Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL



Access Control

The way by which interactions with resources are limited to collections of users or programs for the purpose of enforcing integrity, confidentiality, or availability constraints.


The four properties that are guaranteed by a transaction: atomicity, consistency, isolation, and durability. Atomicity exists when either all of the changes are committed or, if for any reason the transaction cannot be completed, all of the changes are rolled back to their prior state. Consistency means that a transaction starts with data in a consistent state and ends with data in a consistent state. The data is said to be in consistent state when it conforms to a set of invariants or rules, such as no duplicate keys or a column not allowing nulls. Isolation means that any given transaction must appear to be running all by itself on the database. The effects of any concurrent transaction are not visible to this transaction, and the effects of this transaction are not visible until the transaction is actually committed. Durability means that once a transaction is committed, its effects are guaranteed to continue even after the recovery of a subsequent system failure.


The process that transfers an EJB from secondary storage to memory. This is the complementary process to passivation.


A Java component that executes in an application or device, usually a web browser that supports the applet programming model.

applet container

A container that supports the applet programming model.

application assembler

Combines components into a deployable application unit.

application component provider

Writes the business and application logic for the application by providing JavaServer Pages (JSP), Java classes, and the required deployment descriptors.


The process used by callers and service providers that proves that they are to be “trusted.” Authentication establishes the caller’s identity and proves that they are “authenticated” instances of an identity. The three types of authentication required on the J2EE platform are basic, form-based, and mutual. The J2EE platform also supports digest authentication.


The mechanism that controls caller access and interaction with application resources or components. The caller’s credentials (identity), which can also be anonymous or arbitrarily set by the caller, can be determined via authentication contexts that are available to the called component. Access can then be determined by comparing the caller’s credentials with the access control rules for the required component or resource.

basic authentication

The web server authenticates a principal using the user name and password obtained from the web client via its built-in authentication mechanism. Refer to Section 11.1 Basic Authentication Scheme in the HTTP specification at for more details.

BMP (bean-managed persistence)

The enterprise bean provider is responsible for creating the code for all of the database access. Consequently, this technique provides much more control over how data is accessed.

BMT (bean-managed transaction)

A transaction boundary defined and controlled by an enterprise bean.

business logic

The code that implements the required functionality of an application.

caller principal

The principal that identifies the caller of the enterprise bean method.

client certificate authentication

A client authentication mechanism that uses a X.509 certificate to establish its identity.

CMP (container-managed persistence)

The enterprise bean provider delegates the specifics of data access to the EJB container.

CMT (container-managed transaction)

A transaction boundary defined and controlled by the EJB container.


An application-level unit that is configurable at deployment time and supported by a container. The four types of components for the J2EE platform are enterprise beans, web components, applets, and application clients.


A standard extension mechanism that lets a container provide connectivity to enterprise information systems.


An entity that provides life cycle management, security, deployment, runtime, and component-specific services to components.

CORBA (Common Object Request Broker Architecture)

The distributed object model defined by the Object Management Group (OMG).


The security attributes of a principal.


Installs modules and applications into the operational environment.


The process of installing modules and applications into an operational environment.

deployment descriptor

An XML file that accompanies each module or application, it describes specific configuration requirements that need to be resolved for the module or application to be installed successfully.


A JMS-administered object that is either a queue for a point-to-point messaging model or a topic for a publish/subscribe messaging model.

digest authentication

An authentication mechanism in which a web client authenticates by sending the server, a message digest as part of the HTTP request. This message digest is calculated by taking pieces of the message along with the client’s password and passing them though a one-way hash algorithm.

durable subscription

In a JMS publish/subscribe messaging system, known subscribers receive the messages when they are connected to the topic. If a known subscriber is not connected, JMS retains the messages until the subscriber reconnects or until they expire.

EAR (Enterprise Archive) file

An archive that contains a J2EE enterprise application. An EAR file comprises WAR, EJB JAR, RAR, and JAR files.

EJB container

A container within an EJB server or a J2EE application server that implements the runtime environment for enterprise beans, including security, concurrency, life cycle management, transaction, deployment, naming, and other services provided by the J2EE platform.

