On Oct 13, 2008, at 7:14 AM, Rick McGuire wrote:
Kevan Miller wrote:
On Oct 11, 2008, at 8:07 PM, John wrote:
Hi,
I have a webapp setup to send an email notification using
javamail. The code works in both Tomcat and JBoss, but in
Geronimo I am getting a SecurityException. Here is a subset of
the stacktrace:
java.lang.SecurityException
at javax.mail.Session.getDefaultInstance(Session.java:137)
at
com
.esa
.gaf
.server.mail.MailServiceImpl.createSession(MailServiceImpl.java:121)
at
com
.esa.gaf.server.mail.MailServiceImpl.sendMail(MailServiceImpl.java:
61)
at com.esa.web.recruiting.app.server.service.RecruitingServiceImpl.notify
<http://web.recruiting.app.server.service.RecruitingServiceImpl.notify
>(RecruitingServiceImpl.java:267)
at com.esa.web.recruiting.app.server.service.RecruitingServiceImpl.addRecruit
<http://web.recruiting.app.server.service.RecruitingServiceImpl.addRecruit
>(RecruitingServiceImpl.java:246)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun
.reflect
.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun
.reflect
.DelegatingMethodAccessorImpl
.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
FWIW, I initially had the war built to include the necessary
javamail dependencies. I suspect, since Geronimo includes a
Javamail car, that I don't need to include these, but am finding
little guidance in the documentation or through googling to point
me in the right direction.
The mail server is configured correctly and I am using a valid
user to send the email from. Is there something special I need to
do in order to get this to work correctly?
Hi John,
There are multiple conditions which could result in that exception.
Possible that we have a bug in our Javamail implementation... I'm
not an expert on our Javamail implementation. I may see a potential
problem, though...
Has your app already called Session.getDefaultInstance(Properties,
Authenticator)? Or would this be the first call by your app? Are
you passing a non-null Authenticator?
A security exception thrown from that location generally means that
a default session has already been created and there's a mismatch on
the authenticator. The javamail module creates the default session
instance as part of the javamail configuration, so if you're
specifying an authenticator and the default has already been created
without an authenticator, that triggers the security exception. The
sun javamail version works the same way. There are two options.
One would be to ensure that the javamail configuration is specifying
an authenticator to be used. That might be a bit more work, since
you'll likely need to create an authenticator GBean to get the
instance injected into the javamail session configuration.
Thus my questions about the Authenticator being passed in. I'm a bit
confused by the checking that occurs. Since, in fact, a different
Authenticator object can be passed on the getDefaultInstance()
invocation, as long as the authenticator object was loaded by the same
ClassLoader as the DEFAULT_SESSION authenticator. Is that really
correct?
--kevan
The simpler solution, if you are not dependent upon the properties
that the javamail session has been configured with, would be to use
getInstance() rather than getDefaultInstance().
Rick
Do you see this error, if you restart your server?
--kevan
