Re: [email] embed/include dynamic Java Server Pages content in email/NTLM Authentication to Exchange Server

[Ferindo Middleton <fe...@gmail.com>]

Thanks for your incite with my posts regarding this Siegfried and Ricardo! I
suppose that commons-email doesn't support the kind of integration I was
hoping to use in my JSP pages. I was thinking that I could have the dynamic
content of my JSP pages embedded via the functions of Class HtmlEmail. I had
been using Mailer Tag library (
http://jakarta.apache.org/taglibs/doc/mailer-doc/) that was retired in the
Jakarta Project but the security supported my company's Exchange server has
been beefed up over the year and they no longer support the basic
authentication I once was able to use in the Mailer Taglib as there is very
little configuration that tag library supported besides sending basic SMTP
email with basic authentication. I tried upgrading to the Mailer2 taglib (
http://jakarta.apache.org/taglibs/sandbox/doc/mailer2-doc/) via the svn made
available on the site but I don't think that project ever came to a release
point as there's no .tld or .jar files provided in the svn trunk (
http://svn.apache.org/repos/asf/jakarta/taglibs/deprecated-sandbox/mailer2/trunk/)
and the the svn that's there won't build using ant because I don't that
project ever came to a completion point.

I had posted some other threads on trying to get commons-email to
authenticate via the apparent NTLM authentication mechanism the Exchange
server now requires but it appears that even once I get past that, this
package doesn't have enough integration I would need with my JSP dynamic
content I got used to being able to send dynamically with the Mailer Tag
library. I realize this isn't quite the forum for this, but can you point me
in the right direction to get updated resources for sending email from my
JSPs?

-- 
Ferindo

Re: [email] embed/include dynamic Java Server Pages content in email/NTLM Authentication to Exchange Server

[Siegfried Goeschl <si...@it20one.at>]

Hi Ferindo,

you are not annoying anyone ... :-) ... I will add your information to 
the FAQ section since information regarding NTLM setup are hard to find 
and I'm glad you take all the time to prepare the information.

