Reputation: 1380
Javamail and TLS authentication for IMAP
I am trying to connect to a mail server that does not support plain text authentication. I have disabled the plain text authentication in the code by setting in the properties:
props.put("mail.imap.auth.plain.disable", "true");
props.put("mail.imap.auth.ntlm.disable", "true");
props.put("mail.imap.auth.gssapi.disable", "true");
However, when I execute the code looks like plain text authentication is still happening:
A2 OK CAPABILITY completed.
DEBUG IMAP: AUTH: PLAIN
Full log is below...
DEBUG: setDebug: JavaMail version 1.4.7
DEBUG: getProvider() returning javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Oracle]
DEBUG IMAP: mail.imap.fetchsize: 16384
DEBUG IMAP: mail.imap.ignorebodystructuresize: false
DEBUG IMAP: mail.imap.statuscachetimeout: 1000
DEBUG IMAP: mail.imap.appendbuffersize: -1
DEBUG IMAP: mail.imap.minidletime: 10
DEBUG IMAP: disable AUTH=PLAIN
DEBUG IMAP: disable AUTH=NTLM
DEBUG IMAP: enable STARTTLS
DEBUG IMAP: trying to connect to host "imap4.xxx.com", port 143, isSSL false
* OK The Microsoft Exchange IMAP4 service is ready.
A0 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 LOGINDISABLED STARTTLS CHILDREN IDLE NAMESPACE LITERAL+
A0 OK CAPABILITY completed.
DEBUG IMAP: protocolConnect login, host=imap4.xxx.com.au, user=testUser, password=<non-null>
A1 STARTTLS
A1 OK Begin TLS negotiation now.
A2 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN CHILDREN IDLE NAMESPACE LITERAL+
A2 OK CAPABILITY completed.
DEBUG IMAP: AUTH: PLAIN
DEBUG IMAP: LOGIN command trace suppressed
DEBUG IMAP: LOGIN command result: A3 NO LOGIN failed.
javax.mail.AuthenticationFailedException: LOGIN failed.
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:661)
at javax.mail.Service.connect(Service.java:295)
at javax.mail.Service.connect(Service.java:176)
Is there anything else that needs to be done to make sure that plain text authentication does not happen.
PS : I have imported the server's cert into cacerts.
Upvotes: 2
Views: 7205
Answers (2)
Reputation: 3816
This line:
* CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN CHILDREN IDLE NAMESPACE LITERAL+
...means that the server only supports plaintext authentication through the AUTH PLAIN command. No other authentication mechanisms are supported (except LOGIN, of course). Either the server is hopelessly broken or misconfigured, or your assumption that the server doesn't support "plain authentication" is wrong.
Upvotes: 2
Reputation: 29961
You're confusing the PLAIN authentication mechanism with doing authentication over a plain text (unencrypted) connection.
The STARTTLS command switches you to an encrypted connection. Then you're using the PLAIN authentication mechanism to authenticate over that encrypted connection.
Upvotes: 3
Related Questions
- Receiving email using Imap through SSL connection using javax.mail
- Using JavaMail with TLS
- Javamail how to connect to IMAPs mail server, without certificate Validation
- javamail connect to imap over ssl to read mails
- Java imap connect to store with and without ssl
- Java mail TLS authentcation
- JavaMail IMAP message content SSL/NON SSL
- Javamail and TLS? (not STARTTLS)
- secure imap connection in java
- android javamail api imap over ssl