Disable Maven central repository
My company's policy frowns upon artifacts downloaded automatically (they have to be approved), so in order to use Maven I need to disable access to Maven's central repository.
In other words, I don't want Maven to attempt any downloads from central.
I know how to configure a local repository (networked or not), my idea is using a "blessed" machine to update the local repository.
PS: I could block requests at the proxy/network level, but I'm asking about how to do it with Maven's configuration.
UPDATE
I finally figured out how to do it. In maven's home, in the conf directory is a global settings.xml.
You can either set a mirror to central that points to some internal server or just override it's definition.
Answer
Agreed. No direct downloads from external repositories should be allowed in your release builds.
The specific answer to your question is the second part of my answer :-)
Setup a repository manager
I'd recommend setting up a local Maven repository manager. Good options are the following:
All of these are capable of acting as a caching proxy for the externally available Maven central jars.
You might also be interested in the Profession version of Nexus. It includes a Procurement suite for managing external libraries. It also provides Maven plugins for centrally managing the Maven settings file, which is the second part of my answer...
Local Maven settings
Update the settings file located in the following directory:
$HOME/.m2/settings.xml
Specify that all central requests should be redirected to the local Maven repository:
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
http://maven.apache.org/xsd/settings-1.0.0.xsd">
...
<mirrors>
<mirror>
<id>central-proxy</id>
<name>Local proxy of central repo</name>
<url>http://<hostname>/central</url>
<mirrorOf>central</mirrorOf>
</mirror>
</mirrors>
...
</settings>