Thanks,

Siegfried Goeschl

On 17.08.10 05:10, Ferindo Middleton wrote:
> I finally figured out how to get the emails sent using NTLM authentication
> to a MS Exchange server for my webapps on my Tomcat servlet container again.
> Using the new NTLM support provided in the JavaMail API, I was able to
> configure a JNDI resource in the Tomcat server.xml file to be used by the
> mailer 1.1 taglib. I originally started using commons-email because I
>   thought it was a viable option I could use to support sending emails from
> my JSPs with the same dynamic content provided by the JSP but I later
> discovered that commons-email would not provide the integration I needed
> with my JSPs for rapid development. While possible, it would require a whole
> lot of java coding that I just don't have the time for. I'll paste the
> config below because I think someone replied to previous posts I made
> indicating that it would be useful for further integration for commons-email
> package to know what my NTLM config required in order to work. Please note
> that I realize some of this isn't necessarily required for the NTLM
> authentication to work and there are a couple lines, maybe 3, that I hadn't
> tried just leaving out, but just my preference in total config options for
> JavaMail. This below works for my Tomcat JNDI resource config (I'm using
> JavaMail 1.4.3): (I know this isn't exactly the right list but in caase
> you'd like to know, I tested what I write below on both Tomcat 5 and 6 and
> works)
>
>   <Context path=".......Tomcat configuration for my webapp goes here)
>
> <Resource name=".... (I setup a database resource for this webapp here)
>
> <!-- JavaMail Configuration starts here -->
>
> <Resource name="mail/Session" auth="Container"
>              type="javax.mail.Session"
>
>              mail.smtp.from="
> sharedmailboxofusersusingthewebapp@organization.com"
>              username="useridthatwillautheicatetoexchangeservertosendmessage"
>              password="passwordofuseraccountabove"
>              mail.transport.protocol="smtp"
>              mail.smtp.auth="true"
>
> mail.smtp.auth.ntlm.domain="thenetworkidofexchangeserveronthenetwork"
>              mail.smtp.host="thenetworkidofexchangeserveronthenetwork"
>              mail.smtp.port="25"
>
> mail.smtp.user="useridthatwillautheicatetoexchangeservertosendmessage"
>              mail.smtp.password="passwordofuseraccountabove"
>              mail.debug="true"
>              mail.smtp.ssl.trust="*"
>              mail.smtp.starttls.enable="true"
>              mail.smtp.dsn.notify="FAILURE,DELAY"
>              mail.smtp.dsn.ret="FULL"
>              mail.smtp.sendpartial="true"
>
> I used the documentation provided for Package com.sun.mail.smtp located
> here:
> http://java.sun.com/products/javamail/javadocs/com/sun/mail/smtp/package-summary.html
>
> I also had to download the latest jcifs jar file from the JCIFS site:
> http://jcifs.samba.org which is available under the LGPL license and of
> course include that in the server's Classpath along with the JavaMail .jar
> I imagine that if you're using commons-email, you'd need to include it in
> your path as well.  Note that the 1.2.x versions JCIFS won't work as the API
> has apparently changed incompatibly so you have to use versions released
> after 1.2. The SMTP and IMAP providers in the JavaMail download support the
> use of NTLM with the following properties used to configure the NTLM
> support:
>
> mail.<protocol>.auth.ntlm.domain
>      The NTLM authentication domain.
>
> mail.<protocol>.auth.ntlm.flags
>      NTLM protocol-specific flags.
>      See http://curl.haxx.se/rfc/ntlm.html#theNtlmFlags for details.
>
> So the main part of my Tomcat configuration above actually turning on the
> NTLM support is the "mail.smtp.auth.ntlm.domain" part but I imagine of
> course  I do still need to provide login credentials... and I think I also
> needed to specify that auth is true and the mail.smtp.ssl.trust="*" I think
> was especially important because, in previous testing, I noted how JavaMail
> was apparently unable to trust the Exchange server's certificate.... the
> mail.smtp.ssl.trust="*" says to just trust everybody. This option takes a
> white-space separated list of hosts, those hosts are trusted so I guess I
> could've just put the servers network id there (the same serverid I provided
> in "mail.smtp.auth.ntlm.domain") but I was unsure if it would simply work so
> I just said trust everybody and I think it's pretty safe to do that here
> though because this webapp is behind a pretty secure firewall.
>
> For some odd reason, I did have to include the authentication credentials
> above twice as I did in the config above but I think that is just because
> the actual Mailer Taglib I'm using requires login credentials for
> authentication to the server and for some reason the "mail.smtp.user"&
> "mail.smtp.password" lines weren't enough to make the authentication happen.
> I did have to specify the port to use but I'm not really sure if I needed
> "mail.smtp.host=xxx" as I did say "mail.smtp.auth.ntlm.domain=xxxxx" which
> is absolutely necessary for NTLM but the server network id is just exactly
> the same for both these options... It worked so I left it.
>
> Luckily, I didn't even have to use the "flags" options above in my config
> (the flags seemed very very complicated but I guess if this Exchange
> server's configuration was more sophisticated, I might have had to spend
> another month trying to figure out the flags which are apparently included
> in the header and setting them here I suppose would provide other options
> not present in the standard JavaMail API)
>
> They noted in the documentation for NTLM that this capability is very new
> and has NOT been thoroughly tested and the APIs and properties used to
> control it should be considered EXPERIMENTAL. They may be changed in the
> future in ways that are incompatible with applications using the current
> APIs and properties.
>
> I'm just glad that support for Microsoft's proprietary NTLM authentication
> mechanism is supported and that I am able to configure the the JavaMail at
> the Tomcat server level so I could continue using this old unsupported
> Mailer 1.1 taglib (http://jakarta.apache.org/taglibs/doc/mailer-doc/#attach)
> instead of heavy Java coding with commons-email.... Now all I've got to do
> is figure out how to attach a file from the database resource in my config
> above to the emails (I was able to get past alot of Java coding to get the
> email sent but I think I'm going to have to actually develop some Java code
> still because the Mailer tag doesn't have very good API for including
> attachments from a database in the tag)
>
> Hope my info above helps with commons-email integration with JavaMail NTLM
> authentication and doesn't annoy anyone... I'll stop posting here now
> because I'm really not using commons-email anymore but I'll keep it in mind
> if I have to send a more simple non-JSP-integrated email messages using java
> technology on a future project.

