开发者

How to store mail password on server side?

I need to send e-mails from my 开发者_如何学Goapplication that is deployed on Weblogic 10.0. I try to put mail session properties on server side. Properties like mail.host or mail.debug work OK. But how do I configure password? Now I have it in spring configuration file:

<bean id="mailSender"
    class="org.springframework.mail.javamail.JavaMailSenderImpl">
    <property name="session" ref="mailSession"/>
    <property name="username" value="myLogin"></property>
    <property name="password" value="myPassword"></property>
</bean>     
<bean id="alertsMailSession" class="org.springframework.jndi.JndiObjectFactoryBean">
    <property name="jndiName">
        <value>mail/mainSession</value>
    </property>     
    <property name="resourceRef"> 
        <value>true</value>
    </property>
</bean>

I tried mail.smtp.password property, but it doesn't work. Sun documentation says there is no property for password (although I've seen mail.smtp.password in some examples). So how should I do it? Is it possible to have login/password information configured on server, not in application?

EDIT

All of you suggest some properties files. I don't want them. I have a mail session on my application server. I get this session by JNDI. I can configure there host to use to send mails and so on. But I can't put there password. It doesn't work. I want all of the configuration to be done by Weblogic console. How to achieve that?


Not sure whether this will help in weblogic, as I work with websphere atm, but I'd imagine would work in weblogic as well:

set-up your username and password in your spring context as such:

<bean id="mailSender" 
    class="org.springframework.mail.javamail.JavaMailSenderImpl">
<property name="session" ref="mailSession"/>
<property name="username">
    <jee:jndi-lookup jndi-name="config/mail/username" resource-ref="true"/>
</property>
<property name="password">
    <jee:jndi-lookup jndi-name="config/mail/password" resource-ref="true"/>
</property>

and add the following in your web.xml:

<env-entry>
    <env-entry-name>config/mail/username</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
</env-entry>
<env-entry>
    <env-entry-name>config/mail/password</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
</env-entry>

Spring will lookup the values for username and password from the web-application environment. The weblogic admin console should allow you to configure the environment entries and therefore the username and password. Note, you'll probably have to restart the application in order for the changes to take effect as they'll only be loaded when the spring context starts, however, the settings for the mail server changing are a pretty major change, so a restart wouldn't be that amiss.


There is a way to do this, even though Weblogic does not automatically recognize the mail.smtp.password property. You can add this property as usual to the JavaMail Properties field and send the email in your EJB as follows:

@Stateless
public class MailBean {
    @Resource(name="mail/MailSession")
    private Session session;

    public void sendMail() {
        Transport transport = null;
        try {
            Message message = new MimeMessage(session);
            // prepare your mail here...
            transport = session.getTransport("smtp");
            String user = session.getProperty("mail.smtp.user"); 
            String password = session.getProperty("mail.smtp.password");
            transport.connect(user, password);
            message.saveChanges();
            transport.sendMessage(message, message.getAllRecipients());
        } finally {
            if (transport != null) try { transport.close(); } 
            catch (MessagingException e) { e.printStackTrace(); }
        }
    }
}


There are already answers on using a Properties file, but one important aspect that may be missing. Does this account password need to be protected ?

If so, you might consider encrypting the file or the key. A simple embedded encryption key in the code may be sufficient. Either encrypt the field or the whole file.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