2 Replies Latest reply on Feb 26, 2012 8:39 PM by rukbat

    Javamail and Single Sign-On with Kerberos

      I have been developing a product where my application acts as a client sending/receiving emails from a mail server.
      JavaMail (1.4.3) has been great with POP3/IMAP/SMTP over plain/SSL/TLS !

      But now there is a new requirement for authentication via Kerberos. I managed to get JavaMail to use Kerberos and successfully get a ticket and open the email folder by implementing the java.security.krb5.* and mail.imap.sasl.* properties plus a (required) SSL connect using IMAPSSLStore.

      BUT! There is an additional requirement that authentication with Kerberos be done with single sign-on.
      Essentially, they don’t want to ever see the user’s password required in the application. But as mentioned there is a requirement that Kerberos connections be over SSL/TLS.

      So I used IMAPSSLStore. But IMAPSSLStore requires a NamedURL, which if a password is not provided, throws an exception.

      So essentially is there a way to implement single sign-on for Kerberos in JavaMail?

      Your help is greatly appreciated!