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
For additional commands, e-mail: user-help@commons.apache.org

Re: [email] embed/include dynamic Java Server Pages content in email/NTLM Authentication to Exchange Server

[Ferindo Middleton <fe...@gmail.com>]

I finally figured out how to get the emails sent using NTLM authentication
to a MS Exchange server for my webapps on my Tomcat servlet container again.
Using the new NTLM support provided in the JavaMail API, I was able to
configure a JNDI resource in the Tomcat server.xml file to be used by the
mailer 1.1 taglib. I originally started using commons-email because I
 thought it was a viable option I could use to support sending emails from
my JSPs with the same dynamic content provided by the JSP but I later
discovered that commons-email would not provide the integration I needed
with my JSPs for rapid development. While possible, it would require a whole
lot of java coding that I just don't have the time for. I'll paste the
config below because I think someone replied to previous posts I made
indicating that it would be useful for further integration for commons-email
package to know what my NTLM config required in order to work. Please note
that I realize some of this isn't necessarily required for the NTLM
authentication to work and there are a couple lines, maybe 3, that I hadn't
tried just leaving out, but just my preference in total config options for
JavaMail. This below works for my Tomcat JNDI resource config (I'm using
JavaMail 1.4.3): (I know this isn't exactly the right list but in caase
you'd like to know, I tested what I write below on both Tomcat 5 and 6 and
works)

 <Context path=".......Tomcat configuration for my webapp goes here)

<Resource name=".... (I setup a database resource for this webapp here)

<!-- JavaMail Configuration starts here -->

<Resource name="mail/Session" auth="Container"
            type="javax.mail.Session"

            mail.smtp.from="
sharedmailboxofusersusingthewebapp@organization.com"
            username="useridthatwillautheicatetoexchangeservertosendmessage"
            password="passwordofuseraccountabove"
            mail.transport.protocol="smtp"
            mail.smtp.auth="true"

mail.smtp.auth.ntlm.domain="thenetworkidofexchangeserveronthenetwork"
            mail.smtp.host="thenetworkidofexchangeserveronthenetwork"
            mail.smtp.port="25"

mail.smtp.user="useridthatwillautheicatetoexchangeservertosendmessage"
            mail.smtp.password="passwordofuseraccountabove"
            mail.debug="true"
            mail.smtp.ssl.trust="*"
            mail.smtp.starttls.enable="true"
            mail.smtp.dsn.notify="FAILURE,DELAY"
            mail.smtp.dsn.ret="FULL"
            mail.smtp.sendpartial="true"

I used the documentation provided for Package com.sun.mail.smtp located
here:
http://java.sun.com/products/javamail/javadocs/com/sun/mail/smtp/package-summary.html

I also had to download the latest jcifs jar file from the JCIFS site:
http://jcifs.samba.org which is available under the LGPL license and of
course include that in the server's Classpath along with the JavaMail .jar
I imagine that if you're using commons-email, you'd need to include it in
your path as well.  Note that the 1.2.x versions JCIFS won't work as the API
has apparently changed incompatibly so you have to use versions released
after 1.2. The SMTP and IMAP providers in the JavaMail download support the
use of NTLM with the following properties used to configure the NTLM
support:

mail.<protocol>.auth.ntlm.domain
    The NTLM authentication domain.

mail.<protocol>.auth.ntlm.flags
    NTLM protocol-specific flags.
    See http://curl.haxx.se/rfc/ntlm.html#theNtlmFlags for details.

So the main part of my Tomcat configuration above actually turning on the
NTLM support is the "mail.smtp.auth.ntlm.domain" part but I imagine of
course  I do still need to provide login credentials... and I think I also
needed to specify that auth is true and the mail.smtp.ssl.trust="*" I think
was especially important because, in previous testing, I noted how JavaMail
was apparently unable to trust the Exchange server's certificate.... the
mail.smtp.ssl.trust="*" says to just trust everybody. This option takes a
white-space separated list of hosts, those hosts are trusted so I guess I
could've just put the servers network id there (the same serverid I provided
in "mail.smtp.auth.ntlm.domain") but I was unsure if it would simply work so
I just said trust everybody and I think it's pretty safe to do that here
though because this webapp is behind a pretty secure firewall.

