CONTENTS | PREV | NEXT |
Some JNDI applications need a way to communicate various preferences and information that define the environment in which naming and directory services are accessed. For example, an application might need to specify the level of security for accessing a directory service. Or, when directory and naming services are distributed, the source of information is in more than one place--replicas, master, caches, etc. An application might want to access information from the authoritative source and needs to indicate this information to the JNDI system.
To address these requirements, JNDI defines a number of properties that developers and users can use to provide configuration information to the JNDI system. These are called environment properties .
There are different types of environment properties:
Context
interface
defines constants for most of these environment property
names.com.sun.jndi.ldap
, properties specific to Sun's LDAP
provider have the prefix "com.sun.jndi.ldap.".See Context Environment for security-related considerations when using environment properties.
Although the support for environment properties is rather extensive, it is important to note that an application typically does not need to deal with them, or only needs to set one or two properties. Most properties have reasonable defaults and only need to be adjusted when the application has special requirements.
A context's environment
is represented as a java.util.Hashtable
or any of its
subclasses (e.g., java.util.Properties 1
). It is typically
specified using an argument to the InitialContext
,
InitialDirContext
, or InitialLdapContext
constructors, and augmented with data from other sources (as
discussed in the rest of this section). They are inherited from the
parent context as context methods proceed from one context to the
next. For example, the following code creates an environment
consisting of two security-related properties and creates an
initial context using that environment.
Hashtable env = new Hashtable(); env.put(Context.SECURITY_PRINCIPAL, "jsmith"); env.put(Context.SECURITY_CREDENTIALS, "xxxxxxx"); Context ctx = new InitialContext(env);
Contexts that are looked up or otherwise derived from this initial context will have these two properties in their environment.
A context's environment
can be examined using Context.getEnvironment()
.
Not all environment properties are meaningful to all contexts. Those that are not meaningful are ignored by the context but inherited by derived contexts (because they might be meaningful, for instance, to federated contexts).
A JNDI resource file is
a file in the properties file format (see
java.util.Properties
). The file contains a list of
key/value pairs. The key is the name of the property (e.g.,
"java.naming.factory.object") and the value is a string
in the format defined for that property. Here is an example of a
JNDI resource file:
java.naming.factory.object=com.wiz.jndi.AttrsToCorba:com.wiz.jndi.ToPerson java.naming.factory.state=com.wiz.jndi.CorbaToAttrs:com.wiz.jndi.FromPerson java.naming.factory.control=com.wiz.jndi.MyResponseControlFactory
There are two kinds of JNDI resource files: application and provider.
When an application is
deployed, it will generally have several codebase directories and
JARs in its classpath. Similarly, when an applet is deployed, it
will have a codebase and archives specifying where to find the
applet's classes. JNDI locates all application resource files named
jndi.properties
in the classpath. In addition, if the
file $JAVA_HOME/lib/jndi.properties
exists and is
readable, JNDI treats it as an additional application resource
file. ( $JAVA_HOME
is the directory named by the
java.home
system property.) All of the properties
contained in these files are placed into the environment of the
initial context. This environment is then inherited by other
contexts.
For each property found
in more than one application resource file, JNDI uses the first
value found or, in a few cases where it makes sense to do so, it
concatenates all of the values. For example, if the
java.naming.factory.object
property is found in three
jndi.properties
resource files, the list of object
factories is a concatenation of the property values from all three
files. Using this scheme, each deployable component is responsible
for listing the factories that it exports. JNDI automatically
collects and uses all of these export lists when searching for
factory classes.
Application resource
files are available beginning with the Java 2 Platform, except that
the file in $JAVA_HOME/lib
can be used on all Java
platforms.
Each service provider has an optional resource file that contains properties specific to that provider. The name of this resource is:
[prefix/]jndiprovider.properties
where prefix is the package name of the provider's context implementation(s), with each period (".") converted to a slash ("/").
The JNDI library will consult the provider resource file when determining the values of certain properties. Properties other than these can be set in the provider resource file at the discretion of the service provider. The service provider's documentation should clearly state which properties are allowed.
Certain standard JNDI properties can alternately be set in the Java runtime's system properties, or in an applet's parameter list. These properties are:
java.naming.factory.initial java.naming.factory.object java.naming.factory.state java.naming.factory.control java.naming.factory.url.pkgs java.naming.provider.url java.naming.dns.url
For JNDI to access an
applet's parameters, the applet code must set the
java.naming.applet
environment property to an instance
of the applet ( java.applet.Applet
).
When these properties are set as system properties or applet parameters, they affect all of the application's/applet's contexts.
When JNDI constructs an initial context, the context's environment is initialized with properties defined in the environment parameter passed to the constructor and all application resource files. For the application/applet-scope properties, their values from the system properties and the applet parameters are also used.
JNDI passes the resulting environment to the initial context implementation. The environment is then inherited by contexts that are derived from the initial context. Since JNDI performs any necessary merging of the properties and their values, there is no need for the application or context implementation to directly consult the system properties or applet parameters.
A context's environment
can be changed using the addToEnvironment()
and
removeFromEnvironment()
methods:
public interface Context { public Object addToEnvironment(String propName, Object val) throws NamingException; public Object removeFromEnvironment(String propName) throws NamingException; ... }
Not all environment properties are meaningful to all contexts. Changes to those that are not meaningful are still recorded and passed onto derived contexts.
Changing a property
using the addToEnvironment()
or
removeFromEnvironment()
methods affects the context
instance on which the method is invoked. For example, if you
specify new credentials for a context to use, subsequent methods
invoked on that context that require communication with the server
will use those new credentials (perhaps internally by first
creating a new connection to the server). These updated environment
properties are inherited by context instances that are subsequently
derived from the affected context instance, but do not otherwise
affect other context instances that were in existence prior to the
update.
When a change is made
to the environment properties, there is no requirement that the
change be verified and acted upon at the time
addToEnvironment()
or
removeFromEnvironment()
is invoked. The only
requirement is that the change (or changes) be effective the next
time an operation that uses that property is invoked.
For some environment properties, JNDI defines defaults (see Appendix A). For others, the default might be determined by the service provider or a group of service providers. If a context's environment does not have a particular property, the context behaves as if its environment has that property with its default value.
When a property is removed from a context's environment, the context assumes the default behavior specified for that property. This does not necessarily mean that the default value must be recorded as the property's value. The removal may also be indicated by the absence of the property from the context's environment.
Some environment
properties have a fixed set of acceptable values while others have
values that must follow a particular syntax. If an unacceptable
value is presented, a property-specific exception will be thrown
(for example, ConfigurationException
,
IllegalArgumentException
, or
AuthenticationNotSupportedException
). In some cases,
it might be reasonable for the service provider to accept
additional values than those specified, in which case, those values
should be documented.