Log4j, SMTPAppender, and AuthenticationTuesday, September 29th, 2009 with 1 Comment »

I was trying to hook up my log4j configuration to my gmail account so that I could be immediately alert for errors. Pretty simple use case… But I started getting errors like:

com.sun.mail.smtp.SMTPSendFailedException: 530 5.7.0 Must issue a STARTTLS command first.

and

com.sun.mail.smtp.SMTPSendFailedException: 530 5.7.0 Authentication required

I have reason to believe SMTPAppender is borked on anything authentication related because your authentication properties are read after the javax.mail.Session is created. The following is code for an overridden SMTPAppender that takes over the session creation. 

import java.security.Security;
import java.util.Properties;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import org.apache.log4j.net.SMTPAppender;

public class SMTPSSLAppender extends SMTPAppender {

	public SMTPSSLAppender() {
		Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
	}

	@Override
	protected Session createSession() {
		Properties properties = new Properties();
		properties.setProperty("mail.transport.protocol", "smtp");
		properties.setProperty("mail.host", getSMTPHost());
		properties.put("mail.smtp.auth", "true");
		properties.put("mail.smtp.port", "465");
		properties.put("mail.smtp.socketFactory.port", "465");
		properties.put("mail.smtp.socketFactory.class","javax.net.ssl.SSLSocketFactory");
		properties.put("mail.smtp.socketFactory.fallback", "false");
		properties.setProperty("mail.smtp.quitwait", "false");

		Session session = Session.getDefaultInstance(properties, new javax.mail.Authenticator() {
			protected PasswordAuthentication getPasswordAuthentication()
			{ return new PasswordAuthentication(getSMTPUsername(),getSMTPPassword());	}
		});		

		return session;
	}
}

And the log4j.properties would have something like:

log4j.appender.mail=SMTPSSLAppender
log4j.appender.mail.SMTPHost=smtp.gmail.com
log4j.appender.mail.SMTPUsername=myusername
log4j.appender.mail.SMTPPassword=mypassword
log4j.appender.mail.BufferSize=1
log4j.appender.mail.Subject=ZOMG some error occured!
log4j.appender.mail.To=my@email.com
log4j.appender.mail.threshold=error
log4j.appender.mail.layout=org.apache.log4j.PatternLayout
log4j.appender.mail.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n

Of course, overriding session creation breaks a lot of things, but it still has the 20% of functionality that 80% of folks will use.

Prevent Directory Listings Using .htaccessWednesday, August 19th, 2009 with 1 Comment »

A simple fix, just add the following line of code to your .htaccess :

# Prevents directory listing
Options -Indexes
Get updates as often as we post! Subscribe to our full feed or comments feed.