![]() ![]() ![]() ![]() |
Miscellaneous |
The JNDI does not define a security model. It uses the security models that are in place in the underlying Java platform and in the underlying naming/directory service. In terms of security support, the JNDI does, however, provide security-related environment properties that allow the JNDI client to specify commonly needed security-related information. These properties are listed in the Environment Propertieslesson. We provide a brief summary of them here:
Service providers are encouraged to use these properties when they are applicable for accessing the underlying naming/directory service. However, service providers are free to use other means to authenticate its clients, such as by using the Java Authentication and Authorization Service.
- Context.SECURITY_AUTHENTICATION
("java.naming.security.authentication") : This property specifies the authentication mechanism to use.
- Context.SECURITY_PRINCIPAL
("java.naming.security.principal"): This property specifies the name of the user/program doing the authentication and depends on the value of Context.SECURITY_AUTHENTICATION property.
- Context.SECURITY_CREDENTIALS
("java.naming.security.credentials"): This property specifies the credentials of the user/program doing the authentication and depends on the value of Context.SECURITY_AUTHENTICATION property.
- Context.SECURITY_PROTOCOL
("java.naming.security.protocol"): This property specifies the security protocol to use.
Environment Properties
It is important to keep in mind that the environment properties contain possibly security-sensitive information (such as passwords). It is also important to understand that when you supply environment properties to a service provider (by using the InitialContext constructors) , those environment properties are passed by the service provider to factories (see the Object Factories
, State Factories
, and Response Control Factories
lessons for details). Therefore, you should make sure that all factories and providers that you use can be trusted with possibly security-sensitive information.
Application resource files, as described in the Environment Properties
, allow you to specify environment properties in a very easy-to-use manner. The JNDI will read all application resource files in the classpath and use them. Since environment properties can affect the factories that you use (see below), you should be careful about the class definitions and application resource files that are in your classpath.
Factories
The JNDI architecture is designed to be very flexible. You can dynamically choose service providers, as well as customize them by using object factories, state factories, and response control factories. Thus, depending on the configuration of providers and factories, a program's behavior can vary dramatically. This flexibility, though powerful, has security implications. You should make sure that the factories that you use are trusted. Malicious factories can return wrong or bogus data, or corrupt your underlying naming/directory service. Given that naming/directory services are often used to store security-related information, extra precaution should be taken to include only valid and trusted factories.Instances of Context
An instance of Contextor one of its subinterfaces is a possibly authenticated connection to the underlying naming/directory service. It can be returned by various methods in the JNDI API and SPI, including:
Context instances are also passed to object, state, and control factories.
Context.lookup() Context.lookupLink() Context.listBindings() Context.createSubcontext() DirContext.createSubcontext() various forms of DirContext.search() DirContext.getSchema() DirContext.getSchemaClassDefinition() Attribute.getAttributeDefinition() Attribute.getAttributeSyntaxDefinition() LdapContext.newInstance NamingManager.getContinuationContext() DirectoryManager.getContinuationDirContext() NamingManager.getObjectInstance() DirectoryManager.getObjectInstance() NamingManager.getURLContext() NamingManager.getInitialContext() NamingEvent.getEventContext and getSource() (inherited from java.util.EventObject).
NamingExceptionEvent.getEventContext and getSource() (inherited from java.util.EventObject).
UnsolicitedNotificationEvent.getSource() (inherited from java.util.EventObject). Like environment properties, you should not pass context instances to untrusted service providers, factories, or any other untrusted code.
![]() ![]() ![]() ![]() |
Miscellaneous |