Release 2 (9.0.2)
Part Number A95926-02
 Home |
 Solution Area |
 Contents |
 Index |
| Oracle9i Application Server Concepts Release 2 (9.0.2) Part Number A95926-02 |
|
A2A integration (also known as enterprise application integration) is the integration of applications and business processes within the same company (also known as an enterprise).
A method for organizing authorization information. The access control list model is resource-centered or object-centered. This means that authorization information is associated with objects.
A transaction has ACID characteristics (Atomic, Consistent results, Isolated, and Durable), if it demonstrates the following:
Access Control List. A list of groups and users authorized for specific access to an object. Or a list of entities, together with their access rights, which are authorized to have access to a specified resource.
A public domain HTTP server derived from the National Center for Supercomputing Applications (NCSA).
An add-on to either Oracle HTTP Server or Apache. Modules extend the basic functionality of the Web server and support integration between the Oracle HTTP Server and other Oracle9i Application Server components.
Application Program Interface. A set of exposed data structures and functions that an application can use to invoke services on a component.
A Java program that runs from an applet viewer or a Web page.
The ability to link different types of enterprise applications and business processes together so that they can smoothly and effectively communicate to conduct e-business. These applications can reside within a company's enterprise boundaries or across multiple company boundaries connected over the Internet.
Authentication ensures that access to static pages, CGI scripts, and applications is limited to authorized users. When access to an application or document is protected by an authentication scheme, the client sends identification information to the server, which checks if the client is authorized to access the object.
The evaluation of security constraints to send a message or make a request. Authorization uses specific criteria to determine whether the request should be permitted. The criteria are authentication and restriction.
The portion of the authentication server that responds to and evaluates authorization requests.
An object that specifies all of the realms used to implement a particular security scheme. An authentication provider is a code module that runs within the authentication server and implements a particular security scheme.
An object that encapsulates the authentication performed against applications. An authentication server consists of one authentication broker object and several authentication provider objects.
A method for re-deploying applications, servlets, or JSPs after changes have been made to the application code that does not require updating the server configuration files or restarting the application server. With automatic deployment, the application server detects the changes in code and automatically re-deploys the applications.
|
See Also:
hot deployment for comparison |
The percentage or amount of scheduled time that a computing system provides application service.
B2B integration is the integration of a company's applications and business processes with external business systems operated by customers, suppliers, trading partners, exchanges, and marketplaces. B2B extends A2A integration to the Internet.
A username/password-based authentication scheme that does not encrypt passwords when sending them over the Internet.
A Java bean that stores all state information within itself.
A client that can access static pages, CGI scripts, and applications via a URL over HTTP, HTTPS, or IIOP.
Information describing your business, data, and Web site traffic.
Certifying Authority. A trusted third party that vouches for the identity of an individual, company, or server and signs a certificate.
The act of storing information that is frequently accessed in a location where it can be accessed quickly. For example, Oracle9iAS Web Cache stores dynamically generated Web pages locally and serves them to incoming requests. This reduces the total time spent handling the request by avoiding costly connections to the back-end database and other Web site bottlenecks.
A method for organizing authorization information. The capability model is principal-centered or subject-centered. This means that authorization information is associated with subjects. The Java 2 Security Model is an example of a capability-based system.
A specially formatted data item signed by a trusted third party to attest to the validity of the item's information. Public-key certificates use a CA's signature to attest that the enclosed public key belongs to the principal identified by the enclosed name.
An authentication method in which clients identify themselves using X.509 v3 certificates.
Common Gateway Interface. The industry-standard technique for transferring information between a Web server and any program designed to accept and return data that conforms to the CGI specifications.
A set of characters used to write one or more human languages, as defined by RFC 1521.
A virtual trail that a user leaves behind while moving from place to place on the Internet. A clickstream is a record of a user's activity on the Internet, including every Web site and every page of every Web site that the user visits, how long the user was on a page or site, in what order the pages were visited, any newsgroups that the user participates in and even the e-mail addresses of mail that the user sends and receives.
A user, software application (such as a browser), or computer that requests the services, data, or processing of another application or computer (the server).
A cluster is a collection of application server instances with identical configuration and application deployment. Clusters enforce homogeneity between member instances so that a cluster of application server instances can appear and function as a single instance. With appropriate front-end load balancing, any instances in an application server cluster can serve client requests. This simplifies configuration and deployment across multiple instances and enables fault tolerance among clustered instances.
Collecting Oracle9iAS instances into clusters for load balancing and fault tolerance. With clustering, the collection of application server instances are treated as a pool to service incoming requests. If one instance does not respond, then the request is forwarded to another instance in the cluster. The load balancer also maintains session context, so that when a client reconnects, its request is sent to the application server instance that was previously serving it.
