Add tomcat server credentials to project's pom and not settings.xml

Question

I want to be able to build and deploy my java webapp on my local development installation of tomcat without adding the tomcat user's credentials to maven's settings.xml on every development computer. Every article I've found requires modifying settings.xml.

I've attempted adding the tag to my POM file and it doesn't seem to be allowed since I get errors about a "malformed POM" when I run "maven compile".

<project...>
    ...
    <servers>
        <server>
            <id>localhost</id>
            <username>admin</username>
            <password>password</password>
        </server>
    </servers>
    <dependencies>
    ...
    </dependencies>
</project>

Answer 1

You can try this:

<plugin> <groupId>org.apache.tomcat.maven</groupId> <artifactId>tomcat7-maven-plugin</artifactId> <version>2.1</version> <configuration> <url>${server-url}</url> <path>${deploy-path}</path> <username>${deploy-un}</username> <password>${deploy-pw}</password> </configuration> </plugin>

When you have many modules in your project, use <profile> in each module to deploy each module to different URLs. Ex:

In module A:

<profile> <id>server1</id> <properties> <!-- Replace with URL and authentication if needed --> <server-url>http://localhost:8080/manager/text</server-url> <deploy-path>/moduleA</deploy-path> <deploy-un>tomcatscript</deploy-un> <deploy-pw>p@ssw0rd</deploy-pw> </properties> </profile>

In module B:

<profile> <id>server1</id> <properties> <!-- Replace with URL and authentication if needed --> <server-url>http://localhost:8080/manager/text</server-url> <deploy-path>/moduleB</deploy-path> <deploy-un>tomcatscript</deploy-un> <deploy-pw>p@ssw0rd</deploy-pw> </properties> </profile>

DO NOT FORGET to add this into your tomcat/conf/tomcat-users.xml:

<role rolename="manager-script"/> <role rolename="manager-jmx"/> <user username="tomcatscript" password="p@ssw0rd" roles="manager-script, manager-jmx"/>

Then at terminal, use this: mvn tomcat7:[re]deploy -Pserver1

moduleA will be deployed to http://localhost:8080/moduleA,

moduleB will be deployed to http://localhost:8080/moduleB

Hope this helps!

Answer 2

The answer is given at the end of the article you quote

The reason that credentials is set in the settings.xml is because your username and password should be secret in most cases, and there is no reason to deviate from the standard way of setting up server credentials that people will have to adapt to.

Your POM file would be normally committed into a source control system making it the worst place to keep senstive information. Passwords in the settings file can also be encrypted.

Finally the POM file is designed to hold information on how to build your code. The settings file is designed to setup environment speific settings for your build. Items like the location of your Maven repositories. Information on how the code is deployed would also fall under this category, you and I might share a codebase but we're unlikely to share the same tomcat server.