You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Jerry Malcolm <te...@malcolms.com> on 2019/11/05 01:20:35 UTC
Re: AdministratorId Documentation
This is a followup to an earlier discussion. I have a very large number
of imap utilities that I use to maintain my clients' accounts and
mailboxes. They were all written using javax.mail's version of the IMAP
interface. Your code reference below was very helpful. But I realized
I would have to change all of my javax.mail code to commons.net. It was
going to be worth it if I could get the delegate function. But I still
was dreading the amount of migration/testing work.
So.... I did a bit of playing around looking at what was really
happening to send the admin id, admin pw, and target account in the
login. Turns out in the javax.mail package, if you use:
store.connect(host, port, user + "\0" + adminId, adminPW);
it logs in correctly with delegation. So as much as I appreciate your
code :-), a one-line change to my javax.mail login code won out over
almost a full rewrite of all my utilities.
Jerry
On 9/12/2019 11:01 PM, Tellier Benoit wrote:
> If you are using commons-net, I succeeded to write:
>
> https://gist.github.com/chibenwa/abd12fd6c0b06cadd1de591e3ac792b9
>
> That should be helping you!
>
> On 13/09/2019 10:40, Tellier Benoit wrote:
>> Wich library are you using?
>>
>> On 13/09/2019 10:33, Jerry Malcolm wrote:
>>> Thanks for the info, Tellier. I kinda lost you on the mpt tests... I
>>> was looking for how to change the following code to include an
>>> administrator id. I only have one field in the store.connect() method
>>> for a user id, but I have an administrator id and the userid for the
>>> target mailbox. How do I pass in both?
>>>
>>> try
>>> {
>>> session = Session.getInstance(props, null);
>>> session.setDebug(debug);
>>> store = session.getStore(protocol);
>>> store.connect(host, port, user, password);
>>> }
>>> catch( Exception e)
>>> {
>>> log( "IMAPClient.connect() exception: " + e );
>>> throw(e);
>>> }
>>>
>>> On 9/12/2019 10:10 PM, Tellier Benoit wrote:
>>>> Hello Jerry,
>>>>
>>>> With the `administratorId`, you are able to use IMAP impersonation.
>>>>
>>>> IE to log in as another user.
>>>>
>>>> You should define it within usersrepository.xml. To see related "reading
>>>> config" code: AbstractUsersRepository is the way to go.
>>>>
>>>> Agree that this needs example and documentation. I will do it straight
>>>> away.
>>>>
>>>> For your IMAP call, MPT tests are going to be a gold mine, presenting
>>>> you the exact syntax.
>>>> mpt/impl/imap-mailbox/core/src/main/resources/org/apache/james/imap/scripts/AuthenticatePlain.test
>>>>
>>>>
>>>> Contains:
>>>>
>>>> C: 0007 AUTHENTICATE "PLAIN" {36+}
>>>> # delegate\0imapuser\0password
>>>> C: ZGVsZWdhdGUAaW1hcHVzZXIAcGFzc3dvcmQ=
>>>> S: 0007 OK AUTHENTICATE completed.
>>>>
>>>> # Ensure we are delegate
>>>> C: 0008 SELECT delegate
>>>> SUB {
>>>> S: \* FLAGS .*
>>>> S: \* .* EXISTS
>>>> S: \* .* RECENT
>>>> S: \* OK \[UIDVALIDITY .*\] UIDs valid
>>>> S: \* OK \[PERMANENTFLAGS .*\] Limited
>>>> S: \* OK \[HIGHESTMODSEQ .*\] Highest
>>>> S: \* OK \[UIDNEXT .*\] Predicted next UID
>>>> }
>>>> S: 0008 OK \[READ-WRITE\] SELECT completed\.
>>>>
>>>> Regarding your development issues, I'm really sorry. My environment is
>>>> based on IntelliJ, and I encounter no issue.
>>>>
>>>> To be able to compile, I use maven 3.6.2 with JDK 11.
>>>>
>>>> Best regards,
>>>>
>>>> Benoit Tellier
>>>>
>>>>
>>>> On 13/09/2019 09:53, Jerry Malcolm wrote:
>>>>> Since it appears I'm not going to be able to build James 3.3.0 in the
>>>>> foreseeable future, I'm now moving to plan d, e, f, or whatever... .I've
>>>>> lost count.
>>>>>
>>>>> My goal now is to assess my possibilities of using James 3.3.0 binaries
>>>>> as-is and discarding the functionality I had hoped to re-add to 3.3.0
>>>>> from 30b5 or moving the functionality to mailets that I can compile
>>>>> outside of doing a full James build.
>>>>>
>>>>> One thing I had added to beta5 was the ability to have a super-user,
>>>>> master-key id that could be used in my custom external imap mailbox
>>>>> maintenance utilities. I've spent several hours digging through the
>>>>> 3.3.0 source code, and I see code referencing "administratorId". From
>>>>> what I can deduce from the code, the Authenticator and Authorizator
>>>>> classes seem to accept this administrator id as the equivalent of the
>>>>> master key I added to b5. So can I access UserABC's mailbox through
>>>>> imap but use my administratorId and password? If that's the case, then
>>>>> that's exactly what I need. The problem is I can't find any
>>>>> documentation on how to use administratorId. Where do I define it? And
>>>>> how do I pass it on imap calls using the javax.mail.Store and other
>>>>> classes in javax.mail that I use to access imap?
>>>>>
>>>>> Jerry
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-user-help@james.apache.org
>>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org