Security and JNDI
Although JNDI is part of J2SE rather than J2EE, name servers are most commonly used with enterprise applications, many of which use J2EE. The underlying Service Provider implements the security for the naming and directory service. In most circumstances, a secure directory service will use LDAP or a service that has an LDAP interface (Active Directory or NDS), and so this section will describe LDAP security requirements.
You may want to check back to Day 3, “Naming and Directory Services,” to remind yourself about JNDI before reading the rest of this section.
LDAP security is based on three categories:
anonymous— No security information is provided.
simple— The client provides a clear text name and password.
Simple Authentication ...