jdk
175 строк · 9.3 Кб
1/*
2* Copyright (c) 2014, 2024, Oracle and/or its affiliates. All rights reserved.
3* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4*
5* This code is free software; you can redistribute it and/or modify it
6* under the terms of the GNU General Public License version 2 only, as
7* published by the Free Software Foundation. Oracle designates this
8* particular file as subject to the "Classpath" exception as provided
9* by Oracle in the LICENSE file that accompanied this code.
10*
11* This code is distributed in the hope that it will be useful, but WITHOUT
12* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14* version 2 for more details (a copy is included in the LICENSE file that
15* accompanied this code).
16*
17* You should have received a copy of the GNU General Public License version
18* 2 along with this work; if not, write to the Free Software Foundation,
19* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20*
21* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22* or visit www.oracle.com if you need additional information or have any
23* questions.
24*/
25
26/**
27* Defines the Java Naming and Directory Interface (JNDI) API.
28* <p>
29* Common standard JNDI environment properties that may be supported
30* by JNDI providers are defined and documented in
31* {@link javax.naming.Context}. Specific JNDI provider implementations
32* may also support other environment or system properties, which are specific
33* to their implementation.
34*
35* @implNote
36* The following implementation specific environment properties are supported by the
37* default LDAP Naming Service Provider implementation in the JDK:
38* <ul>
39* <li>{@code java.naming.ldap.factory.socket}:
40* <br>The value of this environment property specifies the fully
41* qualified class name of the socket factory used by the LDAP provider.
42* This class must implement the {@link javax.net.SocketFactory} abstract class
43* and provide an implementation of the static "getDefault()" method that
44* returns an instance of the socket factory. By default the environment
45* property is not set.
46* </li>
47* <li>{@code com.sun.jndi.ldap.connect.timeout}:
48* <br>The value of this environment property is the string representation
49* of an integer specifying the connection timeout in milliseconds.
50* If the LDAP provider cannot establish a connection within that period,
51* it aborts the connection attempt.
52* The integer should be greater than zero. An integer less than
53* or equal to zero means to use the network protocol's (i.e., TCP's)
54* timeout value.
55* <br> If this property is not specified, the default is to wait
56* for the connection to be established or until the underlying
57* network times out.
58* <br> If a custom socket factory is provided via environment property
59* {@code java.naming.ldap.factory.socket} and unconnected sockets
60* are not supported, the specified timeout is ignored
61* and the provider behaves as if no connection timeout was set.
62* </li>
63* <li>{@code com.sun.jndi.ldap.read.timeout}:
64* <br>The value of this property is the string representation
65* of an integer specifying the read timeout in milliseconds
66* for LDAP operations. If the LDAP provider cannot get a LDAP
67* response within that period, it aborts the read attempt. The
68* integer should be greater than zero. An integer less than or
69* equal to zero means no read timeout is specified which is equivalent
70* to waiting for the response infinitely until it is received.
71* <br>If this property is not specified, the default is to wait
72* for the response until it is received.
73* </li>
74* <li>{@code com.sun.jndi.ldap.tls.cbtype}:
75* <br>The value of this property is the string representing the TLS
76* Channel Binding type required for an LDAP connection over SSL/TLS.
77* Possible value is :
78* <ul>
79* <li>"tls-server-end-point" - Channel Binding data is created on
80* the basis of the TLS server certificate.
81* </li>
82* </ul>
83* <br>"tls-unique" TLS Channel Binding type is specified in RFC-5929
84* but not supported.
85* <br>If this property is not specified, the client does not send
86* channel binding information to the server.
87* </li>
88* </ul>
89* <p>The following implementation specific system properties are supported by the
90* default LDAP Naming Service Provider implementation in the JDK:
91* <ul>
92* <li>{@systemProperty com.sun.jndi.ldap.object.trustSerialData}:
93* <br>The value of this system property is the string representation of a boolean value
94* that controls the deserialization of java objects from the {@code javaSerializedData} LDAP
95* attribute, reconstruction of RMI references from the {@code javaRemoteLocation} LDAP attribute, and
96* reconstruction of {@linkplain javax.naming.BinaryRefAddr binary reference addresses} from
97* the {@code javaReferenceAddress} LDAP attribute.
