使用加密的密码连接到gmail（使用imap和javamail） [英] Connect to gmail (using imap and javamail) with encryted password

问题描述

我正在尝试使用简单的Java程序连接到Gmail（像 http://tinyurl.com/ y4hfl8l ）。但是我的问题是：

I'm trying to connect to gmail using a simple java program (like this one in http://tinyurl.com/y4hfl8l). But my question is:

有没有办法加密密码，而不是真正的密码，为安全起见，当然！ / />

Is there a way to do this with encrypted password and not the real password, for security reasons of course!! something like how we do in java-Oracle db ?

推荐答案

默认情况下，IMAP唯一的认证机制是 LOGIN 命令，它需要未加密的用户名和密码。您可以通过IMAP连接或通过 STARTTLS 命令启动TLS层来添加加密层，但仍需要客户端知道明文密码

By default, the only authentication mechanism for IMAP is the LOGIN command, which takes an unencrypted username and password. You can add an encryption layer on top of it, either by connecting via IMAPs or starting a TLS layer via the STARTTLS command, but it still requires the client to know the cleartext password.

服务器还可以提供可通过 AUTHENTICATE 命令。服务器在对 CAPABILITY 命令的响应中通告其支持的SASL机制。例如，如果服务器包含 AUTH = PLAIN 的功能，则客户端可以使用 PLAIN SASL身份验证方法通过 AUTHENTICATE PLAIN IMAP命令。

A server can optionally also provide SASL authentication methods invokable via the AUTHENTICATE command. The server advertises which SASL mechanisms it supports in its response to the CAPABILITY command. For instance, if the server includes the capability "AUTH=PLAIN", the client can use the PLAIN SASL authentication method via the AUTHENTICATE PLAIN IMAP command.

Gmail只支持一种SASL身份验证机制， XOAUTH ：

Gmail supports only one SASL authentication mechanism, XOAUTH:

C: 1 capability
S: * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA XLIST CHILDREN XYZZY
      SASL-IR AUTH=XOAUTH
S: 1 OK Thats all she wrote! dv32if2169247ibb.17

XOAUTH 是一个非标准的SASL使用OAuth的身份验证机制。 （领先的X意味着它不是标准化的。）Google已发布定义 XOAUTH SASL机制。他们还提供了一个 google-mail-xoauth-tools软件包，其中包含示例代码，显示如何使用JavaMail与Gmail通过 XOAUTH 。

XOAUTH is a nonstandard SASL authentication mechanism using OAuth. (The leading 'X' means it's not standardized.) Google has published a document defining the XOAUTH SASL mechanism. They've also provided a google-mail-xoauth-tools package, which includes sample code showing how to use JavaMail with Gmail via XOAUTH.

这篇关于使用加密的密码连接到gmail（使用imap和javamail）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！