rspec/rules/S5527/java/how-to-fix-it/apache-commons-email.adoc

== How to fix it in Apache Commons Email

=== Code examples

include::../../common/fix/code-rationale.adoc[]

:cert_variable_name: setSSLCheckServerIdentity
:cert_variable_safe_value: true

include::../../common/fix/code-rationale-explicit.adoc[]

==== Noncompliant code example

[source,java,diff-id=1,diff-type=noncompliant]
----
import org.apache.commons.mail.DefaultAuthenticator;
import org.apache.commons.mail.Email;
import org.apache.commons.mail.SimpleEmail;

public void sendMail(String message) { 
    Email email = new SimpleEmail();

    email.setMsg(message);
    email.setSmtpPort(465);
    email.setAuthenticator(new DefaultAuthenticator(username, password));
    email.setSSLOnConnect(true); // Noncompliant

    email.send();
}
----

==== Compliant solution

[source,java,diff-id=1,diff-type=compliant]
----
import org.apache.commons.mail.DefaultAuthenticator;
import org.apache.commons.mail.Email;
import org.apache.commons.mail.SimpleEmail;

public void sendMail(String message) { 
    Email email = new SimpleEmail();

    email.setMsg(message);
    email.setSmtpPort(465);
    email.setAuthenticator(new DefaultAuthenticator(username, password));
    email.setSSLCheckServerIdentity(true);
    email.setSSLOnConnect(true);

    email.send();
}
----

=== How does this work?

include::../../common/fix/validation.adoc[]

include::../../common/fix/keytool.adoc[]
Modify S5527: Learn-As-You-Code migration (#2269) ## Review A dedicated reviewer checked the rule description successfully for: - [x] logical errors and incorrect information - [x] information gaps and missing content - [x] text style and tone - [x] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> 2023-06-28 17:11:41 +02:00			`== How to fix it in Apache Commons Email`

			`=== Code examples`

			`include::../../common/fix/code-rationale.adoc[]`

			`:cert_variable_name: setSSLCheckServerIdentity`
			`:cert_variable_safe_value: true`

			`include::../../common/fix/code-rationale-explicit.adoc[]`

			`==== Noncompliant code example`

			`[source,java,diff-id=1,diff-type=noncompliant]`
			`----`
			`import org.apache.commons.mail.DefaultAuthenticator;`
			`import org.apache.commons.mail.Email;`
			`import org.apache.commons.mail.SimpleEmail;`

			`public void sendMail(String message) {`
			`Email email = new SimpleEmail();`

			`email.setMsg(message);`
			`email.setSmtpPort(465);`
			`email.setAuthenticator(new DefaultAuthenticator(username, password));`
			`email.setSSLOnConnect(true); // Noncompliant`

			`email.send();`
			`}`
			`----`

			`==== Compliant solution`

			`[source,java,diff-id=1,diff-type=compliant]`
			`----`
			`import org.apache.commons.mail.DefaultAuthenticator;`
			`import org.apache.commons.mail.Email;`
			`import org.apache.commons.mail.SimpleEmail;`

			`public void sendMail(String message) {`
			`Email email = new SimpleEmail();`

			`email.setMsg(message);`
			`email.setSmtpPort(465);`
			`email.setAuthenticator(new DefaultAuthenticator(username, password));`
			`email.setSSLCheckServerIdentity(true);`
			`email.setSSLOnConnect(true);`

			`email.send();`
			`}`
			`----`

			`=== How does this work?`

			`include::../../common/fix/validation.adoc[]`

			`include::../../common/fix/keytool.adoc[]`