8245527: LDAP Channel Binding support for Java GSS/Kerberos

Reviewed-by: dfuchs, aefimov, mullan
2025-09-22 12:04:39 +02:00 · 2020-09-25 07:26:54 +00:00 · 2020-09-25 07:26:54 +00:00 · cfa3f74931
commit cfa3f74931
parent 37b70282b5
10 changed files with 542 additions and 11 deletions
--- a/src/java.naming/share/classes/module-info.java
+++ b/src/java.naming/share/classes/module-info.java
@ -59,6 +59,20 @@
 *         <br>If this property is not specified, the default is to wait
 *         for the response until it is received.
 *     </li>
+ *     <li>{@code com.sun.jndi.ldap.tls.cbtype}:
+ *         <br>The value of this property is the string representing the TLS
+ *         Channel Binding type required for an LDAP connection over SSL/TLS.
+ *         Possible value is :
+ *         <ul>
+ *             <li>"tls-server-end-point" - Channel Binding data is created on
+ *                 the basis of the TLS server certificate.
+ *             </li>
+ *         </ul>
+ *         <br>"tls-unique" TLS Channel Binding type is specified in RFC-5929
+ *         but not supported.
+ *         <br>If this property is not specified, the client does not send
+ *         channel binding information to the server.
+ *     </li>
 * </ul>
 *
 * @provides javax.naming.ldap.spi.LdapDnsProvider