Home TOC Index |
![]() ![]() ![]() |
Glossary
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- The methods by which interactions with resources are limited to collections of users or programs for the purpose of enforcing integrity, confidentiality, or availability constraints.
- The acronym for the four properties guaranteed by transactions: atomicity, consistency, isolation, and durability.
- A component that typically executes in a web browser, but can execute in a variety of other applications or devices that support the applet programming model.
- The process by which an entity proves to another entity that it is acting on behalf of a specific identity. The J2EE platform requires three types of authentication: basic, form-based, and mutual, and supports digest authentication.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- The process by which access to a method or resource is determined. Authorization depends upon the determination of whether the principal associated with a request through authentication is in a given security role. A security role is a logical grouping of users defined by an Application Component Provider or Assembler. A Deployer maps security roles to security identities. Security identities may be principals or groups in the operational environment.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- An authentication mechanism in which a web server authenticates an entity with a user name and password obtained using the web client's built-in authentication mechanism.
- Component methods called by the container to notify the component of important events in its life cycle.
- The point in a transaction when all updates to any resources involved in the transaction are made permanent.
- An application-level software unit supported by a container. Components are configurable at deployment time. See also web components.
- The contract between a component and its container. The contract includes: life cycle management of the component, a context interface that the instance uses to obtain various information and services from its container, and a list of services that every container must provide for its components.
- A standard extension mechanism for containers to provide connectivity to enterprise information systems. A connector is specific to an enterprise information system and consists of a resource adapter and application development tools for enterprise information system connectivity. The resource adapter is plugged in to a container through its support for system-level contracts defined in the connector architecture.
- An entity that provides life cycle management, security, deployment, and runtime services to components.
- A name that gets mapped to the document root of a web client.
- The information describing the security attributes of a principal.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- Cascading Style Sheet. A stylesheet used with HTML and XML documents to add a style to all elements marked with a particular tag, for the direction of browsers or other presentation mechanisms.
- An act whereby one principal authorizes another principal to use its identity or privileges with some restrictions.
- An XML file provided with each module and application that describes how they should be deployed. The deployment descriptor directs a deployment tool to deploy a module or application with specific container options and describes specific configuration requirements that a Deployer must resolve.
- An authentication mechanism in which a web client authenticates to a web server by sending the server a message digest along its HTTP request message. The digest is computed by employing a one-way hash algorithm to a concatenation of the HTTP request message and the client's password. The digest is typically much smaller than the HTTP request, and doesn't contain the password.
- An application made up of distinct components running in separate runtime environments, usually on different platforms connected via a network. Typical distributed applications are two-tier (client-server), three-tier (client-middleware-server), and multitier (client-multiple middleware-multiple servers).
- The top-level directory of a WAR. The document root is where JSP pages, client-side classes and archives, and static web resources are stored.
- Document Object Model. A tree of objects with interfaces for traversing the tree and writing an XML version of it, as defined by the W3C specification.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- Document Type Definition. A description of the structure and properties of a class of XML files.
- The applications that comprise an enterprise's existing system for handling company-wide information. These applications provide an information infrastructure for an enterprise. An enterprise information system offers a well defined set of services to its clients. These services are exposed to clients as local and/or remote interfaces. Examples of enterprise information systems include: enterprise resource planning systems, mainframe transaction processing systems, and legacy database systems.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- An entity that provides enterprise information system-specific functionality to its clients. Examples are: a record or set of records in a database system, a business object in an enterprise resource planning system, and a transaction program in a transaction processing system.