EJB container provider

A vendor that supplies an EJB container.

EJB context

Allows the Enterprise JavaBean (EJB) to use services provided by the EJB container and in doing so obtain information about the invoker of a client-invoked method.

EJB home object

Provides the life cycle operations (create, find, and remove methods) for an enterprise bean. The EJBHome object, which is generated by the container’s deployment tools, implements the enterprise bean’s home interface. Any client wishing to use an enterprise bean will first locate its EJB home object via JNDI. Then, it will call the life cycle operations (methods) provided by the EJB home object to reference the EJBObject (remote reference to the enterprise bean).

EJB JAR (Java Archive) file

An archive file that contains an EJB module.

EJB object

An object that implements the remote interface of the enterprise bean. Clients of an EJB reference an EJBObject and do not reference an enterprise bean instance directly.

EJB server

A server that can host one or more EJB containers.

EJB server provider

A vendor that supplies an EJB server.

enterprise bean

A component that implements either a business function or a business entity. The component can be an entity, session, or message-driven bean.

enterprise bean provider

The person or vendor that creates enterprise bean classes, remote and home interfaces, and deployment descriptor files, and then packages them into an EJB JAR file.

enterprise information system (EIS)

The applications that maintain data for an enterprise. These applications offer a well-defined set of services that are exposed to callers as local and/or remote interfaces. Some examples of EIS are legacy mainframe transaction processing and database systems.

Enterprise JavaBeans (EJB)

A component architecture for development and deployment of distributed, object-oriented, enterprise-level applications. EJBs are scalable, secure, and transactional.

entity bean

An enterprise bean that represents data, uniquely identified by a primary key, which is persisted and maintained by a database. The entity bean is able to manage its own persistence (BMP), or it can leave this function to the EJB container.

form-based authentication

An authentication mechanism that allows for the use of a custom HTML form as the user interface for capturing the authentication information.


An opaque, long-lived, and serializable reference to an enterprise bean instance.

home handle

An object used to obtain a reference to the home interface.

home interface

An object that provides the management or life cycle operations (create, remove, find) for an EJB. The home interface of a session bean has create and remove methods, and the home interface of an entity bean has (create, finder, and remove) methods.

HTML (Hypertext Markup Language)

A file format for creating hypertext documents on the web.

HTTP (Hypertext Transfer Protocol)

A web protocol based on TCP/IP that is used to fetch hypertext objects from remote hosts—for example, web pages, images, and binary files.


The HTTP protocol layered over the Secure Socket Layer (SSL) protocol. This provides a more secure transfer of data using encrypted data streams.

IIOP (Internet Inter-ORB Protocol)

A protocol used for communication between CORBA object request brokers (ORBs).

J2EE application server

Provides EJB and/or web containers to support the runtime environment of a J2EE product.

J2EE product provider

A vendor that supplies a J2EE product implemented as per the J2EE platform specification.

J2EE role

The function performed by a party in the development and deployment phases of an application developed using J2EE technology. The roles are Application Component Provider, Application Assembler, Deployer, J2EE Product Provider, EJB Container Provider, EJB Server Provider, Web Container Provider, Web Server Provider, Tool Provider, and System Administrator.

JAR (Java Archive) file

A file format that allows several files to be stored in a single file. Compatible with Zip archives.

JavaBeans component

A portable, platform independent, reusable component model that can be manipulated in a visual builder tool and coded into applications. To make this possible, JavaBeans must adhere to defined property and event interface conventions.


Provides a standard and independent framework for Java client applications to use electronic mail. This provides the ability to do the following:

  • Compose messages, including multipart messages with attachments

  • Send messages to particular servers

  • Retrieve and store messages in folders


Established in 1998 as the open, participative process to develop and revise the Java technology specifications, reference implementations, and test suites, the Java Community Process (JCP) program has fostered the evolution of the Java platform in cooperation with the international Java developer community.


Provides a database-independent connectivity between Java and a wide range of data sources.

JMS (Java Message Service)

Provides a common way for a Java application to create, send, receive, and read an enterprise messaging system’s messages.

