I'm transitioning a Maven 1 repo from an internal machine where security wasn't an issue, to a machine that can be accessed from the Internet. I want to make the repo available for downloads by our developers, but no one else. Is it possible to setup secure access to the repository? Porting everything to Maven 2 (where this would be easier) is not feasible right now.
Some solutions I've considered:
o Use sftp
: to access the repo instead of http
:. From the Maven docs, though, it looks like you need to include the username and password in the URL, but we're using private/public keys and no passwords.
o Use basic authentication for the repository directories. I can't tell if there's a way to define the username/password for Maven to use on the client side, though.
Has anyone tried one of the above, or come up with another clever way of doing this? Or know for sure it cannot be done w/ Maven 1?
Thanks for any leads.