JNDI Security
JNDI security depends on the underlying Service Provider. Simple services, such as the transient CORBA name service supplied with J2SE, do not support security. These services allow any client to perform any operation.
In a production environment, security is paramount to ensuring the integrity of the data in the JNDI server. Many organizations will use LDAP to provide a naming service that supports security.
LDAP security is based on three categories:
Anonymous— No security information is provided.
Simple— The client provides a clear text name and password.
Simple Authentication and Security Layer (SASL)— The client and server negotiate an authentication system based on a challenge and response protocol that conforms to RFC2222. ...
Get Sams Teach Yourself J2EE™ in 21 Days, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
