commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ben Speakmon (JIRA)" <j...@apache.org>
Subject [jira] Updated: (EMAIL-70) Email.setMailSession() discards provided session if using authentication
Date Wed, 21 Nov 2007 20:04:43 GMT

     [ https://issues.apache.org/jira/browse/EMAIL-70?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Ben Speakmon updated EMAIL-70:
------------------------------

    Affects Version/s: 1.1

> Email.setMailSession() discards provided session if using authentication
> ------------------------------------------------------------------------
>
>                 Key: EMAIL-70
>                 URL: https://issues.apache.org/jira/browse/EMAIL-70
>             Project: Commons Email
>          Issue Type: Bug
>    Affects Versions: 1.1
>         Environment: All
>            Reporter: F. Andy Seidl
>            Priority: Minor
>
> The Email.setSession(Session aSession) method does NOT use the provided session value
if the provided session is an authenticated session.  In that case, a new Session instance
is created and used instead.  The newly created session uses a DefaultAuthenticator based
on the username/password properties provided in the original session.
> This is a problem because the original session may have been created with a valid authenticator
but without placing the password in the session properties.  In this case, the newly constructed
session will not work.  Or, the original session may have been created with a custom authenticator,
so again, the newly constructed session will not work.
> It seems to me that setSession() should simply set the provided session and not attempt
to be smart about authentication.  However, for backward compatibility, an improvement would
be to offer a setRawSession() that simply sets this.session.   Another improvement would be
to also check for the presence of username and password properties before deciding to create
a new session instance.  If either of those properties is missing, use the provided session
as-is.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message