- An object that can transform the header and/or content of a request or response. Filters differ from web components in that they usually do not themselves create responses but rather they modify or adapt the requests for a resource, and modify or adapt responses from a resource. A filter should not have any dependencies on a web resource for which it is acting as a filter so that it can be composable with more than one type of web resource.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- An authentication mechanism in which a web container provides an application-specific form for logging in.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- Hypertext Markup Language. A markup language for hypertext documents on the Internet. HTML enables the embedding of images, sounds, video streams, form fields, references to other objects with URLs and basic text formatting.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- Hypertext Transfer Protocol. The Internet protocol used to fetch hypertext objects from remote hosts. HTTP messages consist of requests from client to server and responses from server to client.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- An act whereby one entity assumes the identity and privileges of another entity without restrictions and without any indication visible to the recipients of the impersonator's calls that delegation has taken place. Impersonation is a case of simple delegation.
- An environment for developing and deploying enterprise applications. The J2EE platform consists of a set of services, application programming interfaces (APIs), and protocols that provide the functionality for developing multitiered, web-based applications.
- A highly optimized Java runtime environment targeting a wide range of consumer products, including pagers, cellular phones, screenphones, digital set-top boxes and car navigation systems.
- A Java class that can be manipulated in a visual builder tool and composed into applications. A JavaBeans component must adhere to certain property and event interface conventions.
- An extensible web technology that uses template data, custom elements, scripting languages, and server-side Java objects to return dynamic content to a client. Typically the template data is HTML or XML elements, and in many cases the client is a web browser.
- See JavaServer Pages.
- A JSP element that can act on implicit objects and other server-side objects or can define new scripting variables. Actions follow the XML syntax for elements with a start tag, a body and an end tag; if the body is empty it can also use the empty tag syntax. The tag must use a prefix.
- An action described in a portable manner by a tag library descriptor and a collection of Java classes and imported into a JSP page by a
taglib
directive. A custom action is invoked when a JSP page uses a custom tag.
- An action that is defined in the JSP specification and is always available to a JSP file without being imported.
- A stand-alone web application, written using the JavaServer Pages technology, that can contain JSP pages, servlets, HTML files, images, applets, and JavaBeans components.
- A container that provides the same services as a servlet container and an engine that interprets and processes JSP pages into a servlet.
- A JSP container that can run a web application that is tagged as distributable and is spread across multiple Java virtual machines that might be running on different hosts.
- A JSP element that gives an instruction to the JSP container and is interpreted at translation time.
- A portion of a JSP page that is recognized by a JSP translator. An element can be a directive, an action, or a scripting element.
- A scripting element that contains a valid scripting language expression that is evaluated, converted to a
String
, and placed into the implicitout
object.
- A file that contains a JSP page. In the Servlet 2.2 specification, a JSP file must have a .jsp extension.
- A text-based document using fixed template data and JSP elements that describes how to process a request to create a response.
- A JSP declaration, scriptlet, or expression, whose tag syntax is defined by the JSP specification, and whose content is written according to the scripting language used in the JSP page. The JSP specification describes the syntax and semantics for the case where the language page attribute is "java".
- A JSP scripting element containing any code fragment that is valid in the scripting language used in the JSP page. The JSP specification describes what is a valid scriptlet for the case where the language page attribute is "java".
- A piece of text between a left angle bracket and a right angle bracket that is used in a JSP file as part of a JSP element. The tag is distinguishable as markup, as opposed to data, because it is surrounded by angle brackets.
- A collection of custom tags identifying custom actions described via a tag library descriptor and Java classes.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- See Java Transaction API.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- The framework events of a component's existence. Each type of component has defining events which mark its transition into states where it has varying availability for use. For example, a servlet is created and has its
init
method called by its container prior to invocation of its service method by clients or other servlets who require its functionality. After the call of itsinit
method it has the data and readiness for its intended use. The servlet'sdestroy
method is called by its container prior to the ending of its existence so that processing associated with winding up may be done, and resources may be released. Theinit
anddestroy
methods in this example are callback methods.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- An authentication mechanism employed by two parties for the purpose of proving each other's identity to one another.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- A mechanism that allows a component to be customized without the need to access or change the component's source code. A container implements the component's naming environment, and provides it to the component as a JNDI naming context. Each component names and accesses its environment entries using the
java:comp/env
JNDI context. The environment entries are declaratively specified in the component's deployment descriptor.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- A security attribute that does not have the property of uniqueness and that may be shared by many principals.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- See security policy domain. Also, a string, passed as part of an HTTP request during basic authentication, that defines a protection space. The protected resources on a server can be partitioned into a set of protection spaces, each with its own authentication scheme and/or authorization database.
