Security Model

Nel documento Oracle9 Application Server (pagine 186-192)

Oracle Internet Directory

Java 2 Security Model

Provides developers and administrators with increased control over many aspects of enterprise applet, component, servlet, and application security. The Java 2 Security Model is capability-based and enables you to establish protection domains, and set security policies for these domains.

Permissions are the basis of the Java 2 Security Model. All Java classes (whether run locally or downloaded remotely) are subject to a configured security policy that defines the set of permissions available for those classes. Each permission represents a specific access to a particular resource.

See: JSP


See: JTS

See: JVM

See: J2EE

See: J2SE


A tool for generating API documentation in HTML format from documentation comments in Java source code. These HTML pages describe the classes, inner classes, interfaces, constructors, methods, and fields.


Java DataBase Connectivity. A Java package that provides connectivity to databases from within Java.

JIT compilation

Just-in-time compilation is the process by which the Java Virtual Machine keeps a copy of native code that it generates from bytecode the first time a method is encountered. Subsequently, when the method is run, the JIT uses the native code without having to interpret the method, resulting in a boost in performance.


Java Naming and Directory Interface. JNDI consists of a standard set of APIs that provide directory and naming services. Oracle9i Application Server has a JNDI naming server which clients can use to obtain object references to ECO/Java objects or Enterprise JavaBean objects.

JServ process

An open source servlet engine that can communicate with Oracle HTTP Server by configuring it to accept a servlet request from mod_jserv, which is an Oracle HTTP Server plug-in.


JavaServer Page. An extension to the servlet functionality that enables a simple programmatic interface to Web pages. JSPs are HTML pages with special tags and embedded Java code that is executed on the Web or application server providing dynamic functionality to HTML pages. JSPs are actually compiled into servlets when first requested and run in theservlet container.

JSP translator

A JSP translator is an entity that translates, executes, and processes JSP pages and delivers requests to them. The exact architecture of a JSP translator varies from implementation to implementation, but it consists of a servlet or a collection of servlets. The JSP translator, therefore, is executed by aservlet container.

JSP engine

JSP tag

Tags that are used in JavaServer Pages (JSP). These tags use the<jsp: syntax and enclose action elements in the JSP with "begin" and "end" tags similar toXML statements.


Java Transaction Service. It provides the services necessary for applications and databases to become part of a transaction. JTS is the Java version ofOTS.

just-in-time compilation


Java Virtual Machine. A virtual machine is an abstract specification for a computing device that can be implemented in different ways, in software or hardware. You compile to the instruction set of a virtual machine much like you would compile to the instruction set of a microprocessor.

The Java Virtual Machine is part of the Java runtime environment responsible for interpreting Java bytecode. It consists of a bytecode instruction set, a set of registers, a stack, a garbage-collected heap, and an area for storing methods. Java bytecode is executable by any JVM running on any machine.

key pair

A pair of mathematically related keys (apublic key and aprivate key) associated with a user and used in public-key encryption.

language identifier

A two-character alphanumeric string that identifies a human language, as defined byRFC 1766.


Lightweight Directory Access Protocol. A protocol that allows clients to access information from a directory server. This protocol enables corporate directory

See: JSP translator

See: JIT compilation

light weight directory access protocol


Listeners are HTTP servers; they handle incoming requests and route them to the dispatcher.

Login Module

The authentication modules configured for a particular application. The LoginContext class decouples the application code from the authentication services, and different login modules can be plugged in under an application without affecting the application code.

Login Server

Authenticates the username and password of a client user attempting to access an application. Once authenticated, the Login Server passes the client’s identity to various applications. An encrypted login cookie identifies the client as being authenticated. The Login Server provides sign-on (SSO) authentication. This enables a user to access multiple accounts and applications with a single username and password.

manifest file

A text file that describes the contents of a JAR file. For EJB JAR files, the manifest file identifies it as an “ejb-jar” file. The manifest file also indicates which elements in the JAR file are the EJB deployment descriptors for the components to be deployed.


The smallest unit of information inserted into and retrieved from a queue. A message consists of the following:

Control information (metadata)

Payload (data)

The control information represents message properties used by the queue to manage messages. The payload data is the information stored in the queue. A message can reside in only one queue.

message-driven beans

Message-driven beans (MDB) provide an easier method to implement asychronous communication than using straight JMS. MDBs were created to receive


asynchronous JMS messages. The container handles much of the setup required for JMS queues and topics. It sends all messages to the interested MDB.


A performance statistic, such as uptime or queue.

MIME type

Multipurpose Internet Mail Extension type. A message format used on the Internet to describe the contents of a message and defined by the MIME standard. MIME is used by HTTP servers to describe the type of content being delivered. SeveralRFCs define MIME.



A module, or plug-in, of Oracle HTTP Server that provides access control based on client host name or IP address.

mod_osso module

Provides communication between the SSO-enabled Login Server and the Oracle HTTP Server listener.



A single listener that can respond to requests directed at more than one

address/port combination. A multiport can be configured to respond to requests differently if they are made to a different address/port combination on the same listener.

Multipurpose Internet Mail Extensions See Also:

See: Apache Module

See: Apache Module



In the scope of performance monitoring tools, a noun is a component of an Oracle9i Application Server site. Examples of a noun are component, object, class, bean, process, piece of code, computer, process, etc.

national language support (NLS)

The set of mechanisms used to translate data between various languages and character sets.

Object Management Group

object-oriented programming

A method of programming that organizes a program around its data (objects) and a set of well-defined interfaces to that data. It is a revolutionary new way of looking at computer programming. A generalization of data object along with its possible data variables and methods (what to do with variables) in a class of data objects.

object reference

A unique identifier that is used to represent an object instance in a distributed system.

Object Transaction Service (OTS)



Oracle Call Interface. An API or low-level tool to access Oracle databases and execute SQL and PL/SQL statements.

See: host

See: OMG

See Also: IOR

See: OTS

See: Oracle9iAS Containers for J2EE (OC4J)


Generally, any item that can be individually selected or manipulated. This includes buttons and pull-down menus. In object-oriented programming, an object is a self-contained entity that consists of both data and procedures to manipulate the data.


Object Management Group. A consortium with a membership of more than 700 companies. The organization’s goal is to provide a common framework for developing applications using object-oriented programming techniques. OMG is responsible for the CORBA specification.

Nel documento Oracle9 Application Server (pagine 186-192)