JMS provider

An enterprise messaging system that implements the Java Message Service along with administrative and control functions.

JNDI (Java Naming and Directory Interface)

An API that provides naming and directory functionality for Java classes.

JSP (JavaServer Pages)

JavaServer Pages use template data, custom elements, scripting languages, and server-side Java objects to return dynamic content to a client typically within a web browser. A JSP is a combination of HTML syntax and Java syntax that is executed at runtime to create content for web-based clients dynamically. More advanced JSPs can use templates and custom tag libraries to further enhance their functionality and reusability.


A Java Specification Request (JSR) is the document submitted to the Process Management Office (PMO) by one or more JCP members to propose the development of a new specification or significant revision to an existing specification for Java.

JTA (Java Transaction API)

An API that allows applications and J2EE servers to use transactions.

JTS (Java Transaction Service)

Defines the implementation of a transaction manager, which supports the Java Transaction API (JTA) and implements the Java mapping of the Object Management Group (OMG), Object Transaction Service (OTS) specification.

MDB (message-driven bean)

An enterprise bean that consumes messages asynchronously. A client invokes MDBs by sending messages to the destination to which the MDB is listening.

ORB (Object Request Broker)

Enables CORBA objects to locate and then communicate with one another.

OS principal

A principal that exists for the operating system on which the J2EE platform is executing.

OTS (Object Transaction Service)

Defines the interfaces that permit CORBA objects to participate in transactions.


The process that transfers an enterprise bean from memory to secondary storage. This is the complementary process to activation.


A protocol for moving the state of an entity bean between its instance variables and a persistent store (a database).

point-to-point messaging model

A messaging model that uses queues. In JMS, clients can write messages to a queue and can read messages from a queue.

primary key

An object within a home that uniquely identifies an entity bean.


The identity assigned to a user that has been authenticated.


A nonunique security attribute that can be shared by many principals, such as a group.

publish/subscribe messaging model

A messaging model that uses topics. In JMS, clients can publish messages to a topic and multiple clients can subscribe and receive messages from a topic.


A destination used in the point-to-point messaging model.


A string passed on HTTP request during basic authentication. This specifies the protection domain to be used for authentication.

remote interface

An enterprise bean interface that defines the business methods a client can invoke.

resource adapter

System-level software used by an EJB container or a client to connect to an EIS.

resource manager

Provides shared access to a set of resources. It participates in transactions that are externally controlled and coordinated by a transaction manager.

RMI (Remote Method Invocation)

A distributed object model that allows an object running in one Java Virtual Machine (JVM) to invoke methods on an object running in a different JVM.


An RMI implementation that uses CORBA’s IIOP protocol. RMI-IIOP allows developers to code using the RMI APIs while the interprocess communication actually involves the IIOP protocol instead of the JRMP protocol with which RMI is usually associated.

role mapping

Associating groups and/or principals known to the container to security roles specified within the deployment descriptor. Before installing the component on the server, these security roles need to be mapped (associated) by the deployer.

security attributes

A set of properties associated with a principal via an authentication protocol and/or a J2EE product provider.

security constraint

The declarative way of protecting web resource collections. A security constraint consists of these parts: a web resource collection, an authorization constraint, and a user data constraint.

security context

An object that encapsulates the shared security state between two entities.

security permission

A mechanism used by the J2EE platform to convey the programming restrictions imposed upon application component providers.

security role

An abstract logical grouping of users defined by an application assembler. When an application is deployed, roles are associated to security identities that actually exist in the deployment environment, such as principals or groups.

security view

A set of security roles created by the application assembler.

server principal

The operating system principal that the server is executing as.


A Java program that generates dynamic content and interacts with web clients using a request-response model.

servlet container

Also called a web container. Provides services that facilitate the requests-responses model. It also decodes requests and formats responses. All servlet containers support HTTP and can optionally support other request-response protocols such as HTTPS.

servlet context

An object that contains information about the web application that the servlet is executing as a part of. Through this object, a servlet can log events, obtain URL references to resources, and set and store context attributes for other servlets within the same context.


