Sun Java Communications Suite 5 Release Notes


When clients connect via IMAP, POP or SMTP to the Messaging Server, they must use a SASL (RFC 2222) authentication mechanism or a simple password to prove their identity to the server. When the LDAP directory is configured to store user passwords in the clear, all user passwords are migrated to this format and the sasl.default.ldap.has_ plain_passwords option is set on the Messaging Server, then three additional authentication mechanisms are enabled: APOP, CRAM-MD5 and DIGEST-MD5. All three of these mechanisms transmit a one-way encoding of the password over the wire rather than the password itself. Due to its limited deployment and complexity, the DIGEST-MD5 mechanism is deprecated leaving only the APOP and CRAM-MD5 mechanisms.