1 /*
2  * Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.  Oracle designates this
8  * particular file as subject to the "Classpath" exception as provided
9  * by Oracle in the LICENSE file that accompanied this code.
10  *
11  * This code is distributed in the hope that it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14  * version 2 for more details (a copy is included in the LICENSE file that
15  * accompanied this code).
16  *
17  * You should have received a copy of the GNU General Public License version
18  * 2 along with this work; if not, write to the Free Software Foundation,
19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20  *
21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22  * or visit www.oracle.com if you need additional information or have any
23  * questions.
24  */
25 
26 /**
27  * Defines the Java Naming and Directory Interface (JNDI) API.
28  * <p>
29  * Common standard JNDI environment properties that may be supported
30  * by JNDI providers are defined and documented in
31  * {@link javax.naming.Context}. Specific JNDI provider implementations
32  * may also support other environment or system properties, which are specific
33  * to their implementation.
34  *
35  * @implNote
36  * The following implementation specific environment properties are supported by the
37  * default LDAP Naming Service Provider implementation in the JDK:
38  * <ul>
39  *     <li>{@code com.sun.jndi.ldap.connect.timeout}:
40  *         <br>The value of this property is the string representation
41  *         of an integer representing the connection timeout in
42  *         milliseconds. If the LDAP provider cannot establish a
43  *         connection within that period, it aborts the connection attempt.
44  *         The integer should be greater than zero. An integer less than
45  *         or equal to zero means to use the network protocol's (i.e., TCP's)
46  *         timeout value.
47  *         <br> If this property is not specified, the default is to wait
48  *         for the connection to be established or until the underlying
49  *         network times out.
50  *     </li>
51  *     <li>{@code com.sun.jndi.ldap.read.timeout}:
52  *         <br>The value of this property is the string representation
53  *         of an integer representing the read timeout in milliseconds
54  *         for LDAP operations. If the LDAP provider cannot get a LDAP
55  *         response within that period, it aborts the read attempt. The
56  *         integer should be greater than zero. An integer less than or
57  *         equal to zero means no read timeout is specified which is equivalent
58  *         to waiting for the response infinitely until it is received.
59  *         <br>If this property is not specified, the default is to wait
60  *         for the response until it is received.
61  *     </li>
62  *     <li>{@code com.sun.jndi.ldap.tls.cbtype}:
63  *         <br>The value of this property is the string representing the TLS
64  *         Channel Binding type required for an LDAP connection over SSL/TLS.
65  *         Possible value is :
66  *         <ul>
67  *             <li>"tls-server-end-point" - Channel Binding data is created on
68  *                 the basis of the TLS server certificate.
69  *             </li>
70  *         </ul>
71  *         <br>"tls-unique" TLS Channel Binding type is specified in RFC-5929
72  *         but not supported.
73  *         <br>If this property is not specified, the client does not send
74  *         channel binding information to the server.
75  *     </li>
76  * </ul>
77  * <p>The following implementation specific system properties are supported by the
78  * default LDAP Naming Service Provider implementation in the JDK:
79  * <ul>
80  *     <li>{@systemProperty com.sun.jndi.ldap.object.trustSerialData}:
81  *          <br>The value of this system property is the string representation of a boolean value
82  *          which allows to control the deserialization of java objects from the 'javaSerializedData'
83  *          LDAP attribute. To prevent the deserialization of java objects from the 'javaSerializedData'
84  *          attribute, the system property value can be set to 'false'.
85  *          <br>If the property is not specified then the deserialization of java objects
86  *          from the 'javaSerializedData' attribute is allowed.
87  *     </li>
88  *     <li>{@systemProperty jdk.jndi.object.factoriesFilter}:
89  *          <br>The value of this system property defines a filter used by
90  *          the JNDI runtime implementation to control the set of object factory classes which will
91  *          be allowed to instantiate objects from object references returned by naming/directory systems.
92  *          The factory class named by the reference instance will be matched against this filter.
93  *          The filter property supports pattern-based filter syntax with the same format as
94  *          {@link java.io.ObjectInputFilter.Config#createFilter(String) jdk.serialFilter}.
95  *          This property can also be specified as a {@linkplain java.security.Security security property}.
96  *          This property is also supported by the <a href="{@docRoot}/jdk.naming.rmi/module-summary.html">default JNDI
97  *          RMI Provider</a>.
98  *          <br>The default value allows any object factory class specified by the reference
99  *          instance to recreate the referenced object.
100  *     </li>
101  * </ul>
102  * <p>Other providers may define additional properties in their module description:
103  * <ul>
104  *  <li><a href="{@docRoot}/jdk.naming.dns/module-summary.html">DNS Naming Provider</a></li>
105  *  <li><a href="{@docRoot}/jdk.naming.rmi/module-summary.html">RMI Naming Provider</a></li>
106  * </ul>
107  * @provides javax.naming.ldap.spi.LdapDnsProvider
108  *
109  * @uses javax.naming.ldap.spi.LdapDnsProvider
110  *
111  * @moduleGraph
112  * @since 9
113  */
114 module java.naming {
115     requires java.security.sasl;
116 
117     exports javax.naming;
118     exports javax.naming.directory;
119     exports javax.naming.event;
120     exports javax.naming.ldap;
121     exports javax.naming.spi;
122     exports javax.naming.ldap.spi;
123 
124     exports com.sun.jndi.toolkit.ctx to
125         jdk.naming.dns;
126     exports com.sun.jndi.toolkit.url to
127         jdk.naming.dns,
128         jdk.naming.rmi;
129 
130     uses javax.naming.ldap.StartTlsResponse;
131     uses javax.naming.spi.InitialContextFactory;
132     uses javax.naming.ldap.spi.LdapDnsProvider;
133 
134     provides java.security.Provider with
135         sun.security.provider.certpath.ldap.JdkLDAP;
136 }
137