Wikipedia

Java Naming and Directory Interface: Difference between revisions

Browse history interactively
← Previous edit
Content deleted Content added
VisualWikitext
Techi2ee (talk | contribs)
45 edits
Added reference to a major vulnerability enabled by careless use of JNDI
 
(143 intermediate revisions by more than 100 users not shown)
Line 1:
{{more citations needed|date=July 2014}}
The '''Java Naming and Directory Interface''' ('''JNDI''') is ana Java [[Application programming interface|API]] for a [[directory service]] that allows Java software clients to discover and lookuplook up data and resources (in the form of Java [[Object (computer science)|objects]]) via a name. Like all [[Java (programming language)|Java]] APIs that interface with host systems, JNDI is independent of the underlying implementation. Additionally, it specifies a [[service provider interface]] (SPI) that allows [[directory service]] implementations to be plugged into the framework.<ref>{{Cite web|url=http://www.oracle.com/technetwork/java/javase/tech/index-jsp-140184.html|title=Java SE - Core Technologies - Java Naming and Directory Interface (JNDI)|website=www.oracle.com|access-date=2016-12-17}}</ref> The implementationsinformation looked up via JNDI may makebe usesupplied ofby a server, a flat file, or a database; the choice is up to the vendor.implementation used.
 
Typical uses of JNDI include:
* connecting a Java application to an external directory service (such as an address database or an [[LDAP]] server)
* allowing a [[Java Servlet]] to look up configuration information provided by the hosting [[web container]]<ref>
{{cite web|title=JNDI Resources HOW-TO|url=http://tomcat.apache.org/tomcat-7.0-doc/jndi-resources-howto.html|work=Apache Tomcat 7 User Guide|publisher=Apache Software Foundation|access-date=21 January 2014}}</ref>
 
==Background==
The JNDI API is used by the Java [[Java remote method invocation|RMI]] and [[Java EE]] APIs use the JNDI API to lookuplook up objects in a network.<ref>{{Cite [[Jini]]web|url=http://docs.oracle.com/javase/8/docs/technotes/guides/jndi/jndi-rmi.html|title=JNDI/RMI hasRegistry itsService own lookup service and does not use the JNDI APIProvider|website=docs. oracle.com|access-date=2016-12-17}}</ref>
 
The API provides:
* a mechanism to bind an object to a name
* a directory -lookup interface that allows general queries
* an event interface that allows clients to determine when directory entries have been modified
* LDAP extensions to support the additional capabilities of an LDAP service.
 
The [[Service provider interface|SPI]] portion allows support for practically any kind of naming or directory service, including:
 
The SPI portion allows support for practically any kind of naming or directory service including:
* [[Lightweight Directory Access Protocol|LDAP]]
* [[Domain Name System|DNS]]
* [[Network Information Service|NIS]]
* [[Java RMI|RMI]]
* [[CORBA]] name service
* [[Filefile system]]
 
[[Sun Microsystems]] first released the JNDI specification on March 10, 1997.<ref>
The JNDI specification was first released by [[Sun Microsystems]] on [[March 10]], [[1997]].[http://www.sun.com/smi/Press/sunflash/1997-03/sunflash.970310.10204.html] [[As of 2006]], the current version is JNDI 1.2.
{{cite web |url=http://www.sun.com/smi/Press/sunflash/1997-03/sunflash.970310.10204.html |title=SUN MICROSYSTEMS, INC. INTRODUCES JAVA NAMING AND DIRECTORY INTERFACE API |date=1997-03-10 |website=sun.com |archive-url=https://web.archive.org/web/20040908114732/http://www.sun.com/smi/Press/sunflash/1997-03/sunflash.970310.10204.html |archive-date=2004-09-08}}</ref> {{As of|2006}}, the current version is JNDI 1.2.
 
== Basic lookup ==
JNDI (Java Naming and Directory Interface) organizes its names into a hierarchy. A name can be any string such as "com.mydomainexample.ejb.MyBean". A name can also be an object that supportsimplements the <code>Name</code> interface,; however, a string is the most common way to name an object. A name is bound to an object in the directory by storing either the object or a [[JNDI reference|reference]] to the object in the directory service identified by the name.
 
JNDI organizes its names into a hierarchy. A name can be any string such as "com.mydomain.ejb.MyBean". A name can also be an object that supports the <code>Name</code> interface, however a string is the most common way to name an object. A name is bound to an object in the directory by storing either the object or a [[JNDI reference|reference]] to the object in the directory service identified by the name.
 
The JNDI API defines a context that specifies where to look for an object. The initial context is typically used as a starting point.
Line 28 ⟶ 34:
In the simplest case, an initial context must be created using the specific implementation and extra parameters required by the implementation. The initial context will be used to look up a name. The initial context is analogous to the root or top of a directory tree for a file system. Below is an example of creating an initial context:
 
<sourcesyntaxhighlight lang="java">
Hashtable argscontextArgs = new Hashtable<String, String>();
 
//first First you must specify the context factory.
// This is how you choose between jboss implementation
// vs. an implementation from Sun or other vendors.
argscontextArgs.put( Context.INITIAL_CONTEXT_FACTORY, "com.jndiprovider.TheirContextFactory" );
 
// The next argument is the URL specifying where the data store is:
argscontextArgs.put( Context.PROVIDER_URL, "jndiprovider-database" );
//You may also have to provide security credentials
 
//next you create the initial context
// (You may also have to provide security credentials)
Context myCurrentContext = new InitialContext( args );
 
</source>
//next Next you create the initial context
Context myCurrentContext = new InitialContext(contextArgs);
</syntaxhighlight>
 
A context is then used to look up previously bound names in that context. For example:
 
<sourcesyntaxhighlight lang="java">
ObjectMyBean referencemyBean = (MyBean) myCurrentContext.lookup( "com.mydomain.MyBean" );
</syntaxhighlight>
//this step is needed for EJB beans.
MyBean myBean = (MyBean) PortableRemoteObject.narrow( reference, MyBean.class );
</source>
 
Alternative to above code is as below:
== Searching ==
 
The Context object can also be configured by adding jndi.properties file in classpath containing initial context factory class name and provider URL. The above code will be reduced as shown below:
Attributes may be attached to special entries called directories. Directories are required in order to enable searching for objects by their associated attributes. Directories are a type of context, they restrict the name space much like a directory structure on a file system does.
 
<syntaxhighlight lang="java">
== External links ==
//just need to create initial context object, it will try to read jndi.properties file from the classpath.
Context myCurrentContext = new InitialContext( args );
</syntaxhighlight>
 
A context is then used to look up previously bound names in that context. For example:
* [http://java.sun.com/products/jndi/ Sun's JNDI page]
 
<syntaxhighlight lang="java">
MyBean myBean = (MyBean) PortableRemoteObject myCurrentContext.narrowlookup( reference, "com.mydomain.MyBean.class ");
</syntaxhighlight>
 
== Searching ==
Attributes may be attached to special entries called directories. Directories are required in order to enable searching for objects by their associated attributes. Directories are a type of context,; they restrict the name space much like a directory structure on a file system does.<ref>{{Cite web|url=http://docs.oracle.com/javase/jndi/tutorial/basics/directory/filter.html|title=Search Filters|website=docs.oracle.com|access-date=2016-12-17}}</ref>
 
==See also==
{{Portal|Computer programming}}
* [[Service locator pattern]]
* [[Log4Shell]]
 
==References==
<references />
 
== External links ==
*[http://docs.oracle.com/javase/7/docs/technotes/guides/jndi/index.html Java SE 7 JNDI page]
*[http://docs.oracle.com/javase/8/docs/technotes/guides/jndi/index.html Java SE 8 JNDI page]
*[https://docs.oracle.com/javase/8/docs/technotes/guides/jndi/reference.html Java SE 8 JNDI <code>javax.naming</code> Reference Documentation]
* [http://javadocs.sunoracle.com/productsjavase/jndi/tutorial/ Sun'sThe JNDI pageTutorial]
 
{{Java (Sun)}}
 
[[ca{{DEFAULTSORT:Java Naming andAnd Directory Interface]]}}
[[Category:Java enterprise platform|Naming and Directory Interface]]
[[Category:Java APIs]]
[[Category:Application layer protocols]]
 
[[ca:Java Naming and Directory Interface]]
[[da:JNDI]]
[[de:Java Naming and Directory Interface]]
[[es:JNDI]]
[[fr:JNDI]]
[[ja:Java Naming and Directory Interface]]
[[pl:JNDI]]
[[pt:JNDI]]
[[sv:JNDI]]
[[zh:JNDI]]
[[pl:JNDI]]
[[pt:JNDI]]
[[sv:JNDI]]
[[zh:JNDI]]
Retrieved from "https://en.wikipedia.org/wiki/Java_Naming_and_Directory_Interface"