tags:

views:

309

answers:

1
+1  Q: 

Javamail, IMAP and Kerberos

Hi guys,

I'm using javamail to check an IMAP inbox, and at the moment I'm simply logging into the IMAP server by storing the username and password. Our security policy at work requires this to be kerberised however.

I've been reading up on javamail, IMAP and kerberos, and some resources say it isn't possible, whilst others suggest it is possible. And unfortunately I couldn't find any examples showing how to connect via. kerberos.

I was just wondering if anybody could confirm/deny whether it is possible to connect to an IMAP server via. kerberos with javamail, and if anybody has come across any resources that may be useful it would be very much appreciated.

Thanks,

Martin.

A: 

It's theoretically possible in Java 1.5 or higher and Kerberos v5 by setting mail.imap.sasl.mechanisms property of JavaMail IMAP provider to GSSAPI (docs) and using JAAS and Java GSS API for authentication, but it's an absolute bitch to implement.

I went through the above links as well as this tutorial and I kind of got it to work in dev environment, but the result was extremely brittle. Now I'm not implying that is Sun's implementation fault - I'm quite sure it's mine; but the lack of available examples is suggesting that this may not be a time-tested production-ready solution.

Luckily for me, I'm not bound by external security policies :-) so I ended up using IMAP over SSL instead which is infinitely more straightforward.

ChssPly76  2009-08-15 18:44:08
Thanks, I'll give this a shot and see how stable it is! Do you have to actually implement it yourself though? By those links it just looks like a case of setting mail.imap.sasl.enable to true and mail.imap.sasl.mechanisms to GSS?
 2009-08-15 20:34:00
Javamail-wise - yes, although you also may need to set `mail.imap.sasl.authorizationid` depending on your setup. The "brittle" part is trying to get it to actually work with your mail server. I've had dovecot in dev environment and even though I was able to connect to it just fine via Thunderbird, it took a lot of hassle to get javamail to work with it. It was a while ago, so maybe things have improved since then but I remember I've had to play with various `javax.security.sasl.*` properties to get it to work.
ChssPly76  2009-08-15 21:14:45

related questions

How to determine the size of an attached file from a IMAP message
Doing email analysis for a postmortem (Exchange or IMAP)
Processing incoming email
How do I enable push-notification for IMAP (Gmail) using Python imaplib?
Fetch mail attachment into SQL Server 2005 using IMAP
Python imaplib Gmail authenticate failure
How do I mock an IMAP server in Python, despite extreme laziness?
Programmaticly use Gmail to receive e-mail?
Properly formatted example for Python iMAP email access?
Fire an event when email is received
SMTP and IMAP server library for .net
How to set up a bidirectionally encrypted email server?
Get UID for message from GMail using javax.mail with IMAP
Tool to copy IMAP folders from one server to another
How do I perform an IMAP search in Python (using Gmail and imaplib)?
php - imap - moving emails on antoher account
IMAP: "immediate" delete, without going through Trash folder?
IMAP: how to move a message from one folder to another
What do the flags in a Maildir message filename mean?
IMAP4 server for .NET
IMAP in emacs rmail?
Getting mail from GMail into Java application using IMAP
IMAP forwarder
Deleting messages from Exchange IMAP mailbox on iPhone
Recommendations for a .NET component to access an email inbox