Base Content: IMAP disable auth.plain and auth.ntlm option

Idea ID 2804839

Base Content: IMAP disable auth.plain and auth.ntlm option


All mail related operations in the Base contentpack need to support switching off

mail.<proto>.auth.plain.disable=true
mail.<proto>.auth.ntlm.disable=true

This required when using IMAP to connect to MS Exchange servers with service accounts.

e.g. you have an Mailbox and a third user is permissioned to this Service mailbox.

in this scenario the login user is constructed in imap login as follows:

<domain>\<ad user>\<alias of mailbox>

using this with the existing mail operations in OO Base contentpack results in error recorded at the bottom.

we have proven with own build operation and adding below parts does work.


for example com.iconclude.content.actions.mail.BasePopAction will need to have in all functions that build the session object

props.setProperty("mail." + this.protocol + ".auth.plain.disable", "true");

props.setProperty("mail." + this.protocol + ".auth.ntlm.disable", "true");

included.

same will apply for operations based on io.cloudslang.content.mail.actions e.g. GetMailMessage


we suggest to add 2 new optional inputs to the operations to allow setting the values to true. default should be as is false.

for details of the issue see:

https://javaee.github.io/javamail/Exchange

https://social.technet.microsoft.com/Forums/office/en-US/8c8b4605-efae-49eb-a118-54aa418de6c2/access-shared-mailbox-via-imap-on-exchange-2010?forum=exchangesvrgenerallegacy


Why is this needed: That is a quite usuall setup to allow Service account for automation to access specific other mailboxes. so it is somewhat the standard in automation as is form that perspective a must to support.


INFO | jvm 1 | 2020/06/11 12:05:15 | javax.mail.AuthenticationFailedException: AUTHENTICATE failed.

INFO | jvm 1 | 2020/06/11 12:05:15 | at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:665)

INFO | jvm 1 | 2020/06/11 12:05:15 | at javax.mail.Service.connect(Service.java:317)

INFO | jvm 1 | 2020/06/11 12:05:15 | at javax.mail.Service.connect(Service.java:176)

INFO | jvm 1 | 2020/06/11 12:05:15 | at javax.mail.Service.connect(Service.java:125)

INFO | jvm 1 | 2020/06/11 12:05:15 | at com.iconclude.content.actions.mail.BasePopAction.connectUsingSSL(BasePopAction.java:218)

INFO | jvm 1 | 2020/06/11 12:05:15 | at com.iconclude.content.actions.mail.BasePopAction.tryTLSOtherwiseTrySSL(BasePopAction.java:208)

INFO | jvm 1 | 2020/06/11 12:05:15 | at com.iconclude.content.actions.mail.BasePopAction.createMessageStore(BasePopAction.java:188)

INFO | jvm 1 | 2020/06/11 12:05:15 | at com.iconclude.content.actions.mail.BasePopAction.execute(BasePopAction.java:153)

INFO | jvm 1 | 2020/06/11 12:05:15 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

INFO | jvm 1 | 2020/06/11 12:05:15 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

INFO | jvm 1 | 2020/06/11 12:05:15 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

INFO | jvm 1 | 2020/06/11 12:05:15 | at java.lang.reflect.Method.invoke(Method.java:498)

INFO | jvm 1 | 2020/06/11 12:05:15 | at com.hp.oo.sdk.plugins.abstracts.BaseActionPlugin.execute(BaseActionPlugin.java:53)

INFO | jvm 1 | 2020/06/11 12:05:15 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

INFO | jvm 1 | 2020/06/11 12:05:15 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

INFO | jvm 1 | 2020/06/11 12:05:15 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

INFO | jvm 1 | 2020/06/11 12:05:15 | at java.lang.reflect.Method.invoke(Method.java:498)

INFO | jvm 1 | 2020/06/11 12:05:15 | at com.hp.oo.maven.PluginAdapterImpl.executePlugin(PluginAdapterImpl.java:344)

INFO | jvm 1 | 2020/06/11 12:05:15 | at com.hp.oo.maven.PluginAdapterImpl.execute(PluginAdapterImpl.java:257)

