3 Replies Latest reply on Jul 28, 2016 11:21 AM by Tomaz Cerar

    Jndi mail inyection and authentication.

    Carlos Marin Newbie

      hi guys,

       

      Im trying to inject a jndi resource pointing to an email with the following definition in my standalone-full.xml :

       

       

              <subsystem xmlns="urn:jboss:domain:mail:2.0">

                  <mail-session name="alertas" from="alertas@binaryoss.com" jndi-name="java:/mail/alertasMail" debug="true">

                      <custom-server name="mailAlertas" password="#######" username="alertas@binaryoss.com" outbound-socket-binding-ref="mail-smtp">

                          <property name="mail.smtp.auth" value="true"/>

                          <property name="mail.smtp.user" value="alertas@binaryoss.com"/>

                          <property name="mail.smtp.starttls.enable" value="true"/>

                      </custom-server>

                  </mail-session>

              </subsystem>

       

      <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">

              <outbound-socket-binding name="mail-smtp">

                  <remote-destination host="mail.binaryoss.com" port="25"/>

              </outbound-socket-binding>

          </socket-binding-group>

       

      the problem is that my mail server needs authentication for sending mails, and with this config no authentication is provided so the server complains about "relaying denied" when i send an email to another domain. I know that is because no authentication is submited and therefore no external domain is allowed to be mailed. ( only internal are permitted).

       

      how can i provide authentication username and password with this jndi resource?

       

      i leave a code segment for example:

       

       

      @Resource(name = "java:/mail/alertasMail")
      private Session mailSession;

       

       

      public boolean sendMail(Parameters params) {

       

       

      try {

       

       

      MimeMessage m = new MimeMessage(this.mailSession);
      InternetAddress[] to = new InternetAddress[] { new InternetAddress("carlosmarind@gmail.com") };

       

       

      m.setRecipients(Message.RecipientType.TO, to);
      m.setSubject("Alerts");
      m.setSentDate(new java.util.Date());
      m.setText(this.constructContentGeoFence(), "utf-8", "html");

       

       

      Transport.send(m);
      System.out.println("email sent");

       

       

      return true;
      } catch (Exception e) {
      e.printStackTrace();
      return false;
      }

       

       

      }

       

       

      Thank you in advance.

        • 1. Re: Jndi mail inyection and authentication.
          Wolfgang Mayer Master

          You should configure the authentication via a <smtp-server> element as a child of <mail-session> like

           

              <mail-session name="alertas" from="alertas@binaryoss.com" jndi-name="java:/mail/alertasMail" debug="true">

                  <smtp-server password="myPassword" username="myUsername" tls="true" ssl="true" outbound-socket-binding-ref="mail-smtp"/>

          .....

              </mail-session>

           

          The values for tls and ssl depend on your server.

          And it might be less error-prone if you do this via cli or web console.

          • 2. Re: Jndi mail inyection and authentication.
            Carlos Marin Newbie

            Wolfgang Mayer escribió:

             

            You should configure the authentication via a <smtp-server> element as a child of <mail-session> like

             

                <mail-session name="alertas" from="alertas@binaryoss.com" jndi-name="java:/mail/alertasMail" debug="true">

                    <smtp-server password="myPassword" username="myUsername" tls="true" ssl="true" outbound-socket-binding-ref="mail-smtp"/>

            .....

                </mail-session>

             

            The values for tls and ssl depend on your server.

            And it might be less error-prone if you do this via cli or web console.

            i try that before,  but i try it again and give me this error:

             

            11:40:41,407 INFO  [stdout] (default task-18) DEBUG SMTP: useEhlo true, useAuth true

            11:40:41,407 FINE  [com.sun.mail.smtp] (default task-18) useEhlo true, useAuth true

            11:40:41,407 INFO  [stdout] (default task-18) DEBUG SMTP: trying to connect to host "mail.binaryoss.com", port 25, isSSL false

            11:40:41,407 FINE  [com.sun.mail.smtp] (default task-18) trying to connect to host "mail.binaryoss.com", port 25, isSSL false

            11:40:41,456 INFO  [stdout] (default task-18) 220 mail.binaryoss.cl ESMTP Postfix

