I am trying to use an encrypted password in my settings.xml. I have in my pom.xml a plugin connecting to the database, usin sql-maven-plugin:

<plugin>
  <groupId>org.codehaus.mojo</groupId>
  <artifactId>sql-maven-plugin</artifactId>
  <version>1.4</version>

  <dependencies>
    <dependency>
      <groupId>com.oracle</groupId>
      <artifactId>ojdbc14</artifactId>
      <version>10.2.0.5.0</version>
    </dependency>
  </dependencies>

  <configuration>
    <driver>oracle.jdbc.driver.OracleDriver</driver>
    <url>jdbc:oracle:thin:@ip.com:1521:SID</url>
    <username>someUser</username>
    <password>{JucQpWS78Q0HW+3ZS/FCCGHQpwbJ8ySl2Io/ILJqf88=}</password>
  </configuration>

  <executions>
    <execution>
      <id>update-configuration</id>
      <phase>package</phase>
      <goals>
        <goal>execute</goal>
      </goals>
      <configuration>
        <autocommit>false</autocommit>
        <srcFiles>
          <srcFile>src/main/sql/update_sim_configuration.sql</srcFile>
        </srcFiles>
      </configuration>
    </execution>

  </executions>
</plugin>

Which is working OK if I put the password as plain text in my pom.xml, I want to read this password from my settings.xml, the password is encrypted in this way:

mvn -ep the_password

I have in my settings.xml

...
<server>
  <id>rms13-db-dev</id>
  <username>user</username>
  <password>{JucQpWS78Q0HW+3ZS/FCCGHQpwbJ8ySl2Io/ILJqf88=}</password>
</server>
...

I want to 'read' decode in someway the 'password' from 'rms13-db-dev', how can I achieve this? or if you have an alternative version to achieve this.

For this to work, you need to encrypt a password using Maven tools and then configure the sql-maven-plugin to use it. This is not supported in version 1.4 of the plugin but it is possible with 1.5.

1. Create a master password with the command

   mvn --encrypt-master-password
   

   Maven will prompt you for the password since 3.2.1. Once you did that, create a file called ~/.m2/settings-security.xml with the content

   <settingsSecurity>
     <master><!-- result of above command --></master>
   </settingsSecurity>
   

2. Encrypt your password with the command

   mvn --encrypt-password
   

   The same as before, Maven will prompt you for the password. Then in your Maven settings (~/.m2/settings.xml, create the file if it doesn't exist), have the content

   <settings>
   ...
     <servers>
     ...
       <server>
         <id>my.server</id>
         <username><!-- your DB username --></username>
         <password><!-- the encrypted password --></password>
       </server>
     ...
     </servers>
   ...
   </settings>
   

3. Configure your sql-maven-plugin with the settingsKey attribute to your server id, which in this case would be my.server. You need to use version 1.5 of the plugin.

   <plugin>
     <groupId>org.codehaus.mojo</groupId>
     <artifactId>sql-maven-plugin</artifactId>
     <version>1.5</version> <!-- 1.5 required -->
     <configuration>
       <settingsKey>my.server</settingsKey> <!-- id of server here -->
       <driver>oracle.jdbc.driver.OracleDriver</driver>
       <url>jdbc:oracle:thin:@ip.com:1521:SID</url>
       <!-- username and password are not mentioned anymore -->
     </configuration>
   </plugin>
   

If any of the encrypted passwords contain curly braces, you'll need to escape them by having \{ and \}.

1. In pom.xml, remove user/password and instead specify a settingsKey as explained in the MOJO documentation.
2. In settings.xml, create a new server entry with id equals to the previous settingsKey value, as explained here.
3. Create a settings-security.xml and encrypt the server password the standard way. The file should be created in the following path: ${user.home}/.m2/settings-security.xml See example below:

    <settingsSecurity>
        <master>{jSMOWnoPFgsHVpMvz5VrIt5kRbzGpI8u+9EF1iFQyJQ=}</master>
    </settingsSecurity>