Java Standard Edition

JW's Most Read

Recent:

Archives:

Hello, OSGi: Bundles for beginners (2008)
Sockets programming in Java: A tutorial (1996)
Understanding JPA, Part 1 (2008)
Smartly load your properties (2003)
REST for Java developers, Part 1 (2008)

Featured White Papers

Java Tip 115: Secure JavaMail with JSSE

Add secure, SSL-based connections to JavaMail

By Eugen Kuleshov and Dmitry I. Platonoff, JavaWorld.com, 08/31/01

Print
Email
Feedback
Resources
Discuss

Digg
Reddit
SlashDot
Stumble
del.icio.us
Technorati
dzone

The Java Secure Socket Extension (JSSE) API provides SSL functionality that you can add to any JavaMail storage provider. Before we get started, you must download and install JavaMail, JSSE, and all the required packages as described in the JSSE and JavaMail documentation on Sun's Website (most required downloads are included in Java 2 Standard Edition 1.4), as well as JavaMail and JSSE providers of your choice.

Before the JSSE framework can recognize any JSSE providers, you must register them permanently in the <java home>\jre\lib\security\java.security properties file or register them dynamically by calling the Security.addProvider() method in your code:

  Security.addProvider( new com.sun.net.ssl.internal.ssl.Provider());

Then you need to replace JavaMail's default socket factory with JSSE's SSL socket factory. This approach is similar to the one used in "Java Tip 96: Use HTTPS in Your Java Client Code"; however, in our case, we have no control over socket creation since sockets are created inside the JavaMail framework, not in the application code or storage provider. Fortunately, JavaMail accepts several undocumented properties, allowing you to set up a custom socket factory class and some other parameters. Those properties are:

  mail.<protocol>.socketFactory.class
  mail.<protocol>.socketFactory.fallback 
  mail.<protocol>.socketFactory.port
  mail.<protocol>.timeout

Now you can use the following code to replace a socket factory:

  final String SSL_FACTORY = "javax.net.ssl.SSLSocketFactory";
  Properties props = System.getProperties();
  // IMAP provider
  props.setProperty( "mail.imap.socketFactory.class", SSL_FACTORY);
  // POP3 provider
  props.setProperty( "mail.pop3.socketFactory.class", SSL_FACTORY);
  // NNTP provider (if any)
  // props.setProperty( "mail.nntp.socketFactory.class", SSL_FACTORY);

If you want JavaMail to use only secure connections, you configure the appropriate properties so JavaMail doesn't fall back to an unsecure connection when a secure one fails:

  // IMAP provider
  props.setProperty( "mail.imap.socketFactory.fallback", "false");
  // POP3 provider
  props.setProperty( "mail.pop3.socketFactory.fallback", "false");
  // NNTP provider (if any)
  // props.setProperty( "mail.nntp.socketFactory.fallback", "false");

You then change the default port number to the corresponding port that your protocol's secure version uses; otherwise, you must use a fully qualified address (that includes a port number) in the URL passed to JavaMail (for example, imap://id:password@your.imap.server.com:993/folder/), or else you get an "unrecognized SSL handshake" exception. You specify these properties like so:

  // IMAP provider
  props.setProperty( "mail.imap.port", "993");
  props.setProperty( "mail.imap.socketFactory.port", "993");
  // POP3 provider
  props.setProperty( "mail.pop3.port", "995");
  props.setProperty( "mail.pop3.socketFactory.port", "995");
  // NNTP provider (if any)
  // props.setProperty( "mail.pop3.port", "563");
  // props.setProperty( "mail.pop3.socketFactory.port", "563");

After setting up all the properties, you can open a secure JavaMail session:

Print
Email
Feedback
Resources

Digg
Reddit
SlashDot
Stumble
del.icio.us
Technorati
dzone

Comments (6)

thanksBy Anonymous on August 11, 2010, 8:53 pmthanks

Reply | Read entire comment

pandoraBy pengpeng on July 16, 2010, 3:39 ampandora pandora tiffanys moncler jackets

Reply | Read entire comment

gBy Anonymous on June 8, 2010, 7:03 pmg

Reply | Read entire comment

useless codeBy Anonymous on April 26, 2010, 6:54 amkek

Reply | Read entire comment

addprovider is not workingBy Anonymous on April 14, 2010, 2:42 ama

Reply | Read entire comment

View all comments

Resources

Obtain all the source files for this tip
http://www.javaworld.com/javatips/javatip115/javatip115.zip
"Java Tip 96Use HTTPS in Your Java Client Code," Matt Towers (JavaWorld)
http://www.javaworld.com/javaworld/javatips/jw-javatip96.html
JavaMail API
http://java.sun.com/products/javamail/
Java Secure Socket Extension (JSSE)
http://java.sun.com/products/jsse/
"Enter Java 1.4 Merlin Beta," Tony Sintes (JavaWorld JavaOne Show Daily, June 2001)
http://www.javaworld.com/javaone01/j1-01-sintes1.html
Java 2 SDK, Standard Edition, 1.4
http://java.sun.com/j2se/1.4/
View all previous Java Tips and submit your own
http://www.javaworld.com/javatips/jw-javatips.index.html
Learn Java from the ground up in JavaWorld's Java 101 column
http://www.javaworld.com/javaworld/topicalindex/jw-ti-java101.html
Java experts answer your toughest Java questions in JavaWorld's Java Q&A column
http://www.javaworld.com/javaworld/javaqa/javaqa-index.html
Sign up for the JavaWorld This Week free weekly email newsletter to find out what's new on JavaWorld
http://www.idg.net/jw-subscribe
You'll find a wealth of IT-related articles from our sister publications at IDG.net

InfoWorld: Modernizing IT

JavaWorld: Solutions for Java Developers

Featured White Papers

Sponsored Links

Slow Apps? Overloaded DBMS? - FREE Download

Java Tip 115: Secure JavaMail with JSSE

Add secure, SSL-based connections to JavaMail

Comments (6)

Sponsored Links

Username
Password

InfoWorld: Modernizing IT

JavaWorld: Solutions for Java Developers

Featured White Papers

Newsletter sign-up

Sponsored Links

Slow Apps? Overloaded DBMS? - FREE Download

Java Tip 115: Secure JavaMail with JSSE

Add secure, SSL-based connections to JavaMail

Comments (6)

Sponsored Links