问题
Good morning everybody,
I'm developping an ERP for my company with the GWT Framework and I would get the number of unread emails using the Java Mail API. I can do this but, the problem is I stores the SHA-512 hashed password on the database and I would not pass the clear password to the Java Mail API, but just the hashed password to avoiding to transmit the clear password on the network.
I use this code to get the number of unread mail:
private static int getNumberOfUnreadMails() {
int numberOfUnreadMails = 0;
Properties properties = new Properties();
properties.put("mail.imap.host", "myserver.com");
properties.put("mail.imap.user", "developper@myserver.com");
properties.put("mail.imap.socketFactory", 143);
properties.put("mail.imap.socketFactory.class", "java.net.ssl.SSLSocketFactory");
properties.put("mail.imap.port", 143);
Session session = Session.getDefaultInstance(properties, new Authenticator() {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("developper@myserver.com", "mypassword");
}
});
Store store;
try {
store = session.getStore("imap");
store.connect();
Folder folder = store.getFolder("Inbox");
numberOfUnreadMails = folder.getUnreadMessageCount();
} catch (Exception e) {
e.printStackTrace();
}
return numberOfUnreadMails;
}
I can also use another hashing algorithm. If you know a solution for my problem, thaks you in advance.
P.S.: Sorry for my poor English, I’m French.
回答1:
Your IMAP-server will need the unhashed password to be able to authenticate. You probably are already using SSL (as you set mail.imap.socketFactory.class), so your password is never sent in the clear.
BTW: the correct way to use IMAP with SSL with javamail is to use the imaps protocol (and use the mail.imaps.*, not using the imap protocol and specifying an SSL socket factory as the socket factory. Also usually the IMAP with SSL port is 993, not 143 .
来源:https://stackoverflow.com/questions/14673989/pass-hashed-password-to-java-mail-api