![]() ![]() ![]() ![]() |
Security |
If the client does not specify any authentication environment properties, the default authentication mechanism is none. If the client sets the Context.SECURITY_AUTHENTICATION("java.naming.security.authentication") environment property to "none", then the authentication mechanism is none and all other authentication environment properties are ignored. In either case, the client will be treated as an anonymous client. This means that the server does not know or care who the client is, and will allow the client to access (read and update) any data that has been configured to be accessible by any unauthenticated client.
Because they set none of the authentication environment properties, all of the directory examples in the Basics
trail use anonymous authentication.
Here is an example that explicitly sets the Context.SECURITY_AUTHENTICATION property to "none". Note that setting the Context.SECURITY_AUTHENTICATION property in this way is not strictly necessary because that is the default. You would only want to do this explicitly to ensure that any other authentication properties that might have been set are ignored.
// Set up environment for creating initial context Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://localhost:389/o=JNDITutorial"); // Use anonymous authentication env.put(Context.SECURITY_AUTHENTICATION, "none"); // Create initial context DirContext ctx = new InitialDirContext(env); // ... do something useful with ctxIf you supply an empty string, an empty byte/char array or null to the Context.SECURITY_CREDENTIALS
("java.naming.security.credentials") environment property, the authentication mechanism will be "none", regardless of the setting of Context.SECURITY_AUTHENTICATION. This is because the LDAP requires the password to be nonempty for doing any type of authentication and so the protocol automatically converts the authentication to "none" if a password is not supplied.
![]() ![]() ![]() ![]() |
Security |