2023-06-29 16:45:36 +02:00
|
|
|
include::../common/rationale.adoc[]
|
|
|
|
|
|
2023-05-03 11:06:20 +02:00
|
|
|
== Why is this an issue?
|
|
|
|
|
|
2023-06-29 16:45:36 +02:00
|
|
|
include::../common/description.adoc[]
|
|
|
|
|
|
|
|
|
|
=== What is the potential impact?
|
|
|
|
|
|
|
|
|
|
include::../common/impact.adoc[]
|
|
|
|
|
|
|
|
|
|
== How to fix it
|
|
|
|
|
|
|
|
|
|
=== Code examples
|
2020-06-30 12:49:37 +02:00
|
|
|
|
2023-06-29 16:45:36 +02:00
|
|
|
include::../common/fix/code-rationale.adoc[]
|
2020-06-30 12:49:37 +02:00
|
|
|
|
2023-06-29 16:45:36 +02:00
|
|
|
==== Noncompliant code example
|
2020-06-30 14:49:38 +02:00
|
|
|
|
2023-06-29 16:45:36 +02:00
|
|
|
[source,java,diff-id=1,diff-type=noncompliant]
|
2020-06-30 12:49:37 +02:00
|
|
|
----
|
|
|
|
|
// Set up the environment for creating the initial context
|
|
|
|
|
Hashtable<String, Object> env = new Hashtable<String, Object>();
|
|
|
|
|
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
|
|
|
|
|
env.put(Context.PROVIDER_URL, "ldap://localhost:389/o=JNDITutorial");
|
|
|
|
|
|
|
|
|
|
// Use anonymous authentication
|
|
|
|
|
env.put(Context.SECURITY_AUTHENTICATION, "none"); // Noncompliant
|
|
|
|
|
|
|
|
|
|
// Create the initial context
|
|
|
|
|
DirContext ctx = new InitialDirContext(env);
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
|
2023-06-29 16:45:36 +02:00
|
|
|
==== Compliant solution
|
|
|
|
|
|
|
|
|
|
[source,java,diff-id=1,diff-type=compliant]
|
2020-06-30 12:49:37 +02:00
|
|
|
----
|
|
|
|
|
// Set up the environment for creating the initial context
|
|
|
|
|
Hashtable<String, Object> env = new Hashtable<String, Object>();
|
|
|
|
|
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
|
2023-06-29 16:45:36 +02:00
|
|
|
env.put(Context.PROVIDER_URL, "ldap://localhost:389/o=Example");
|
2020-06-30 12:49:37 +02:00
|
|
|
|
|
|
|
|
// Use simple authentication
|
|
|
|
|
env.put(Context.SECURITY_AUTHENTICATION, "simple");
|
2023-06-29 16:45:36 +02:00
|
|
|
env.put(Context.SECURITY_PRINCIPAL, "cn=local, ou=Unit, o=Example");
|
2020-06-30 12:49:37 +02:00
|
|
|
env.put(Context.SECURITY_CREDENTIALS, getLDAPPassword());
|
|
|
|
|
|
|
|
|
|
// Create the initial context
|
|
|
|
|
DirContext ctx = new InitialDirContext(env);
|
|
|
|
|
----
|
|
|
|
|
|
2023-06-29 16:45:36 +02:00
|
|
|
//=== How does this work?
|
|
|
|
|
|
|
|
|
|
//=== Pitfalls
|
|
|
|
|
|
|
|
|
|
//=== Going the extra mile
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
== Resources
|
|
|
|
|
//=== Documentation
|
|
|
|
|
|
|
|
|
|
include::../common/resources/documentation.adoc[]
|
|
|
|
|
|
|
|
|
|
//=== Articles & blog posts
|
|
|
|
|
//=== Conference presentations
|
|
|
|
|
//=== Standards
|
|
|
|
|
|
|
|
|
|
include::../common/resources/standards.adoc[]
|
|
|
|
|
|
|
|
|
|
//=== Benchmarks
|
2023-06-22 10:38:01 +02:00
|
|
|
|
2021-09-20 15:38:42 +02:00
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
|
|
|
|
|
|
'''
|
|
|
|
|
== Implementation Specification
|
|
|
|
|
(visible only on this page)
|
|
|
|
|
|
|
|
|
|
include::../message.adoc[]
|
|
|
|
|
|
|
|
|
|
include::../highlighting.adoc[]
|
|
|
|
|
|
2023-06-29 16:45:36 +02:00
|
|
|
endif::env-github,rspecator-view[]
|
