51 lines
1.5 KiB
Plaintext
51 lines
1.5 KiB
Plaintext
include::../description.adoc[]
|
|
|
|
== Noncompliant Code Example
|
|
|
|
This rule raises an issue when an LDAP connection is created with ``++Context.SECURITY_AUTHENTICATION++`` set to ``++"none"++``.
|
|
|
|
[source,java]
|
|
----
|
|
// Set up the environment for creating the initial context
|
|
Hashtable<String, Object> env = new Hashtable<String, Object>();
|
|
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
|
|
env.put(Context.PROVIDER_URL, "ldap://localhost:389/o=JNDITutorial");
|
|
|
|
// Use anonymous authentication
|
|
env.put(Context.SECURITY_AUTHENTICATION, "none"); // Noncompliant
|
|
|
|
// Create the initial context
|
|
DirContext ctx = new InitialDirContext(env);
|
|
----
|
|
|
|
== Compliant Solution
|
|
|
|
[source,java]
|
|
----
|
|
// Set up the environment for creating the initial context
|
|
Hashtable<String, Object> env = new Hashtable<String, Object>();
|
|
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
|
|
env.put(Context.PROVIDER_URL, "ldap://localhost:389/o=JNDITutorial");
|
|
|
|
// Use simple authentication
|
|
env.put(Context.SECURITY_AUTHENTICATION, "simple");
|
|
env.put(Context.SECURITY_PRINCIPAL, "cn=S. User, ou=NewHires, o=JNDITutorial");
|
|
env.put(Context.SECURITY_CREDENTIALS, getLDAPPassword());
|
|
|
|
// Create the initial context
|
|
DirContext ctx = new InitialDirContext(env);
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
include::../highlighting.adoc[]
|
|
|
|
endif::env-github,rspecator-view[]
|