I'm tryi开发者_运维百科ng to connect to gmail using a simple java program (like this one). But my question is:
Is there a way to do this with encrypted password and not the real password, for security reasons of course!! something like how we do in java-Oracle db ?
By default, the only authentication mechanism for IMAP is the LOGIN
command, which takes an unencrypted username and password. You can add an encryption layer on top of it, either by connecting via IMAPs or starting a TLS layer via the STARTTLS
command, but it still requires the client to know the cleartext password.
A server can optionally also provide SASL authentication methods invokable via the AUTHENTICATE
command. The server advertises which SASL mechanisms it supports in its response to the CAPABILITY
command. For instance, if the server includes the capability "AUTH=PLAIN
", the client can use the PLAIN
SASL authentication method via the AUTHENTICATE PLAIN
IMAP command.
Gmail supports only one SASL authentication mechanism, XOAUTH
:
C: 1 capability
S: * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA XLIST CHILDREN XYZZY
SASL-IR AUTH=XOAUTH
S: 1 OK Thats all she wrote! dv32if2169247ibb.17
XOAUTH
is a nonstandard SASL authentication mechanism using OAuth. (The leading 'X' means it's not standardized.) Google has published a document defining the XOAUTH
SASL mechanism. They've also provided a google-mail-xoauth-tools package, which includes sample code showing how to use JavaMail with Gmail via XOAUTH
.
精彩评论