For some odd reason, I did have to include the authentication credentials
above twice as I did in the config above but I think that is just because
the actual Mailer Taglib I'm using requires login credentials for
authentication to the server and for some reason the "mail.smtp.user" &
"mail.smtp.password" lines weren't enough to make the authentication happen.
I did have to specify the port to use but I'm not really sure if I needed
"mail.smtp.host=xxx" as I did say "mail.smtp.auth.ntlm.domain=xxxxx" which
is absolutely necessary for NTLM but the server network id is just exactly
the same for both these options... It worked so I left it.

Luckily, I didn't even have to use the "flags" options above in my config
(the flags seemed very very complicated but I guess if this Exchange
server's configuration was more sophisticated, I might have had to spend
another month trying to figure out the flags which are apparently included
in the header and setting them here I suppose would provide other options
not present in the standard JavaMail API)

They noted in the documentation for NTLM that this capability is very new
and has NOT been thoroughly tested and the APIs and properties used to
control it should be considered EXPERIMENTAL. They may be changed in the
future in ways that are incompatible with applications using the current
APIs and properties.

I'm just glad that support for Microsoft's proprietary NTLM authentication
mechanism is supported and that I am able to configure the the JavaMail at
the Tomcat server level so I could continue using this old unsupported
Mailer 1.1 taglib (http://jakarta.apache.org/taglibs/doc/mailer-doc/#attach)
instead of heavy Java coding with commons-email.... Now all I've got to do
is figure out how to attach a file from the database resource in my config
above to the emails (I was able to get past alot of Java coding to get the
email sent but I think I'm going to have to actually develop some Java code
still because the Mailer tag doesn't have very good API for including
attachments from a database in the tag)

Hope my info above helps with commons-email integration with JavaMail NTLM
authentication and doesn't annoy anyone... I'll stop posting here now
because I'm really not using commons-email anymore but I'll keep it in mind
if I have to send a more simple non-JSP-integrated email messages using java
technology on a future project.
-- 
Ferindo

Re: [email] embed/include dynamic Java Server Pages content in email/NTLM Authentication to Exchange Server

[Siegfried Goeschl <si...@it20one.at>]

Sounds good to me to have the mail session as JNDI resource ... :-)

Cheers,

Siegfried Goeschl

PS: Could you post the final configuration when you are done - just in 
case I have to use a NTKM secured mail server at the next custemer? Then 
I can also add it to the FAQ section

On 13.08.10 03:40, Ferindo Middleton wrote:
> I did some further research into the original Taglibs Mailer I was using (
> http://jakarta.apache.org/taglibs/doc/mailer-doc/mailer-1.1/index.html). I
> was using one of the three ways that mail can be sent using that tag: simply
> using the name of the SMTP host and authentication userid&  password within
> the tag. The second requires the name of a JNDI Resource for a JavaMail
> Session. I'm going to research this second way as I think it will give me
> the options of specifying/configuring the JavaMail session to better
> authenticate using NTLM.I really want to continue using the taglib way of
> sending my emails from my Java Server Pages. I saw another post by someone
> outlining a servlet a user wrote to grab the Request properties of the
> parsed JSP to pass to the commons-email package but I wanted to continue
> using my taglib at the presentation layer to assist with the kind of rapid
> development I'm looking for. I was kind of surprised that no one seems to be
> actively working on the mailer taglibs considering that sending email from
> webapps is such a key function but it appears that with a little further
> research in setting up a Javamail JNDI session on the Tomcat Server, I can
> be able to more accurately configure the connection properties to allow for
> NTLM authentication. That was my original problem: the way I was using the
> tag didn't allow for a more sophisticated specification/configuration of the
> connection parameters.  But it looks like I will be able to configure the
> JavaMail connection at the server level and still use the same old tag that
> has now been strangely retired.
>

