tags:

views:

1599

answers:

6
+2  Q: 

Secure Gmail login on web browser from external Java program

Is there a secure way of logging into a Gmail account on a web browser, from an external Java program? I know the following works, but is there a safer alternative?

Desktop.getDesktop().browse(new URI(
        "https://www.google.com/accounts/ServiceLoginAuth?continue=http://mail.google.com/gmail" +
        "&service=mail&Email=LOGIN&Passwd=PASSWORD&null=Sign+in"));

Clarification: The external Java program is GmailAssistant, a Gmail notifier that already uses the IMAP capabilities of JavaMail. I just need a way of allowing the user to access the account directly in a web browser.

+1  A: 

If you are afraid that the link is visible in the Page, create a javascript document that sends a POST request to the server.

Armin Ronacher  2008-09-21 20:52:17
He said Java, not JavaScript.
Justin Bennett  2008-09-21 20:54:17
He's suggesting creating a HTML file with the embedded javascript. The JS POSTs to Google on load, the Java program tells the browser to open the snippet file.
Will Hartung  2008-09-22 14:59:09
Does that mean that the JS file would need to contain the login credentials, or can I pass those into the browser dynamically?
Zach Scrivena  2008-09-22 15:16:26
+3  A: 

Depending of how much you want to integrate, you can check Google single sign-on (SSO) api. I'm studing how to use it and the best way to integrate it

http://code.google.com/apis/apps/sso/saml_reference_implementation.html

Victor

UPDATED:

As a better option, you should check this link as well http://esoeproject.org/

VP  2008-09-21 20:57:05
+1  A: 

If you want to programmatically access the content of a GMail account, I would strongly suggest to use the IMAP access provided by Google.

Looking at the question the other way around, you can setup an OpenID authentication scheme based on your Google account.

Joannes Vermorel  2008-09-21 20:57:15
Thanks for your answer, but I already use JavaMail to connect to the account via IMAP (see clarification in question).
Zach Scrivena  2008-09-22 14:57:19
+2  A: 

If you're really wanting to control a browser from Java, you'll have to use a web-connector such as Selenium or WebDriver. Both of these let you control a browser directly from within Java and simulate a user typing text, clicking on links and submitting forms. One thing to keep in mind when doing this with Selenium is that it interacts with a complete new profile which is usually independent of your standard Firefox probile.

Roshan  2008-09-21 21:35:03
A: 

I used google's IMAP access with the JavaMail API, and it was very simple.

Heath Borders  2008-09-22 14:23:32
Thanks for your answer, but I already use JavaMail to connect to the account via IMAP (see clarification in question).
Zach Scrivena  2008-09-22 14:55:28
A: 

If you're worried about the URL being sent for the login, understand that:

  1. https:// starts with www.google.com and will encrypt the session before
  2. sending the login details (or even the page it's going to
Stephen  2008-11-20 20:38:34

related questions

Make Browser Window Blink in Task Bar
Large File Download
Browser's Default CSS
Disable browser 'Save Password' functionality
What's the simplest way to decremement a date in Javascript by 1 day?
Browser scrollbar
Limitations of screen readers.
Version detection with Silverlight
Best way to fix CSS/JS drop-down problem in IE7 when page includes Google Map
Recommendations for browser add-on tools to help with development
Hyperlinks displaced on IE7
Building Standalone Applications in JavaScript
HTML differences between browsers
Browser Sync accross many machines
Getting selected text in a browser, cross-platform.
How to get PNG transparency working in browsers that don't natively support it?
Best WYSIWYG CSS editor?
Javascript events
Preferred way to use favicons?
IE6: To support or not to support.
Getting the text from a drop-down box
Other browsers
Drag and Drop to a hosted Browser control
How can I tell if a web client is blocking ads?
How can I determine a web user's time zone?