Java – can Maven re sign dependencies?

Java

I'm using maven jarsigner plugin to sign my shadow super can I really need to distribute some dependencies in my jars and want to get these jars from the Maven repository, clear any existing signatures, and sign with my own certificate

Is there a maven plug-in that can do this, or will I cover some ant plug-ins, hackery?

Solution

As a result, maven jarsigner plugin can use its removeexistingsignatures configuration element to re sign existing jars It's simple!

I use Maven - dependency - plugin to copy the artifacts to the in the generate - resources phase In the war project, and then sign in the process - resources phase

<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-dependency-plugin</artifactId>
    <version>2.8</version>
    <executions>
        <execution>
            <id>copy</id>
            <phase>generate-resources</phase>
            <goals>
                <goal>copy</goal>
            </goals>
            <configuration>
                <artifactItems>
                    <artifactItem>
                        <groupId>org.lwjgl.lwjgl</groupId>
                        <artifactId>lwjgl-platform</artifactId>
                        <version>2.9.0</version>
                        <classifier>natives-osx</classifier>
                        <type>jar</type>
                        <overWrite>true</overWrite>
                        <outputDirectory>src/main/webapp/</outputDirectory>
                        <destFileName>lwjgl-platform-natives-osx.jar</destFileName>
                    </artifactItem>   
                </artifactItems>        
                <outputDirectory>src/main/webapp</outputDirectory>
                <overWriteReleases>true</overWriteReleases>
                <overWriteSnapshots>true</overWriteSnapshots>
            </configuration>
        </execution>
    </executions>
</plugin>

<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-jarsigner-plugin</artifactId>
    <version>1.2</version>
    <executions>
        <execution>
            <id>sign</id>
            <phase>process-resources</phase>
        <goals>
            <goal>sign</goal>
            </goals>
    </execution>
    </executions>
    <configuration>
        <keystore>${basedir}/path/to/my.keystore</keystore>
        <alias>alias</alias>
        <storepass>password</storepass>
        <keypass>password</keypass>
        <verbose>true</verbose>
        <archiveDirectory>src/main/webapp/</archiveDirectory>
        <processMainArtifact>false</processMainArtifact>
        <removeExistingSignatures>true</removeExistingSignatures>
    </configuration>
</plugin>
The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>