{"id":37029978,"url":"https://github.com/dattack/standalone-jndi","last_synced_at":"2026-01-14T03:38:09.374Z","repository":{"id":44850761,"uuid":"70951099","full_name":"dattack/standalone-jndi","owner":"dattack","description":"A JNDI implementation to use with your standalone applications.","archived":false,"fork":false,"pushed_at":"2023-07-07T21:55:11.000Z","size":191,"stargazers_count":2,"open_issues_count":1,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-07-28T16:36:50.949Z","etag":null,"topics":["java","jdbc","jndi","password","standalone","standalone-applications"],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dattack.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-10-14T22:18:38.000Z","updated_at":"2025-01-20T16:53:16.000Z","dependencies_parsed_at":"2022-09-26T21:50:14.139Z","dependency_job_id":null,"html_url":"https://github.com/dattack/standalone-jndi","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/dattack/standalone-jndi","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dattack%2Fstandalone-jndi","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dattack%2Fstandalone-jndi/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dattack%2Fstandalone-jndi/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dattack%2Fstandalone-jndi/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dattack","download_url":"https://codeload.github.com/dattack/standalone-jndi/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dattack%2Fstandalone-jndi/sbom","scorecard":{"id":325114,"data":{"date":"2025-08-11","repo":{"name":"github.com/dattack/standalone-jndi","commit":"c1ec247704028cd6907b63f0955e59a1928f851c"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.7,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/27 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 3 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":7,"reason":"3 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-pvp8-3xj6-8c6x","Warn: Project is vulnerable to: GHSA-78wr-2p64-hpwj","Warn: Project is vulnerable to: GHSA-j288-q9x7-2f5v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T02:15:20.293Z","repository_id":44850761,"created_at":"2025-08-18T02:15:20.293Z","updated_at":"2025-08-18T02:15:20.293Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408850,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["java","jdbc","jndi","password","standalone","standalone-applications"],"created_at":"2026-01-14T03:38:08.648Z","updated_at":"2026-01-14T03:38:09.361Z","avatar_url":"https://github.com/dattack.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Standalone JNDI\n\n[![Travis Badge](https://api.travis-ci.com/dattack/standalone-jndi.svg?branch=develop)](https://travis-ci.com/dattack/standalone-jndi/builds)\n[![Codacy Badge](https://api.codacy.com/project/badge/Grade/66474e9fa3bb45c5ac545f298dc42bb8)](https://www.codacy.com/manual/dattack/standalone-jndi)\n[![Codeship Badge](https://app.codeship.com/projects/2b7c4b00-748f-0134-45cb-12948b47b8fd/status?branch=develop)](https://app.codeship.com/projects/179241)\n[![CircleCI Badge](https://circleci.com/gh/dattack/standalone-jndi.svg?style=svg)](https://circleci.com/gh/dattack/standalone-jndi)\n[![Codecov Badge](https://codecov.io/gh/dattack/standalone-jndi/branch/develop/graph/badge.svg)](https://codecov.io/gh/dattack/standalone-jndi)\n[![license](https://img.shields.io/:license-Apache-blue.svg?style=plastic-square)](LICENSE.md)\n[![Maven Central](https://img.shields.io/maven-central/v/com.dattack/standalone-jndi.svg?label=Maven%20Central)](https://search.maven.org/artifact/com.dattack/standalone-jndi)\n[![javadoc](https://javadoc.io/badge2/com.dattack/standalone-jndi/javadoc.svg)](https://javadoc.io/doc/com.dattack/standalone-jndi)\n\nA JNDI implementation to use with your standalone applications.\n\nStandalone-JNDI uses a filesystem directory structure to create the hierarchical structure of JNDI contexts. The name of\neach context will match the name of the equivalent directory. Each directory can contain one or more `.properties` files\nthat will be mapped with JNDI resources created in the context corresponding to the directory structure.\n\n## Where can I get the latest release?\n\nYou can pull it from the central Maven repositories:\n\n```xml\n\u003cdependency\u003e\n    \u003cgroupId\u003ecom.dattack\u003c/groupId\u003e\n    \u003cartifactId\u003estandalone-jndi\u003c/artifactId\u003e\n    \u003cversion\u003e0.3\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\nThe source code on the master branch is the current state of development; it is not\nrecommended for general use. If you prefer to build from source, please use an appropriate\nrelease tag.\n\n## Usage\n\n1) Create an application resource file called `jndi.properties` and place it somewhere in the application's\n   CLASSPATH.\n\n2) Edit that file and set the following properties:\n\n    - `java.naming.factory.initial`: set this property to the classname (including the package) of the Initial Context\n      Factory for the JNDI Service Provider. In this case, use `com.dattack.naming.standalone.StandaloneContextFactory`.\n\n    - `com.dattack.naming.standalone.StandaloneContextFactory.resources.directory`: the root directory from which the\n      _properties_ files of the JNDI resources are located.\n\n    - `com.dattack.naming.standalone.StandaloneContextFactory.classpath.directory`: list of directories (separated by\n      commas) containing additional libraries needed to instantiate JNDI resources (e.g. JAR files containing JDBC\n      drivers)\n\n3) Create the necessary directory structure according to the required JNDI contexts within the directory referenced by\n   the parameter `com.dattack.naming.standalone.StandaloneContextFactory.resources.directory`.\n\n4) Create a `.properties` file and configure the necessary properties for each required JNDI resource. Currently, the\n   only type of JNDI resources that this factory creates are `javax.sql.DataSource`.\n\n### javax.sql.DataSource\n\nCurrently, Standalone-JNDI can be used with one of the following connection pool: Apache Commons DBCP and\nTransactionsEssentials (Atomikos).\n\nThe minimum set of properties required to configure this kind of JNDI resource is as follows:\n\n- `type` indicates the type of resource involved. In this case, the value is always javax.sql.DataSource\n\n- `driverClassName` the fully qualified Java class name of the JDBC driver to be used.\n\n- `url` the connection URL to be passed to our JDBC driver to establish a connection.\n\n- `username` the connection username to be passed to our JDBC driver to establish a connection.\n\n- `password` the connection password to be passed to our JDBC driver to establish a connection.\n\nExample:\n\n```properties\n   type=javax.sql.DataSource\n   driverClassName=org.sqlite.JDBC\n   url=jdbc:sqlite:db1.sqlite\n   username=login\n   password=changeme\n```\n\nAdditionally, it is also possible to configure the following properties:\n\n- onConnectScript: an ordered sequence of SQL statements to be executed whenever a new connection is created. The\n  semicolon character ( _;_ ) is the separator to be used between statements.\n\n```properties\n  onConnectScript=\\\n      ALTER SESSION SET CURRENT_SCHEMA = myschema ;\\\n      ALTER SESSION ENABLE PARALLEL DML ;          \\\n      ALTER SESSION FORCE PARALLEL DML PARALLEL 16\n```\n\n- disablePool: a flag that allows you to quickly disable the use of the connection pool if it is set. The default value\n  is false.\n\n   - disablePool.dbcp: when true disables DBCP only, allowing other connection pools to be used.\n\n   - disablePool.atomikos: when true disables Atomikos only, allowing other connection pools to be used.\n\n#### Apache Commons DBCP\nSee [BasicDataSource Configuration Parameters](https://commons.apache.org/proper/commons-dbcp/configuration.html)\nfor a detailed list of parameters that can be configured.\n\nYou can configure DBCP-specific properties by prefixing them with `dbcp.`. The following are some of the most common\nproperties:\n\n- `dbcp.initialSize`: The initial number of connections that are created when the pool is started.\n\n- `dbcp.maxTotal`: The maximum number of active connections that can be allocated from this pool at the same time, or\nnegative for no limit.\n\n- `dbcp.maxIdle`: The maximum number of connections that can remain idle in the pool, without extra ones being released,\nor negative for no limit.\n\n- `dbcp.minIdle`: The minimum number of connections that can remain idle in the pool, without extra ones being created,\nor zero to create none.\n\n- `dbcp.maxWaitMillis`: The maximum number of milliseconds that the pool will wait (when there are no available\nconnections) for a connection to be returned before throwing an exception, or -1 to wait indefinitely.\n\n#### TransactionsEssentials (Atomikos)\nSee [Configuring TransactionsEssentials](https://www.atomikos.com/Documentation/ConfiguringTransactionsEssentials)\nfor a detailed list of parameters that can be configured.\n\nYou can configure DBCP-specific properties by prefixing them with `atomikos.`The following are some of the most common\nproperties:\n\n- `atomikos.maxPoolSize`: the maximum pool size.\n\n- `atomikos.minPoolSize`: the minimum size of the pool.\n\n- `atomikos.maxIdleTime`: the maximum amount of seconds that unused excess connections should stay in the pool.\n\n- `atomikos.reapTimeout`: the amount of time (in seconds) that the connection pool will allow a connection to be in use,\nbefore claiming it back.\n\n**NOTE:** when a datasource has both types of connection pool (DBCP and Atomikos) configured and activated,\nStandalone-JNDI will use DBCP.\n\n#### Secure password\n\nStandalone-JNDI allows encrypting the passwords, so they are not stored in clear within the configuration files of the\nJNDI resources. To do this, you must concatenate the prefix \"encrypt:\" to the encrypted value of the password and\nprovide the path to the private key that must be used to decrypt the password.\n\nThere are three ways to indicate the private key to be used to decrypt the password:\n\n1) Use the parameter \"_privateKey_\" within the configuration file of the JNDI resource. The value of this parameter\nmust be the path to the file containing the private key to be used. This option allows you to use a different private\nkey for each JNDI resource:\n\n    ```properties\n        type=javax.sql.DataSource\n        driverClassName=org.sqlite.JDBC\n        url=jdbc:sqlite:db1.sqlite\n        username=login\n        password=encrypt:YH+W6wiS0vuTsL7uMpFmbvlzCm4d0L6hKtnJCpjExgcYrumFvwRurOg8X6BsDrJvQ7knka5M6KmVJv6CHxDhldTVLO77f3xXhZOuvw/VYL4Bl2YyAy/eVFoK3/TtKIQWnL5a9CfGTX0FFnHrCyybGFNOnXINYKJYxw1G7NVAAxQ=\n        privateKey=\u003cpath_to_private_key_file\u003e\n        disablePool=false\n    ```\n\n2) Set the \"_globalPrivateKey_\" environment variable to reference the path to the file containing the private key.\n\n3) If you do not set any of the above options, Standalone-JNDI will try to locate the `id_rsa` file in the\napplication's classpath and will try to use it as a private key to decrypt the encrypted passwords.\n\n## Contributing\n\nPull requests and stars are always welcome. For bugs and feature\nrequests, [please create an issue](https://github.com/dattack/standalone-jndi/issues).\n\n1. Fork it!\n2. Create your feature branch: `git checkout -b my-new-feature`\n3. Commit your changes: `git commit -am 'Add some feature'`\n4. Push to the branch: `git push origin my-new-feature`\n5. Submit a pull request :D\n\nIf you have other questions, please contact by [email](mailto:dev@dattack.com) or\n[@dattackteam](https://twitter.com/dattackteam)\n\n## License\n\nCode is under the [Apache Licence v2](https://www.apache.org/licenses/LICENSE-2.0.txt).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdattack%2Fstandalone-jndi","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdattack%2Fstandalone-jndi","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdattack%2Fstandalone-jndi/lists"}