Javamail, IMAP and Kerberos
https://stackoverflow.com/questions/1282279
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm using javamail to check an IMAP inbox, and at the moment I'm simply logging into the IMAP server by storing the username and password. Our security policy at work requires this to be kerberised however.
I've been reading up on javamail, IMAP and kerberos, and some resources say it isn't possible, whilst others suggest it is possible. And unfortunately I couldn't find any examples showing how to connect via. kerberos.
I was just wondering if anybody could confirm/deny whether it is possible to connect to an IMAP server via. kerberos with javamail, and if anybody has come across any resources that may be useful it would be very much appreciated.
Thanks,
Martin.
Solution
It's theoretically possible in Java 1.5 or higher and Kerberos v5 by setting mail.imap.sasl.mechanisms property of JavaMail IMAP provider to GSSAPI (docs) and using JAAS and Java GSS API for authentication, but it's an absolute bitch to implement.
I went through the above links as well as this tutorial and I kind of got it to work in dev environment, but the result was extremely brittle. Now I'm not implying that is Sun's implementation fault - I'm quite sure it's mine; but the lack of available examples is suggesting that this may not be a time-tested production-ready solution.
Luckily for me, I'm not bound by external security policies :-) so I ended up using IMAP over SSL instead which is infinitely more straightforward.
