How to store mail password on server side?

梦想的初衷 提交于 2019-12-24 01:53:55

问题


I need to send e-mails from my application that is deployed on Weblogic 10.0. I try to put mail session properties on server side. Properties like mail.host or mail.debug work OK. But how do I configure password? Now I have it in spring configuration file:

<bean id="mailSender"
    class="org.springframework.mail.javamail.JavaMailSenderImpl">
    <property name="session" ref="mailSession"/>
    <property name="username" value="myLogin"></property>
    <property name="password" value="myPassword"></property>
</bean>     
<bean id="alertsMailSession" class="org.springframework.jndi.JndiObjectFactoryBean">
    <property name="jndiName">
        <value>mail/mainSession</value>
    </property>     
    <property name="resourceRef"> 
        <value>true</value>
    </property>
</bean>

I tried mail.smtp.password property, but it doesn't work. Sun documentation says there is no property for password (although I've seen mail.smtp.password in some examples). So how should I do it? Is it possible to have login/password information configured on server, not in application?

EDIT
All of you suggest some properties files. I don't want them. I have a mail session on my application server. I get this session by JNDI. I can configure there host to use to send mails and so on. But I can't put there password. It doesn't work. I want all of the configuration to be done by Weblogic console. How to achieve that?


回答1:


Not sure whether this will help in weblogic, as I work with websphere atm, but I'd imagine would work in weblogic as well:

set-up your username and password in your spring context as such:

<bean id="mailSender" 
    class="org.springframework.mail.javamail.JavaMailSenderImpl">
<property name="session" ref="mailSession"/>
<property name="username">
    <jee:jndi-lookup jndi-name="config/mail/username" resource-ref="true"/>
</property>
<property name="password">
    <jee:jndi-lookup jndi-name="config/mail/password" resource-ref="true"/>
</property>

and add the following in your web.xml:

<env-entry>
    <env-entry-name>config/mail/username</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
</env-entry>
<env-entry>
    <env-entry-name>config/mail/password</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
</env-entry>

Spring will lookup the values for username and password from the web-application environment. The weblogic admin console should allow you to configure the environment entries and therefore the username and password. Note, you'll probably have to restart the application in order for the changes to take effect as they'll only be loaded when the spring context starts, however, the settings for the mail server changing are a pretty major change, so a restart wouldn't be that amiss.




回答2:


There is a way to do this, even though Weblogic does not automatically recognize the mail.smtp.password property. You can add this property as usual to the JavaMail Properties field and send the email in your EJB as follows:

@Stateless
public class MailBean {
    @Resource(name="mail/MailSession")
    private Session session;

    public void sendMail() {
        Transport transport = null;
        try {
            Message message = new MimeMessage(session);
            // prepare your mail here...
            transport = session.getTransport("smtp");
            String user = session.getProperty("mail.smtp.user"); 
            String password = session.getProperty("mail.smtp.password");
            transport.connect(user, password);
            message.saveChanges();
            transport.sendMessage(message, message.getAllRecipients());
        } finally {
            if (transport != null) try { transport.close(); } 
            catch (MessagingException e) { e.printStackTrace(); }
        }
    }
}



回答3:


There are already answers on using a Properties file, but one important aspect that may be missing. Does this account password need to be protected ?

If so, you might consider encrypting the file or the key. A simple embedded encryption key in the code may be sufficient. Either encrypt the field or the whole file.



来源:https://stackoverflow.com/questions/1866415/how-to-store-mail-password-on-server-side

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!