Kevan Miller wrote:
On Oct 13, 2008, at 7:14 AM, Rick McGuire wrote:
Kevan Miller wrote:
On Oct 11, 2008, at 8:07 PM, John wrote:
Hi,
I have a webapp setup to send an email notification using javamail.
The code works in both Tomcat and JBoss, but in Geronimo I am
getting a SecurityException. Here is a subset of the stacktrace:
java.lang.SecurityException
at javax.mail.Session.getDefaultInstance(Session.java:137)
at
com.esa.gaf.server.mail.MailServiceImpl.createSession(MailServiceImpl.java:121)
at
com.esa.gaf.server.mail.MailServiceImpl.sendMail(MailServiceImpl.java:61)
at
com.esa.web.recruiting.app.server.service.RecruitingServiceImpl.notify
<http://web.recruiting.app.server.service.RecruitingServiceImpl.notify>
<http://web.recruiting.app.server.service.RecruitingServiceImpl.notify>(RecruitingServiceImpl.java:267)
at
com.esa.web.recruiting.app.server.service.RecruitingServiceImpl.addRecruit
<http://web.recruiting.app.server.service.RecruitingServiceImpl.addRecruit>
<http://web.recruiting.app.server.service.RecruitingServiceImpl.addRecruit>(RecruitingServiceImpl.java:246)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
FWIW, I initially had the war built to include the necessary
javamail dependencies. I suspect, since Geronimo includes a
Javamail car, that I don't need to include these, but am finding
little guidance in the documentation or through googling to point
me in the right direction.
The mail server is configured correctly and I am using a valid user
to send the email from. Is there something special I need to do in
order to get this to work correctly?
Hi John,
There are multiple conditions which could result in that exception.
Possible that we have a bug in our Javamail implementation... I'm
not an expert on our Javamail implementation. I may see a potential
problem, though...
Has your app already called Session.getDefaultInstance(Properties,
Authenticator)? Or would this be the first call by your app? Are you
passing a non-null Authenticator?
A security exception thrown from that location generally means that a
default session has already been created and there's a mismatch on
the authenticator. The javamail module creates the default session
instance as part of the javamail configuration, so if you're
specifying an authenticator and the default has already been created
without an authenticator, that triggers the security exception. The
sun javamail version works the same way. There are two options. One
would be to ensure that the javamail configuration is specifying an
authenticator to be used. That might be a bit more work, since
you'll likely need to create an authenticator GBean to get the
instance injected into the javamail session configuration.
Thus my questions about the Authenticator being passed in. I'm a bit
confused by the checking that occurs. Since, in fact, a different
Authenticator object can be passed on the getDefaultInstance()
invocation, as long as the authenticator object was loaded by the same
ClassLoader as the DEFAULT_SESSION authenticator. Is that really correct?
That's what's in the API specification:
http://java.sun.com/j2ee/1.4/docs/api/javax/mail/Session.html#getDefaultInstance(java.util.Properties,%20javax.mail.Authenticator)
I wrote a quick test to compare the Geronimo and Sun behaviours, and
they seem consistent. I didn't write that particular piece of code, but
whoever did appears to have done the correct thing.
Rick
--kevan
The simpler solution, if you are not dependent upon the properties
that the javamail session has been configured with, would be to use
getInstance() rather than getDefaultInstance().
Rick
Do you see this error, if you restart your server?
--kevan