Object used by servlets to track user interaction with a web application across multiple HTTP requests.

session bean

An enterprise bean that performs operations for a client. A session bean is created by a client and typically exists only for the duration of a single client/server session. A session bean can be either stateful, in which it maintains conversational state across methods and transactions, or stateless.

SQL (Structured Query Language)

The standardized relational database language for defining and maintaining database objects and manipulating the data within them.


Standards that include specifications for embedding SQL statements within the Java programming language and for calling Java static methods as SQL stored procedures and user-defined functions.

SSL (Secure Socket Layer)

A protocol that provides communication between a client and server to be encrypted for privacy. Servers must be authenticated, and clients are optionally authenticated.

stateful session bean

A session bean that maintains a conversational state.

stateless session bean

A session bean that does not maintain a conversational state. All instances of the same stateless session bean are identical.

system administrator

The individual responsible for configuring, administering, and maintaining computers, networks, and software systems.


Destination used in the publish-subscribe messaging model.


An atomic unit of work that changes data from one state to another. A transaction can comprise one or more changes, all of which will either complete or roll back. Transactions allow several users to access the same data at the same time (concurrently).

transaction attribute

A value defined in the deployment descriptor of an enterprise bean module. It tells the EJB container how to control the transaction scope when the enterprise bean’s methods are invoked. The following are the possible values for a transaction attribute: Required, RequiresNew, Supports, NotSupported, Mandatory, Never.

transaction isolation level

The degree to which the intermediate state of the data being modified by a transaction can be seen by other concurrent transactions; also the data being modified by other transactions can be seen by it.

transaction manager

Provides the management functions and services required to support synchronization, transaction demarcation, transaction context propagation, and transactional resource management.

URI (Uniform Resource Identifier)

A compact string of characters that identifies either an abstract or physical resource. A URI is an abstract superclass of the URL or URN concrete subclasses.

URL (Uniform Resource Locator)

A standard way for referring to an arbitrary piece of data on the web. Each URL is in the form protocol://host/localinfo, where protocol specifies the protocol to use, such as HTTP or FTP; host specifies the remote host where the resource exists; and localinfo, which is often a filename, is passed to the protocol handler on the remote host to actually find the resource.

URL path

A URL passed in an HTTP request to invoke a servlet. It consists of a Context Path, a Servlet Path, and PathInfo. The Context Path is the path prefix associated with the servlet context. The Servlet Path, which starts with a slash (/) character, is the path section that corresponds to the servlet container mapping that activated the request. The PathInfo is the part of the request path that is neither part of the Context Path nor the Servlet Path.

URN (Uniform Resource Name)

A unique identifier for an entity that does not specify where the entity is actually located. A URN may be used to attempt to find an entity locally before looking it up on the web. The URN allows the web location to change, while still allowing the entity to be found.

WAR (Web Archive) file

A JAR archive that contains a web application.

web application

An Internet application, including those that use Java technologies such as JavaServer Pages and servlets, as well as those that use non-Java technologies such as CGI and Perl.

web component

A component that can be either a servlet or a JavaServer Page, and that provides service by responding to requests.

web container

A container provided by a J2EE or web server that implements the J2EE web component contract. This defines the runtime environment and services for web components, including concurrency, deployment, life cycle management, security, transaction, and other services.

web module

A unit that consists of one or more web components along with a web deployment descriptor.

web resource collection

A list of URL patterns and HTTP methods that describe a set of resources that are to be protected via a security constraint.

web server

Software that provides services to access the network (Internet, an Intranet, or an Extranet). The web server hosts web sites, supports HTTP (and possibly other protocols), and executes server-side programs such as servlets. On a J2EE platform, a web server provides services to one or more web containers.

XML (Extensible Markup Language)

A markup language that evolved from Standard Generalized Markup Language (SGML), and that allows the definition of tags (markup) needed to identify the content, data, and text in XML documents.


You are currently reading a PREVIEW of this book.


Get instant access to over $1 million worth of books and videos.


Start a Free 10-Day Trial

  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint