asked on Using JavaMail in a webapp
Hello,
Im coding a web app in which there is an option to send an email with some data using our Exchange server.
Im using a servlet and a class with the JavaMail api to do that, but I want to authenticate that the person sending the email has a valid Exchange username and password, but I can write anything on those fields and the email is sent without a problem.
This is my mail client code:
I need that only correct username/password combinations of existing exchange mailboxes work on this webapp.
Im coding a web app in which there is an option to send an email with some data using our Exchange server.
Im using a servlet and a class with the JavaMail api to do that, but I want to authenticate that the person sending the email has a valid Exchange username and password, but I can write anything on those fields and the email is sent without a problem.
This is my mail client code:
public static void sendEmail(String toAddress, String html,String cuenta)
throws AddressException,
MessagingException {
final String userName = "myexchangemail@mailserver.com";
final String password = "1234";
Properties properties = new Properties();
properties.put("mail.transport.protocol", "smtp");
properties.put("mail.smtp.host", "smtp.mailserver.com");
properties.put("mail.smtp.auth", "true");
properties.put("mail.smtp.port", "25");
Authenticator auth = new Authenticator() {
@Override
public PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(userName, password);
}
};
Session session = Session.getInstance(properties, auth);
Message msg = new MimeMessage(session);
msg.setFrom(new InternetAddress(userName));
InternetAddress[] toAddresses = InternetAddress.parse(toAddress) ;
msg.setContent(html,"text/html");
msg.setRecipients(Message.RecipientType.TO, toAddresses);
msg.setSubject("Test Email");
msg.setSentDate(new Date());
Transport.send(msg);
}
I need that only correct username/password combinations of existing exchange mailboxes work on this webapp.
ExchangeJavaJava EE
Last Comment
CEHJ
But you've hardcoded the credentials - you're not using those of the user ...
ASKER
Yeah I should have stated that those were for testing purposes only, my point is that I can change those Strings to anything and the server accepts the authentication and sends the email from behalf of the userName (in this case myexchangemail@mailserver.
In the final code the userName and password will be entered by the user on the webapp.
What I want is that only actual mailbox users of this Exchange server can login with their userName and password.
In the final code the userName and password will be entered by the user on the webapp.
What I want is that only actual mailbox users of this Exchange server can login with their userName and password.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
:)