedded (included in Eclipse) or External (from external folder).

                 

The menu Refresh can be used to refresh entire project after the build is finished. This option is useful for projects with multiple modules.

                

Select the button Apply and then Run.

 

5.3 Running in Offline Mode

If the dependencies are checked only locally then Maven can be run in offline mode called Maven offline mode. In the command line it has to be added the argument –o

               mvn –o clean install

               mv –o test

Instead of adding  –o argument to CLI, this could be mentioned in settings.xml where the offline tag has to be set to true:

<settings>
…
<offline>true</offline>
…
</settings>

If a dependency is not available the build will fail.  This can be avoided by installing manually the dependencies from a packaged file (jar, war, ear):

mvninstall:install –file –DgroupId=%GROUP_ID%  -DartifactId=%ARTIFACT_ID%  -Dversion=%VERSION%  -Dfile=%COMPONENT%.jar –Dpackaging=jar

       -DgeneratePOM=true

5.4 Encrypting Passwords in settings.xml

During the development process repository information should be provided in settings.xml. The repository information has to be accompanied by user and password necessary for automatic server authentication. Maven provides a very simple method to encrypt the password.

Authorized users have an additional settings-security.xml file in their ~/.m2 folder. This file can contain:

  • encrypted master password – password used to encrypt other passwords
  • a relocation – reference to another file

The master password can be created via CLI.

After the master password is created existing server passwords can be encrypted. This means that the following steps should be followed:

  1. Create a master password

                   

  1. Create ~/.m2/security-settings.xml file and transfer(copy-paste) the encrypted master password into the security-settings.xml file

                   

  1. Encrypt the repository password.

                   

After the above steps the encrypted password can be used instead of clear text password.

Other way to create the encrypted password in Maven:

From command line it can be created a master password that can be stored in settings-security.xml file as described before in the above steps:

                  

If password is not provided in the command line as argument Maven will prompt for it:

                   

Store it in settings-security.xml:

                   

The repository password can be created then and stored in settings.xml file:   

                                                 

         

Store it in settings.xml file:

                 

It is not recommended to leave unencrypted passwords in the production system. An enterprising attacker could capture the password using a network analysis tool.

The security risk increases too when LDAP or other external applications are used if the password is exposed in plain-text.

It is recommended also that developers store the encrypted master password in the removable storage device (USB hard drive) and use it while interacting with the remote server or while performing a deployment. In this case settiings-security.xml file should contain reference to the location of the settings-security.xml file by the relocation element:

<settingsSecurity>
    <relocation>/Volumes/usb-key/settings-security.xml</relocation>
</settingsSecurity>

In settings.xml file it can be collected more passwords according to the number of the remote servers:

                  

 

The mechanism of using more encrypted passwords can be illustrated by following diagram:

                 

Maven retrieves the master password located in ~/.m2/settings-security.xml file during the build and uses it to decrypt the password stored in ~/.m2/settings.xml file and sends the decrypted password to the server.

Password can be encrypted too with the aid of Artifactory Maven plugin:

                 

Click the button Unlock and after the encrypted password is generated, transfer it to settings.xml file.

                 

In settings.xml file copy-paste the encrypted password:

               

Like us on Facebook