geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick McGuire <>
Subject Re: SecurityException trying to use JavaMail
Date Mon, 13 Oct 2008 11:14:03 GMT
Kevan Miller wrote:
> On Oct 11, 2008, at 8:07 PM, John wrote:
>> Hi,
>> I have a webapp setup to send an email notification using javamail. 
>>  The code works in both Tomcat and JBoss, but in Geronimo I am 
>> getting a SecurityException.  Here is a subset of the stacktrace:
>> java.lang.SecurityException
>>   at javax.mail.Session.getDefaultInstance(
>>   at 
>> com.esa.gaf.server.mail.MailServiceImpl.createSession(
>>   at 
>> com.esa.gaf.server.mail.MailServiceImpl.sendMail(
>>   at 
>> <>(
>>   at 
>> <>(
>>   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>   at 
>> sun.reflect.NativeMethodAccessorImpl.invoke(
>>   at 
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(
>>   at java.lang.reflect.Method.invoke(
>> FWIW, I initially had the war built to include the necessary javamail 
>> dependencies.  I suspect, since Geronimo includes a Javamail car, 
>> that I don't need to include these, but am finding little guidance in 
>> the documentation or through googling to point me in the right direction.
>> The mail server is configured correctly and I am using a valid user 
>> to send the email from.  Is there something special I need to do in 
>> order to get this to work correctly?
> Hi John,
> There are multiple conditions which could result in that exception. 
> Possible that we have a bug in our Javamail implementation... I'm not 
> an expert on our Javamail implementation. I may see a potential 
> problem, though...
> Has your app already called Session.getDefaultInstance(Properties, 
> Authenticator)? Or would this be the first call by your app? Are you 
> passing a non-null Authenticator?
A security exception thrown from that location generally means that a 
default session has already been created and there's a mismatch on the 
authenticator.  The javamail module creates the default session instance 
as part of the javamail configuration, so if you're specifying an 
authenticator and the default has already been created without an 
authenticator, that triggers the security exception.  The sun javamail 
version works the same way.  There are two options.  One would be to 
ensure that the javamail configuration is specifying an authenticator to 
be used.  That might be a bit more work, since you'll likely need to 
create an authenticator GBean to get the instance injected into the 
javamail session configuration.

The simpler solution, if you are not dependent upon the properties that 
the javamail session has been configured with, would be to use 
getInstance() rather than getDefaultInstance().


> Do you see this error, if you restart your server?
> --kevan

View raw message