INFO | jvm 1 | 2020/06/11 12:05:15 | at com.hp.oo.execution.control.actions.contentexecution.ContentExecutionActions.executeContentAction(ContentExecutionActions.java:105)

INFO | jvm 1 | 2020/06/11 12:05:15 | at sun.reflect.GeneratedMethodAccessor130.invoke(Unknown Source)

INFO | jvm 1 | 2020/06/11 12:05:15 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

INFO | jvm 1 | 2020/06/11 12:05:15 | at java.lang.reflect.Method.invoke(Method.java:498)

INFO | jvm 1 | 2020/06/11 12:05:16 | at io.cloudslang.worker.execution.reflection.ReflectionAdapterImpl.executeControlAction(ReflectionAdapterImpl.java:92)

INFO | jvm 1 | 2020/06/11 12:05:16 | at io.cloudslang.worker.execution.services.ExecutionServiceImpl.executeStep(ExecutionServiceImpl.java:572)

INFO | jvm 1 | 2020/06/11 12:05:16 | at io.cloudslang.worker.execution.services.ExecutionServiceImpl.execute(ExecutionServiceImpl.java:170)

INFO | jvm 1 | 2020/06/11 12:05:16 | at io.cloudslang.worker.management.services.SimpleExecutionRunnable.executeRegularStep(SimpleExecutionRunnable.java:161)

INFO | jvm 1 | 2020/06/11 12:05:16 | at io.cloudslang.worker.management.services.SimpleExecutionRunnable.run(SimpleExecutionRunnable.java:120)

INFO | jvm 1 | 2020/06/11 12:05:16 | at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)

INFO | jvm 1 | 2020/06/11 12:05:16 | at java.util.concurrent.FutureTask.run(FutureTask.java:266)

INFO | jvm 1 | 2020/06/11 12:05:16 | at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

INFO | jvm 1 | 2020/06/11 12:05:16 | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

INFO | jvm 1 | 2020/06/11 12:05:16 | at io.cloudslang.worker.management.services.WorkerThreadFactory$1.run(WorkerThreadFactory.java:39)

INFO | jvm 1 | 2020/06/11 12:05:16 | at java.lang.Thread.run(Thread.java:748)

Tags (1)
3 Comments
Micro Focus Expert
Micro Focus Expert
Status changed to: New Idea
 
Micro Focus Expert
Micro Focus Expert
Status changed to: Waiting for Votes
 
Honored Contributor.
Honored Contributor.

Hi Lucian,

i think you will anyway need to touch the Operations.

there is in the TLS implementation  a problem.

it sets the following session variables

props.setProperty("mail." + this.protocol + ".ssl.enable", "false");

props.setProperty("mail." + this.protocol + ".starttls.enable", "true");
props.setProperty("mail." + this.protocol + ".starttls.required", "true");

this.protocol is imap.

the class com.sun.mail.imap.IMAPSSLStore.IMAPSSLStore(Session, URLName) is using the variables based on the protocol in the URL which is imaps

so they are 

mail.imaps.ssl.enable

mail.imaps.starttls.enable

mail.imaps.starttls.required

honestly i assume that this is even a bug in the mail-1.4.x.jar as we have analysed the code and did run tests and we see that the mail.imap  is not used in case of TLS. but in documentation https://javaee.github.io/javamail/docs/api/com/sun/mail/imap/package-summary.html it states mail.imap is the base.


mail.imap.starttls.enable

boolean If true, enables the use of the STARTTLS command (if supported by the server) to switch the connection to a TLS-protected connection before issuing any login commands. If the server does not support STARTTLS, the connection continues without the use of TLS; see the mail.imap.starttls.required property to fail if STARTTLS isn't supported. Note that an appropriate trust store must configured so that the client will trust the server's certificate. Default is false.

mail.imap.starttls.required

boolean If true, requires the use of the STARTTLS command. If the server doesn't support the STARTTLS command, or the command fails, the connect method will fail. Defaults to false.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.