4 Replies Latest reply: Mar 4, 2013 8:23 AM by 900047 RSS

    Empty password no longer accepted in 1.4.6 - needed for XOAUTH2 Gmail

    900047
      Hi,


      we are roughly following Google's guidelines to authenticate via XOAUTH2 against gmail:

      http://code.google.com/p/java-gmail-imap/wiki/GmailAndXOAUTH2

      The important thing for us is:
      OAuth2Authenticator.connectToImap("imap.gmail.com",
      993,
      email,
      authToken,
      true);

      connetToImap does roughly:
      props.put("mail.imaps.sasl.enable", "true");
      props.put("mail.imaps.sasl.mechanisms", "XOAUTH2");
      props.put(OAuth2SaslClientFactory.OAUTH_TOKEN_PROP, oauthToken);

      Session session = Session.getInstance(props);
      session.setDebug(debug);

      final URLName unusedUrlName = null;
      IMAPSSLStore store = new IMAPSSLStore(session, unusedUrlName);
      final String emptyPassword = "";
      store.connect(host, port, userEmail, emptyPassword);
      return store;

      The important thing here is that we are using an empty password ("") because - well - in XOAUTH2 a password does not make too much sense.

      This worked nice with Javamail 1.4.5, but breaks in 1.4.6:

      javax.mail.AuthenticationFailedException: Empty username or password. u3if6098339eeo.63
           at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:661)
           at javax.mail.Service.connect(Service.java:295)


      So I am wondering what the best approach. Are we supposed to use the experimental GMailStore? Or is there another way to tell Javamail 1.4.6 that empty passwords are "okay" for now.


      Many thanks in advance!


      Best,


      Raphael