Can maven sign not only produced jar, but also dependencies

maven-2 jar sign
tevch picture tevch · May 19, 2009 · Viewed 7.1k times · Source

I managed to create main jar, copy dependencies to a single directory, the only step left is to sign all jars.

I can sign my own produced jar as a part of jar:sign, but how do i sign dependencies?

Thanks

Answer

Matthew McCullough picture Matthew McCullough · May 22, 2009

Here are a couple of options:

  1. Use the Maven ant task to run jarsigner from the JDK against all the dependencies.
  2. Use the webstart plugin which can sign all your JARs, even if you aren't using it for the purpose of JNLP-izing your app. I'm using it to actually JNLPize one app.
  3. Look at what the webstart plugin source is doing to iterate over all dependencies and sign them and start a new Maven Plugin/Mojo that does the same thing, sans JNLP.
  4. Onejar your app and its dependencies and just sign that.

Related questions

Including dependencies in a jar with Maven

Is there a way to force maven(2.0.9) to include all the dependencies in a single jar file? I have a project the builds into a single jar file. I want the classes from dependencies to be copied into the jar …

Read More
Controlling maven final name of jar artifact

I'm trying to define a property in our super pom which will be used by all child projects as the destination of the generated artifact. For this I was thinking about using project/build/finalName yet this does not seem …

Read More
The following artifacts could not be resolved: javax.jms:jms:jar:1.1

I am trying to compile a maven project, but I systematically get the following error message: [ERROR]Failed to execute goal on project ...: Could not resolve dependencies for project ...:war:1.0.0: The following artifacts could not be resolved: javax.jms:jms:…

Read More