diff -r b0dd05ec3db1 -r bab15bbe2ca3 jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java --- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java Tue Apr 28 11:10:45 2015 -0700 +++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java Wed Apr 29 17:29:14 2015 +0400 @@ -44,28 +44,28 @@ /** - *

The module prompts for a username and password + * The module prompts for a username and password * and then verifies the password against the password stored in * a directory service configured under JNDI. * - *

This LoginModule interoperates with + *

This {@code LoginModule} interoperates with * any conformant JNDI service provider. To direct this - * LoginModule to use a specific JNDI service provider, - * two options must be specified in the login Configuration - * for this LoginModule. + * {@code LoginModule} to use a specific JNDI service provider, + * two options must be specified in the login {@code Configuration} + * for this {@code LoginModule}. *

  *      user.provider.url=name_service_url
  *      group.provider.url=name_service_url
  * 
* * name_service_url specifies - * the directory service and path where this LoginModule + * the directory service and path where this {@code LoginModule} * can access the relevant user and group information. Because this - * LoginModule only performs one-level searches to - * find the relevant user information, the URL + * {@code LoginModule} only performs one-level searches to + * find the relevant user information, the {@code URL} * must point to a directory one level above where the user and group * information is stored in the directory service. - * For example, to instruct this LoginModule + * For example, to instruct this {@code LoginModule} * to contact a NIS server, the following URLs must be specified: *
  *    user.provider.url="nis://NISServerHostName/NISDomain/user"
@@ -90,14 +90,14 @@
  *
  * 

The format in which the user's information must be stored in * the directory service is specified in RFC 2307. Specifically, - * this LoginModule will search for the user's entry in the + * this {@code LoginModule} will search for the user's entry in the * directory service using the user's uid attribute, * where uid=username. If the search succeeds, - * this LoginModule will then + * this {@code LoginModule} will then * obtain the user's encrypted password from the retrieved entry * using the userPassword attribute. - * This LoginModule assumes that the password is stored - * as a byte array, which when converted to a String, + * This {@code LoginModule} assumes that the password is stored + * as a byte array, which when converted to a {@code String}, * has the following format: *

  *      "{crypt}encrypted_password"
@@ -106,12 +106,12 @@
  * The LDAP directory server must be configured
  * to permit read access to the userPassword attribute.
  * If the user entered a valid username and password,
- * this LoginModule associates a
- * UnixPrincipal, UnixNumericUserPrincipal,
+ * this {@code LoginModule} associates a
+ * {@code UnixPrincipal}, {@code UnixNumericUserPrincipal},
  * and the relevant UnixNumericGroupPrincipals with the
- * Subject.
+ * {@code Subject}.
  *
- * 

This LoginModule also recognizes the following Configuration + *

This LoginModule also recognizes the following {@code Configuration} * options: *

  *    debug          if, true, debug messages are output to System.out.
@@ -144,7 +144,7 @@
  *                   exist for the username and password in the shared state,
  *                   or if authentication fails.
  *
- *    clearPass     if, true, this LoginModule clears the
+ *    clearPass     if, true, this {@code LoginModule} clears the
  *                  username and password stored in the module's shared state
  *                  after both phases of authentication (login and commit)
  *                  have completed.
@@ -208,21 +208,19 @@
     private static final String PWD = "javax.security.auth.login.password";
 
     /**
-     * Initialize this LoginModule.
+     * Initialize this {@code LoginModule}.
      *
-     * 

- * - * @param subject the Subject to be authenticated.

+ * @param subject the {@code Subject} to be authenticated. * - * @param callbackHandler a CallbackHandler for communicating + * @param callbackHandler a {@code CallbackHandler} for communicating * with the end user (prompting for usernames and - * passwords, for example).

+ * passwords, for example). * - * @param sharedState shared LoginModule state.

+ * @param sharedState shared {@code LoginModule} state. * * @param options options specified in the login - * Configuration for this particular - * LoginModule. + * {@code Configuration} for this particular + * {@code LoginModule}. */ // Unchecked warning from (Map)sharedState is safe // since javax.security.auth.login.LoginContext passes a raw HashMap. @@ -255,17 +253,15 @@ } /** - *

Prompt for username and password. + * Prompt for username and password. * Verify the password against the relevant name service. * - *

- * - * @return true always, since this LoginModule + * @return true always, since this {@code LoginModule} * should not be ignored. * - * @exception FailedLoginException if the authentication fails.

+ * @exception FailedLoginException if the authentication fails. * - * @exception LoginException if this LoginModule + * @exception LoginException if this {@code LoginModule} * is unable to perform the authentication. */ public boolean login() throws LoginException { @@ -367,15 +363,13 @@ * *

If this LoginModule's own authentication attempt * succeeded (checked by retrieving the private state saved by the - * login method), then this method associates a - * UnixPrincipal - * with the Subject located in the - * LoginModule. If this LoginModule's own + * {@code login} method), then this method associates a + * {@code UnixPrincipal} + * with the {@code Subject} located in the + * {@code LoginModule}. If this LoginModule's own * authentication attempted failed, then this method removes * any state that was originally saved. * - *

- * * @exception LoginException if the commit fails * * @return true if this LoginModule's own login and commit @@ -418,18 +412,16 @@ } /** - *

This method is called if the LoginContext's + * This method is called if the LoginContext's * overall authentication failed. * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules * did not succeed). * *

If this LoginModule's own authentication attempt * succeeded (checked by retrieving the private state saved by the - * login and commit methods), + * {@code login} and {@code commit} methods), * then this method cleans up any state that was originally saved. * - *

- * * @exception LoginException if the abort fails. * * @return false if this LoginModule's own login and/or commit attempts @@ -464,13 +456,11 @@ * Logout a user. * *

This method removes the Principals - * that were added by the commit method. - * - *

+ * that were added by the {@code commit} method. * * @exception LoginException if the logout fails. * - * @return true in all cases since this LoginModule + * @return true in all cases since this {@code LoginModule} * should not be ignored. */ public boolean logout() throws LoginException { @@ -506,8 +496,6 @@ /** * Attempt authentication * - *

- * * @param getPasswdFromSharedState boolean that tells this method whether * to retrieve the password from the sharedState. */ @@ -674,8 +662,6 @@ * values in the shared state in case subsequent LoginModules * want to use them via use/tryFirstPass. * - *

- * * @param getPasswdFromSharedState boolean that tells this method whether * to retrieve the password from the sharedState. */