Common standard JNDI environment properties that may be supported
by JNDI providers are defined and documented in
Context. Specific JNDI provider implementations
may also support other environment or system properties, which are specific
to their implementation.
- Implementation Note:
- The following implementation specific environment properties are supported by the
default LDAP Naming Service Provider implementation in the JDK:
The value of this property is the string representation of an integer representing the connection timeout in milliseconds. If the LDAP provider cannot establish a connection within that period, it aborts the connection attempt. The integer should be greater than zero. An integer less than or equal to zero means to use the network protocol's (i.e., TCP's) timeout value.
If this property is not specified, the default is to wait for the connection to be established or until the underlying network times out.
The value of this property is the string representation of an integer representing the read timeout in milliseconds for LDAP operations. If the LDAP provider cannot get a LDAP response within that period, it aborts the read attempt. The integer should be greater than zero. An integer less than or equal to zero means no read timeout is specified which is equivalent to waiting for the response infinitely until it is received.
If this property is not specified, the default is to wait for the response until it is received.
The value of this property is the string representing the TLS Channel Binding type required for an LDAP connection over SSL/TLS. Possible value is :
- "tls-server-end-point" - Channel Binding data is created on the basis of the TLS server certificate.
"tls-unique" TLS Channel Binding type is specified in RFC-5929 but not supported.
If this property is not specified, the client does not send channel binding information to the server.
The following implementation specific system properties are supported by the default LDAP Naming Service Provider implementation in the JDK:
The value of this system property is the string representation of a boolean value which allows to control the deserialization of java objects from the 'javaSerializedData' LDAP attribute. To prevent the deserialization of java objects from the 'javaSerializedData' attribute, the system property value can be set to 'false'.
If the property is not specified then the deserialization of java objects from the 'javaSerializedData' attribute is allowed.
The value of this system property defines a filter used by the JNDI runtime implementation to control the set of object factory classes which will be allowed to instantiate objects from object references returned by naming/directory systems. The factory class named by the reference instance will be matched against this filter. The filter property supports pattern-based filter syntax with the same format as
jdk.serialFilter. This property can also be specified as a security property. This property is also supported by the default JNDI RMI Provider.
The default value allows any object factory class specified by the reference instance to recreate the referenced object.
Other providers may define additional properties in their module description:
- Module Graph:
PackagesPackageDescriptionProvides the classes and interfaces for accessing naming services.Extends the
javax.namingpackage to provide functionality for accessing directory services.Provides support for event notification when accessing naming and directory services.Provides support for LDAPv3 extended operations and controls.Provides the means for dynamically plugging in support for accessing naming and directory services through the
javax.namingand related packages.
ServicesTypeDescriptionService-provider class for DNS lookups when performing LDAP operations.