Security

 

You need to understand the effect of the SECURITY_AUTHENTICATION property described in Configuration.

• If you set this parameter to none, JNDI does not pass any security credentials to the service provider, and anonymous authentication is performed.

• If you set the parameter to either simple or CRAM-MD5, security credentials are passed through JNDI to the underlying service provider. These security credentials are in the form of a user distinguished name (User DN) and password.

If security credentials are required, you are prompted for these when the tool initializes. Avoid this by setting the PROVIDER_USERDN and PROVIDER_PASSWORD properties in the JMSAdmin configuration file.

If you do not use these properties, the text typed, including the password, is echoed to the screen. This may have security implications.

The tool does no authentication itself; the task is delegated to the LDAP server. The LDAP server administrator must set up and maintain access privileges to different parts of the directory. If authentication fails, the tool displays an appropriate error message and terminates.

More detailed information about security and JNDI is in the documentation at Sun's Java™ web site (http://java.sun.com).

uj10830_