diff -r b0dd05ec3db1 -r bab15bbe2ca3 jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java --- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java Tue Apr 28 11:10:45 2015 -0700 +++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java Wed Apr 29 17:29:14 2015 +0400 @@ -44,28 +44,28 @@ /** - *
The module prompts for a username and password + * The module prompts for a username and password * and then verifies the password against the password stored in * a directory service configured under JNDI. * - *
This LoginModule
interoperates with
+ *
This {@code LoginModule} interoperates with
* any conformant JNDI service provider. To direct this
- * LoginModule
to use a specific JNDI service provider,
- * two options must be specified in the login Configuration
- * for this LoginModule
.
+ * {@code LoginModule} to use a specific JNDI service provider,
+ * two options must be specified in the login {@code Configuration}
+ * for this {@code LoginModule}.
*
* user.provider.url=name_service_url * group.provider.url=name_service_url ** * name_service_url specifies - * the directory service and path where this
LoginModule
+ * the directory service and path where this {@code LoginModule}
* can access the relevant user and group information. Because this
- * LoginModule
only performs one-level searches to
- * find the relevant user information, the URL
+ * {@code LoginModule} only performs one-level searches to
+ * find the relevant user information, the {@code URL}
* must point to a directory one level above where the user and group
* information is stored in the directory service.
- * For example, to instruct this LoginModule
+ * For example, to instruct this {@code LoginModule}
* to contact a NIS server, the following URLs must be specified:
* * user.provider.url="nis://NISServerHostName/NISDomain/user" @@ -90,14 +90,14 @@ * *The format in which the user's information must be stored in * the directory service is specified in RFC 2307. Specifically, - * this
LoginModule
will search for the user's entry in the + * this {@code LoginModule} will search for the user's entry in the * directory service using the user's uid attribute, * where uid=username. If the search succeeds, - * thisLoginModule
will then + * this {@code LoginModule} will then * obtain the user's encrypted password from the retrieved entry * using the userPassword attribute. - * ThisLoginModule
assumes that the password is stored - * as a byte array, which when converted to aString
, + * This {@code LoginModule} assumes that the password is stored + * as a byte array, which when converted to a {@code String}, * has the following format: ** "{crypt}encrypted_password" @@ -106,12 +106,12 @@ * The LDAP directory server must be configured * to permit read access to the userPassword attribute. * If the user entered a valid username and password, - * thisLoginModule
associates a - *UnixPrincipal
,UnixNumericUserPrincipal
, + * this {@code LoginModule} associates a + * {@code UnixPrincipal}, {@code UnixNumericUserPrincipal}, * and the relevant UnixNumericGroupPrincipals with the - *Subject
. + * {@code Subject}. * - *This LoginModule also recognizes the following
Configuration
+ *This LoginModule also recognizes the following {@code Configuration} * options: *
* debug if, true, debug messages are output to System.out. @@ -144,7 +144,7 @@ * exist for the username and password in the shared state, * or if authentication fails. * - * clearPass if, true, thisLoginModule
clears the + * clearPass if, true, this {@code LoginModule} clears the * username and password stored in the module's shared state * after both phases of authentication (login and commit) * have completed. @@ -208,21 +208,19 @@ private static final String PWD = "javax.security.auth.login.password"; /** - * Initialize thisLoginModule
. + * Initialize this {@code LoginModule}. * - *- * - * @param subject the
Subject
to be authenticated.+ * @param subject the {@code Subject} to be authenticated. * - * @param callbackHandler a
CallbackHandler
for communicating + * @param callbackHandler a {@code CallbackHandler} for communicating * with the end user (prompting for usernames and - * passwords, for example).+ * passwords, for example). * - * @param sharedState shared
LoginModule
state.+ * @param sharedState shared {@code LoginModule} state. * * @param options options specified in the login - *
Configuration
for this particular - *LoginModule
. + * {@code Configuration} for this particular + * {@code LoginModule}. */ // Unchecked warning from (Map)sharedState is safe // since javax.security.auth.login.LoginContext passes a raw HashMap. @@ -255,17 +253,15 @@ } /** - * Prompt for username and password. + * Prompt for username and password. * Verify the password against the relevant name service. * - *
- * - * @return true always, since this
LoginModule
+ * @return true always, since this {@code LoginModule} * should not be ignored. * - * @exception FailedLoginException if the authentication fails.+ * @exception FailedLoginException if the authentication fails. * - * @exception LoginException if this
LoginModule
+ * @exception LoginException if this {@code LoginModule} * is unable to perform the authentication. */ public boolean login() throws LoginException { @@ -367,15 +363,13 @@ * *If this LoginModule's own authentication attempt * succeeded (checked by retrieving the private state saved by the - *
login
method), then this method associates a - *UnixPrincipal
- * with theSubject
located in the - *LoginModule
. If this LoginModule's own + * {@code login} method), then this method associates a + * {@code UnixPrincipal} + * with the {@code Subject} located in the + * {@code LoginModule}. If this LoginModule's own * authentication attempted failed, then this method removes * any state that was originally saved. * - *- * * @exception LoginException if the commit fails * * @return true if this LoginModule's own login and commit @@ -418,18 +412,16 @@ } /** - *
This method is called if the LoginContext's + * This method is called if the LoginContext's * overall authentication failed. * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules * did not succeed). * *
If this LoginModule's own authentication attempt * succeeded (checked by retrieving the private state saved by the - *
login
andcommit
methods), + * {@code login} and {@code commit} methods), * then this method cleans up any state that was originally saved. * - *- * * @exception LoginException if the abort fails. * * @return false if this LoginModule's own login and/or commit attempts @@ -464,13 +456,11 @@ * Logout a user. * *
This method removes the Principals - * that were added by the
commit
method. - * - *+ * that were added by the {@code commit} method. * * @exception LoginException if the logout fails. * - * @return true in all cases since this
LoginModule
+ * @return true in all cases since this {@code LoginModule} * should not be ignored. */ public boolean logout() throws LoginException { @@ -506,8 +496,6 @@ /** * Attempt authentication * - *- * * @param getPasswdFromSharedState boolean that tells this method whether * to retrieve the password from the sharedState. */ @@ -674,8 +662,6 @@ * values in the shared state in case subsequent LoginModules * want to use them via use/tryFirstPass. * - *
- * * @param getPasswdFromSharedState boolean that tells this method whether * to retrieve the password from the sharedState. */