Changing and store Java Mail password from application
Question
I have an application that uses Common Mail (Java Mail). There is this line:
email.setAuthenticator(new DefaultAuthenticator("emailAdress", "password"));
Now i´m hardcoding these parameters but i want that emailAdress and password can be changed and readed from a database or config file. The application has a method to change the parameters.
My answer is: where should i store the parameters? My first option is to store them in a database but if i store the password hashed for example with MD5, i can´t recover the original one when i need it.
Another option is to store them in a file configuration in the server. If i want to change the email adress and the password, i only have to edit the configuration file.
What do you think? Thanks.
2 answers
solution1
0 ACCPTED 2014-12-18 21:55:32
The correct answer depends on how paranoid you are about security.
For example, you may want to store the credentials encrypted in a file or database, and only decrypt them at runtime just before you need them. But of course that requires you to decide how to handle the key that encrypts and decrypts the credentials. It can't be turtles all the way down . A more complete answer is beyond the scope of stackoverflow.
solution2
-1 2014-12-18 18:24:49
建议您将电子邮件和密码存储在属性文件中,以便可以轻松更改用户名和密码。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.