            11:40:41,456 INFO  [stdout] (default task-18) DEBUG SMTP: connected to host "mail.binaryoss.com", port: 25

            11:40:41,456 INFO  [stdout] (default task-18)

            11:40:41,456 FINE  [com.sun.mail.smtp] (default task-18) connected to host "mail.binaryoss.com", port: 25

            11:40:41,477 INFO  [stdout] (default task-18) EHLO omgdeb

            11:40:41,481 INFO  [stdout] (default task-18) 250-mail.binaryoss.cl

            11:40:41,481 INFO  [stdout] (default task-18) 250-PIPELINING

            11:40:41,481 INFO  [stdout] (default task-18) 250-SIZE 10240000

            11:40:41,482 INFO  [stdout] (default task-18) 250-VRFY

            11:40:41,482 INFO  [stdout] (default task-18) 250-ETRN

            11:40:41,482 INFO  [stdout] (default task-18) 250-STARTTLS

            11:40:41,482 INFO  [stdout] (default task-18) 250-ENHANCEDSTATUSCODES

            11:40:41,482 INFO  [stdout] (default task-18) 250-8BITMIME

            11:40:41,482 INFO  [stdout] (default task-18) 250 DSN

            11:40:41,482 INFO  [stdout] (default task-18) DEBUG SMTP: Found extension "PIPELINING", arg ""

            11:40:41,483 FINE  [com.sun.mail.smtp] (default task-18) Found extension "PIPELINING", arg ""

            11:40:41,483 INFO  [stdout] (default task-18) DEBUG SMTP: Found extension "SIZE", arg "10240000"

            11:40:41,483 FINE  [com.sun.mail.smtp] (default task-18) Found extension "SIZE", arg "10240000"

            11:40:41,483 INFO  [stdout] (default task-18) DEBUG SMTP: Found extension "VRFY", arg ""

            11:40:41,483 FINE  [com.sun.mail.smtp] (default task-18) Found extension "VRFY", arg ""

            11:40:41,483 INFO  [stdout] (default task-18) DEBUG SMTP: Found extension "ETRN", arg ""

            11:40:41,484 FINE  [com.sun.mail.smtp] (default task-18) Found extension "ETRN", arg ""

            11:40:41,484 INFO  [stdout] (default task-18) DEBUG SMTP: Found extension "STARTTLS", arg ""

            11:40:41,484 FINE  [com.sun.mail.smtp] (default task-18) Found extension "STARTTLS", arg ""

            11:40:41,484 INFO  [stdout] (default task-18) DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg ""

            11:40:41,484 FINE  [com.sun.mail.smtp] (default task-18) Found extension "ENHANCEDSTATUSCODES", arg ""

            11:40:41,484 INFO  [stdout] (default task-18) DEBUG SMTP: Found extension "8BITMIME", arg ""

            11:40:41,485 FINE  [com.sun.mail.smtp] (default task-18) Found extension "8BITMIME", arg ""

            11:40:41,485 INFO  [stdout] (default task-18) DEBUG SMTP: Found extension "DSN", arg ""

            11:40:41,485 FINE  [com.sun.mail.smtp] (default task-18) Found extension "DSN", arg ""

            11:40:41,485 INFO  [stdout] (default task-18) STARTTLS

            11:40:41,488 INFO  [stdout] (default task-18) 220 2.0.0 Ready to start TLS

            11:40:41,601 ERROR [stderr] (default task-18) javax.mail.MessagingException: Could not convert socket to TLS;

            11:40:41,601 ERROR [stderr] (default task-18)   nested exception is:

            11:40:41,601 ERROR [stderr] (default task-18) javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

            • 3. Re: Jndi mail inyection and authentication.
              Tomaz Cerar Master

              Carlos Marin wrote:


              11:40:41,601 ERROR [stderr] (default task-18) javax.mail.MessagingException: Could not convert socket to TLS;

              11:40:41,601 ERROR [stderr] (default task-18)   nested exception is:

              11:40:41,601 ERROR [stderr] (default task-18) javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

              This tells you that server you are connecting to uses SSL certificate that your wildfly server doesn't trust.

              You should try adding issuing CA certificate from that server, to your jvm (with which you run wildfly with) truststore. That way jvm will trust your mail server's SSL certificate.