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
For additional commands, e-mail: user-help@commons.apache.org

Re: [email] embed/include dynamic Java Server Pages content in email/NTLM Authentication to Exchange Server

[Ferindo Middleton <fe...@gmail.com>]

I did some further research into the original Taglibs Mailer I was using (
http://jakarta.apache.org/taglibs/doc/mailer-doc/mailer-1.1/index.html). I
was using one of the three ways that mail can be sent using that tag: simply
using the name of the SMTP host and authentication userid & password within
the tag. The second requires the name of a JNDI Resource for a JavaMail
Session. I'm going to research this second way as I think it will give me
the options of specifying/configuring the JavaMail session to better
authenticate using NTLM.I really want to continue using the taglib way of
sending my emails from my Java Server Pages. I saw another post by someone
outlining a servlet a user wrote to grab the Request properties of the
parsed JSP to pass to the commons-email package but I wanted to continue
using my taglib at the presentation layer to assist with the kind of rapid
development I'm looking for. I was kind of surprised that no one seems to be
actively working on the mailer taglibs considering that sending email from
webapps is such a key function but it appears that with a little further
research in setting up a Javamail JNDI session on the Tomcat Server, I can
be able to more accurately configure the connection properties to allow for
NTLM authentication. That was my original problem: the way I was using the
tag didn't allow for a more sophisticated specification/configuration of the
connection parameters.  But it looks like I will be able to configure the
JavaMail connection at the server level and still use the same old tag that
has now been strangely retired.

-- 
Ferindo

Re: [email] embed/include dynamic Java Server Pages content in email/NTLM Authentication to Exchange Server

[Siegfried Goeschl <si...@it20one.at>]

Hi Ferindo,

some thoughts along the line

1) all email related libraries I'm aware of are using javax.mail. So you 
have to get the NTLM authentication working on this level. The last 
problem you had is related to the SSL certificate being used by your 
exchange server - please see 
http://blogs.sun.com/andreas/entry/no_more_unable_to_find for more 
information

2) regarding JSP integration - your observation is correct since we 
provide no direct JSP integration and we never will. But I pretty much 
assume that you will run into 1) quickly with all JSP taglibs you find 
on Google. Having said that you can always reconsider moving the mail 
functionality out of the presentation layer into a domain servcice or 
application service layer (where it might belong - remember the SQL 
taglibs running SQL queries from a JSP page)

So have a look at 1) and keep us/me in the loop ... :-)

Thanks in advance

Siegfried Goeschl

On 10.08.10 03:53, Ferindo Middleton wrote:
> Thanks for your incite with my posts regarding this Siegfried and Ricardo! I
> suppose that commons-email doesn't support the kind of integration I was
> hoping to use in my JSP pages. I was thinking that I could have the dynamic
> content of my JSP pages embedded via the functions of Class HtmlEmail. I had
> been using Mailer Tag library (
> http://jakarta.apache.org/taglibs/doc/mailer-doc/) that was retired in the
> Jakarta Project but the security supported my company's Exchange server has
> been beefed up over the year and they no longer support the basic
> authentication I once was able to use in the Mailer Taglib as there is very
> little configuration that tag library supported besides sending basic SMTP
> email with basic authentication. I tried upgrading to the Mailer2 taglib (
> http://jakarta.apache.org/taglibs/sandbox/doc/mailer2-doc/) via the svn made
> available on the site but I don't think that project ever came to a release
> point as there's no .tld or .jar files provided in the svn trunk (
> http://svn.apache.org/repos/asf/jakarta/taglibs/deprecated-sandbox/mailer2/trunk/)
> and the the svn that's there won't build using ant because I don't that
> project ever came to a completion point.
>
> I had posted some other threads on trying to get commons-email to
> authenticate via the apparent NTLM authentication mechanism the Exchange
> server now requires but it appears that even once I get past that, this
> package doesn't have enough integration I would need with my JSP dynamic
> content I got used to being able to send dynamically with the Mailer Tag
> library. I realize this isn't quite the forum for this, but can you point me
> in the right direction to get updated resources for sending email from my
> JSPs?
>

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
For additional commands, e-mail: user-help@commons.apache.org