使用Java Mail哪个更安全
[英]Which is more secure using Java Mail
问题描述
I've code to send emails using JavaMail and am keen to understand which of the two options below is more secure and better practice. 
我已经编写了使用JavaMail发送电子邮件的代码,并且渴望了解以下两个选项中的哪一个更安全,更好地实践。 Both sets of code currently work sending via SMTP using Gmail, Outlook or Yahoo. 目前,这两套代码都可以使用Gmail,Outlook或Yahoo通过SMTP发送。 The code is from Android, but is more generalist Java. 该代码来自Android,但更通用。
String password = "**********";
String username = "????@gmail.com";//"????@outlook.com";//"????@yahoo.com";
String smtp_host_setting = "smtp.gmail.com";//"smtp-mail.outlook.com";//"smtp.mail.yahoo.com";
String smtp_port_setting = "587";//"587";//"587";
String recipient_email_address = "recipient@recipient_server.com";
String email_subject = "Email Subject";
String email_msg = "Some text for the message\r\nThanks!";
Session session = null;
This approach uses getPasswordAuthentication() : 此方法使用getPasswordAuthentication():
/************************ OPTION 1 *****************************/
private int send_email_temp(){
Properties props = new Properties();
props.put("mail.smtp.auth", "true");
props.put("mail.smtp.host", smtp_host_setting); // YAHOO needs it to be mail.smtp.host, GMAIL and OUTLOOK were OK with mail.host (and with this)
//props.put("mail.debug", "true");
props.put("mail.smtp.ssl.enable", "true");
props.put("mail.smtp.starttls.enable", "true");
props.put("mail.smtp.port", smtp_port_setting);
session = Session.getInstance(
props,
new javax.mail.Authenticator() {
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(username, password);
}
});
ActuallySendAsync_temp asy = new ActuallySendAsync_temp(true);
asy.execute();
return 0;
}
class ActuallySendAsync_temp extends AsyncTask<String, String, Void> {
public ActuallySendAsync_temp(boolean boo) {
// something to do before sending email
}
@Override
protected Void doInBackground(String... params) {
try {
Message message = new MimeMessage(session);
message.setFrom(new InternetAddress(username));
message.setRecipients(Message.RecipientType.TO,
InternetAddress.parse(recipient_email_address));
message.setSubject(email_subject);
message.setText(email_msg);
Transport.send(message);
} catch (MessagingException e) {
e.printStackTrace();
} finally {
}
return null;
}
@Override
protected void onPostExecute(Void aVoid) {
super.onPostExecute(aVoid);
// something to do after sending email
}
}
/************************ OPTION 1 - End ***********************/
This approach uses session.getTransport("smtp") and .connect for authentication : 这种方法使用session.getTransport(“ smtp”)和.connect进行身份验证:
/************************ OPTION 2 *****************************/
private int send_email_temp(){
Properties props = new Properties();
props.put("mail.smtp.auth", "true");
props.put("mail.smtp.host", smtp_host_setting); // YAHOO needs it to be mail.smtp.host, GMAIL and OUTLOOK were OK with mail.host (and with this)
//props.put("mail.debug", "true");
props.put("mail.smtp.ssl.enable", "true");
props.put("mail.smtp.starttls.enable", "true");
props.put("mail.smtp.port", smtp_port_setting);
session = Session.getInstance(props);
ActuallySendAsync_temp asy = new ActuallySendAsync_temp(true);
asy.execute();
return 0;
}
class ActuallySendAsync_temp extends AsyncTask<String, String, Void> {
public ActuallySendAsync_temp(boolean boo) {
// something to do before sending email
}
@Override
protected Void doInBackground(String... params) {
try {
Message message = new MimeMessage(session);
message.setFrom(new InternetAddress(username));
message.setRecipients(Message.RecipientType.TO,
InternetAddress.parse(recipient_email_address));
message.setSubject(email_subject);
message.setText(email_msg);
Transport transport = session.getTransport("smtp");
transport.connect(smtp_host_setting, username, password);
transport.sendMessage(message, message.getAllRecipients());
transport.close();
} catch (MessagingException e) {
e.printStackTrace();
} finally {
}
return null;
}
@Override
protected void onPostExecute(Void aVoid) {
super.onPostExecute(aVoid);
// something to do after sending email
}
}
/************************ OPTION 2 - End ***********************/
Are the two approaches equivalent, or is one option considered more secure than the other? 两种方法是否等效,还是一种选择比另一种选择更安全?
Thank you for your help. 谢谢您的帮助。
1 个解决方案
解决方案1
1 已采纳 2018-04-16 06:39:15
They're equivalently secure. 它们同样安全。 One is just more verbose. 一个只是比较冗长。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
哪个更安全:外部浏览器或ChromeTab授权? - Which is more secure: External browser or ChromeTab for authorization?
在Android中使用Java Mail API - using java mail api in android
在Android中使用SCP / SFTP或更安全的方式上传文件 - Upload Files Using SCP/SFTP or more secure way in Android
哪种方法会更有效? (Java Android编程) - Which way will be more efficient ? (Java Android Programming)
在Java for android中更快更有效率 - In Java for android which is faster more efficient
无法使用Java Mail API从android应用发送邮件 - Cant send mail from android app using java mail api
app:preDexDebug错误执行失败,使用Java邮件发送邮件 - Execution failed for app:preDexDebug error sending mail using java mail
在通过 Firebase 身份验证创建用户后,将用户名传递到后端的这两者之间哪种方法更安全? - Which is the more secure method between these two for passing the username to the backend after creating the user via Firebase auth?
使用Java Mail在Android中添加附件 - Adding attachment in android using Java Mail
无法使用Java Mail发送附件 - Can't send attachment using Java Mail
相关标签