- Provides access to a set of shared resources. A resource manager participates in transactions that are externally controlled and coordinated by a transaction manager. A resource manager is typically in different address space or on a different machine from the clients that access it. Note: An enterprise information system is referred to as resource manager when it is mentioned in the context of resource and transaction management.
- An abstract logical grouping of users that is defined by the Application Assembler. When an application is deployed, the roles are mapped to security identities, such as principals or groups, in the operational environment.
- The process of associating the groups and/or principals recognized by the container to security roles specified in the deployment descriptor. Security roles have to be mapped before a component is installed in the server.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- The point in a transaction when all updates to any resources involved in the transaction are reversed.
- Simple API for XML. An event-driven, serial-access mechanism for accessing XML documents.
- A set of properties associated with a principal. Security attributes can be associated with a principal by an authentication protocol and/or by a J2EE Product Provider.
- A declarative way to annotate the intended protection of web content. A security constraint consists of a web resource collection, an authorization constraint, and a user data constraint.
- A mechanism, defined by J2SE, to express the programming restrictions imposed on component developers.
- A scope over which security policies are defined and enforced by a security administrator. A security policy domain has a collection of users (or principals), uses a well defined authentication protocol(s) for authenticating users (or principals), and may have groups to simplify setting of security policies.
- See role (security).
- A scope over which the same security mechanism is used to enforce a security policy. Multiple security policy domains can exist within a single technology domain.
- A Java program that extends the functionality of a web server, generating dynamic content and interacting with web clients using a request-response paradigm.
- A container that provides the network services over which requests and responses are sent, decodes requests, and formats responses. All servlet containers must support HTTP as a protocol for requests and responses, but may also support additional request-response protocols such as HTTPS.
- A servlet container that can run a web application that is tagged as distributable and that executes across multiple Java virtual machines running on the same host or on different hosts.
- An object that contains a servlet's view of the web application within which the servlet is running. Using the context, a servlet can log events, obtain URL references to resources, and set and store attributes that other servlets in the context can use.
- Defines an association between a URL pattern and a servlet. The mapping is used to map requests to servlets.
- An object used by a servlet to track a user's interaction with a web application across multiple HTTP requests.
- Secure Socket Layer. A security protocol that provides privacy over the Internet. The protocol allows client-server applications to communicate in a way that cannot be eavesdropped or tampered with. Servers are always authenticated and clients are optionally authenticated.
- Structured Query Language. The standardized relational database language for defining database objects and manipulating data.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- A set of standards that includes specifications for embedding SQL statements in methods in the Java programming language and specifications for calling Java static methods as SQL stored procedures and user-defined functions. An SQL checker can detects errors in static SQL statements at program development time, rather than at execution time as with a JDBC driver.
- An atomic unit of work that modifies data. A transaction encloses one or more program statements, all of which either complete or roll back. Transactions enable multiple users to access the same data concurrently.
- The degree to which the intermediate state of the data being modified by a transaction is visible to other concurrent transactions and data being modified by other transactions is visible to it.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- Provides the services and management functions required to support transaction demarcation, transactional resource management, synchronization, and transaction context propagation.
- Uniform Resource Identifier. A compact string of characters for identifying an abstract or physical resource. A URI is either a URL or a URN. URLs and URNs are concrete entities that actually exist; A URI is an abstract superclass.
- Uniform Resource Locator. A standard for writing a textual reference to an arbitrary piece of data in the World Wide Web. A URL looks like
protocol://host/localinfo
whereprotocol
specifies a protocol for fetching the object (such as HTTP or FTP),host
specifies the Internet name of the targeted host, andlocalinfo
is a string (often a file name) passed to the protocol handler on the remote host.
- The URL passed by a HTTP request to invoke a servlet. The URL consists of the Context Path + Servlet Path + Path Info, where
- Context Path is the path prefix associated with a servlet context that this servlet is a part of. If this context is the default context rooted at the base of the web server's URL namespace, the path prefix will be an empty string. Otherwise, the path prefix starts with a / character but does not end with a / character.
- Servlet Path is the path section that directly corresponds to the mapping which activated this request. This path starts with a / character.
- Path Info is the part of the request path that is not part of the Context Path or the Servlet Path.
- Uniform Resource Name. A unique identifier that identifies an entity, but doesn't tell where it is located. A system can use a URN to look up an entity locally before trying to find it on the web. It also allows the web location to change, while still allowing the entity to be found.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- Indicates how data between a client and a web container should be protected. The protection can be the prevention of tampering with the data or prevention of eavesdropping on the data.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- An application written for the Internet, including those built with Java technologies such as JavaServer Pages and servlets, as well as those built with non-Java technologies such as CGI and Perl.
- A web application that uses J2EE technology written so that it can be deployed in a web container distributed across multiple Java virtual machines running on the same host or different hosts. The deployment descriptor for such an application uses the distributable element.
- A container that implements the web component contract of the J2EE architecture. This contract specifies a runtime environment for web components that includes security, concurrency, life cycle management, transaction, deployment, and other services. A web container provides the same services as a JSP container and a federated view of the J2EE platform APIs. A web container is provided by a web server.
- A web container that can run a web application that is tagged as distributable and that executes across multiple Java virtual machines running on the same host or on different hosts.
- A unit that consists of one or more web components, other resources, and a web deployment descriptor.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- Software that provides services to access the Internet, an intranet, or an extranet. A web server hosts web sites, provides support for HTTP and other protocols, and executes server-side programs (such as CGI scripts or servlets) that perform certain functions. In the J2EE architecture, a web server provides services to a web container. For example, a web container typically relies on a web server to provide HTTP message handling. The J2EE architecture assumes that a web container is hosted by a web server from the same vendor, so does not specify the contract between these two entities. A web server may host one or more web containers.
- Extensible Markup Language. A markup language that allows you to define the tags (markup) needed to identify the content, data, and text, in XML documents. It differs from HTML the markup language most often used to present information on the internet. HTML has fixed tags that deal mainly with style or presentation. An XML document must undergo a transformation into a language with style tags under the control of a stylesheet before it can be presented by a browser or other presentation mechanism. Two types of style sheets used with XML are CSS and XSL. Typically, XML is transformed into HTML for presentation. Although tags may be defined as needed in the generation of an XML document, a Document Type Definition (DTD) may be used to define the elements allowed in a particular type of document. A document may be compared with the rules in the DTD to determine its validity and to locate particular elements in the document. J2EE deployment descriptors are expressed in XML with DTDs defining allowed elements. Programs for processing XML documents use SAX or DOM APIs. J2EE deployment descriptors are expressed in XML.
- Extensible Stylesheet Language. An XML transformation language used for transforming XML documents into documents with flow object tags for presentation purposes. The transformation aspect of XSL has been abstracted into XSLT with the XSL name now used to designate the presentation flow language. XSL is a direct descendent of the DSSSL style language for SGML (Standard Generalized Markup Language), the language from which XML was subsetted. It was designed to have all the capabilities of CSS, the stylesheet often used with HTML. XSL flow objects can be presented by specialized browsers, and themselves transformed into PDF documents.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
- XSL Transformation. An XML file that controls the transformation of an XML document into another XML document or HTML. The target document often will have presentation related tags dictating how it will be rendered by a browser or other presentation mechanism. XSLT was formerly part of XSL, which also included a tag language of style flow objects.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Home TOC Index |
![]() ![]() ![]() |