This discussion is archived
2 Replies Latest reply: Feb 26, 2012 12:39 PM by rukbat RSS

Javamail and Single Sign-On with Kerberos

920056 Newbie
Currently Being Moderated
I have been developing a product where my application acts as a client sending/receiving emails from a mail server.
JavaMail (1.4.3) has been great with POP3/IMAP/SMTP over plain/SSL/TLS !

But now there is a new requirement for authentication via Kerberos. I managed to get JavaMail to use Kerberos and successfully get a ticket and open the email folder by implementing the java.security.krb5.* and mail.imap.sasl.* properties plus a (required) SSL connect using IMAPSSLStore.

BUT! There is an additional requirement that authentication with Kerberos be done with single sign-on.
Essentially, they don’t want to ever see the user’s password required in the application. But as mentioned there is a requirement that Kerberos connections be over SSL/TLS.

So I used IMAPSSLStore. But IMAPSSLStore requires a NamedURL, which if a password is not provided, throws an exception.

So essentially is there a way to implement single sign-on for Kerberos in JavaMail?

Your help is greatly appreciated!

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points