Nexus Repository Manager 3 password encryption

Sonatype Nexus Repository
1

Hi,

In the project, for security reasons, we are using Active Directory with Nexus and we want to encrypt the password that is stored in settings.xml for Maven connection

I would like to know about the following:

  1. does Nexus accept encrypted password for Authentication
  2. does Nexus have the capability to decrypt the encrypted password that is passed to it from settings.xml

Thank you

2

Storing encrypted passwords in the settings.xml file is a Maven feature, not necessarily a Nexus feature. Have you tried to use any of the approaches available here? Additionally, the Pro version of Nexus Repository Manager supports User Tokens, which may be another option.

3

Hi,

Thanks for the reply. I am not very familiar with the password encryption feature in Maven, I will read up on it further.

My query is that

  1. is Maven going to send the encrypted password to the server (i.e. the server where Nexus is installed)
  2. or does Maven actually decrypt the encrypted password stored in settings.xml before sending the decrypted password to the server
  3. in the case that Nexus received an encrypted password, does Nexus have corresponding plugin or capability to decrypt the password

Thank you