98* To allow the deserialization or reconstruction of java objects from {@code javaSerializedData},
99* {@code javaRemoteLocation} or {@code javaReferenceAddress} attributes, the system property value
100* can be set to {@code true} (case insensitive).
101* <br>If the property is not specified the deserialization of java objects
102* from the {@code javaSerializedData}, the {@code javaRemoteLocation}, or {@code javaReferenceAddress}
103* attributes is not allowed.
104* </li>
105* <li>{@systemProperty jdk.jndi.object.factoriesFilter}:
106* <br>The value of this system property defines a filter used by
107* the JNDI runtime implementation to control the set of object factory classes which will
108* be allowed to instantiate objects from object references returned by naming/directory systems.
109* The factory class named by the reference instance will be matched against this filter.
110* The filter property supports pattern-based filter syntax with the same format as
111* {@link java.io.ObjectInputFilter.Config#createFilter(String) jdk.serialFilter}. Limit patterns
112* specified in the filter property are unused.
113* This property can also be specified as a {@linkplain java.security.Security security property}.
114* This property is also supported by the <a href="{@docRoot}/jdk.naming.rmi/module-summary.html">default JNDI
115* RMI Provider</a>.
116* <br>The default value allows any object factory class specified by the reference
117* instance to recreate the referenced object.
118* </li>
119* <li>{@systemProperty jdk.jndi.ldap.object.factoriesFilter}:
120* <br>The value of this system property defines a filter used by
121* the JDK LDAP provider implementation to further restrict the set of object factory classes which will
122* be allowed to instantiate objects from object references returned by LDAP systems.
123* The factory class named by the {@linkplain javax.naming.Reference reference instance} first will be
124* matched against this specific filter and then against the global filter. The factory class is rejected
125* if any of these two filters reject it, or if none of them allow it.
126* The filter property supports pattern-based filter syntax with the same format as
127* {@link java.io.ObjectInputFilter.Config#createFilter(String) jdk.serialFilter}. Limit patterns
128* specified in the filter property are unused.
129* <br>The default value allows any object factory class provided by the JDK LDAP provider
130* implementation.
131* <br>This system property will be used to filter LDAP specific object factories only if
132* global {@link javax.naming.spi.ObjectFactoryBuilder} is {@linkplain
133* javax.naming.spi.NamingManager#setObjectFactoryBuilder(javax.naming.spi.ObjectFactoryBuilder)
134* not set}.
135* </li>
136* </ul>
137* <p>Other providers may define additional properties in their module description:
138* <ul>
139* <li><a href="{@docRoot}/jdk.naming.dns/module-summary.html">DNS Naming Provider</a></li>
140* <li><a href="{@docRoot}/jdk.naming.rmi/module-summary.html">RMI Naming Provider</a></li>
141* </ul>
142* @provides java.security.Provider
143*
144* @uses javax.naming.ldap.StartTlsResponse
145* @uses javax.naming.ldap.spi.LdapDnsProvider
146* @uses javax.naming.spi.InitialContextFactory
147*
148* @moduleGraph
149* @since 9
150*/
151module java.naming {
152requires java.security.sasl;
153
154exports javax.naming;
155exports javax.naming.directory;
156exports javax.naming.event;
157exports javax.naming.ldap;
158exports javax.naming.spi;
159exports javax.naming.ldap.spi;
160
161exports com.sun.jndi.toolkit.ctx to
162jdk.naming.dns;
163exports com.sun.jndi.toolkit.url to
164jdk.naming.dns,
165jdk.naming.rmi;
166exports com.sun.naming.internal to
167jdk.naming.rmi;
168
169uses javax.naming.ldap.StartTlsResponse;
170uses javax.naming.spi.InitialContextFactory;
171uses javax.naming.ldap.spi.LdapDnsProvider;
172
173provides java.security.Provider with
174sun.security.provider.certpath.ldap.JdkLDAP;
175}
176