Avoiding keeping credentials in application POM files
During a Maven build you need to connect to external repositories outside your firewall. In a tightly secured environment, any outbound connection has to go through an internal proxy server. The following configuration in MAVEN_HOME/conf/settings.xml shows how to connect to an external repository via a secured proxy server:
<proxy> <id>internal_proxy</id> <active>true</active> <protocol>http</protocol> <username>proxyuser</username> <password>proxypass</password> <host>proxy.host.net</host> <port>80</port> <nonProxyHosts>local.net|some.host.com</nonProxyHosts> </proxy>
Also, the Maven repositories can be protected for legitimate access. If a given repository is protected with HTTP Basic Authentication, the corresponding credentials should be defined as follows, under the server element of MAVEN_HOME/conf/settings.xml...