The set of parameters, including a protocol, that is used to connect to a specific database instance on the network. Other names for a connect string include: SQL*Net V2 service name and Net8 connect string.
A component that contains other components, such as a servlet. A container executes and manages a servlet. A container is either part of or associated with and used by a Web server. When a client HTTP request calls a servlet, the Web server passes the HTTP request to the container. The container translates the HTTP request into a Java method invocation and then passes the request to the servlet.
A Java bean that stores all state information in the container.
A text string that is stored onto the client browser by the server to maintain state between HTTP calls. Cookies enable applications to store and retrieve information about a client, such as the domain, path, lifetime, and other variables. Cookies can either expire when the user exits the browser or at a date specified by the creator of the cookie.
Common Object Request Broker Architecture. An industry standard for allowing code modules called "objects" to communicate with one another regardless of the programming language in which they are written or the operating system on which they are running.
This is a generic term for a server-side program that conforms to the OMG's CORBA specification. Objects can be written in any language, deployed on any machine, and can exist locally or over a wide-area network.
Certificate Revocation List. A list of certificates that have been revoked before their scheduled expiration date. CRLs only list revoked certificates. When a revoked certificate is past its original expiration date, it is removed from the CRL.
The original and primary database for storing your data. The customer database is commonly located on the database server tier in a three-tier architecture.
The methodologies, software, and usually Internet capabilities that help an enterprise manage customer relationships in an organized way.
Database Access Descriptor. A set of values that specify how an application connects to an Oracle database to fulfill an HTTP request. The information in the DAD includes the username (which also specifies the schema and the privileges), password, connect-string, error log file, standard error message, and NLS parameters such as NLS language, NLS date format, NLS date language, and NLS currency.
The database access descriptor that a PL/SQL application uses when the configuration information in the application does not specify a DAD.
The MIME type the HTTP listener uses to interpret requested files of an unsupported MIME type.
A J2EE application and each of its modules has its own deployment descriptor (DD). A DD is an XML text-based file with an .xml extension that describes the deployment settings for a component. For example, an enterprise bean module DD declares transaction attributes and security authorizations for an enterprise bean. DD information is declarative so it can be changed without modifying the bean source code. At runtime, the J2EE server reads the DD and acts on the component accordingly.
An authentication scheme that does not send passwords over the Internet. Digest authentication is safer than basic authentication, but is not supported by most browsers.
A digital code attached to an electronic document that reliably identifies the author or sender, and verifies that the document has not been tampered with.
Defines a hierarchical view of an organization's employees, units, and other resources.You can protect applications using directory servers by limiting access to the virtual paths of the applications to particular branches in the directory server.
The unique name of an LDAP-based directory entry. A distinguished name comprises all of the individual names of the parent entries back to the root.
Demilitarized Zone. The area between outer and inner firewalls. It is normally used to protect the internal application servers from being attacked by those attempting to gain unauthorized access to a network or intranet.
A restriction scheme that allows or denies access to files based on the client machine's domain name.
Document Type Definition. A set of rules that define the allowable structure of an XML document. DTDs are text files that derive their format from SGML and are either embedded within an XML document or referenced by an XML document..
Distributed Transaction Processing. The protocol that guarantees a two-phase commit when multiple databases are involved in a transaction.
The mechanism that divides the Internet into separate, hierarchical groups called domains, identified by unique alphanumeric names, such as us.oracle.com. DNS identifies each computer within a domain by a unique hostname. For example, a computer named hal in the us.oracle.com domain would be uniquely identified on the Internet as hal.us.oracle.com.
An archive of executable functions or data that can be used by a Microsoft Windows application. Typically, a DLL provides one or more particular functions and a program accesses the functions by creating either a static or dynamic link to the DLL. A DLL can be used by several applications at the same time.
The conduct of business over the Internet, such as buying and selling products, servicing customers, and collaborating with business partners.
A J2EE application with all of its modules is delivered in an Enterprise Archive (EAR) file. An EAR file is a standard JAR file with an .ear extension. An EAR file contains the JAR and WAR files that comprise a J2EE application.
Enterprise Information Systems. Systems that provide the information infrastructure for an enterprise. Enterprises run their businesses using the information stored in these systems. Examples of enterprise information systems include enterprise resource planning systems, mainframe transaction processing systems, relational database management systems, and other legacy information systems. Enterprise applications require access to applications running on enterprise information systems.
Enterprise JavaBeans. The component-based application model for Java defined by JavaSoft. It provides most of the system level services such as multi-threading to ease application programming. EJB relies on various standardized enterprise services, such as JNDI, JTS, JDBC, etc. to facilitate application programming and enable EJB objects to be interoperable across various EJB servers. It fulfills the write once, run anywhere paradigm.
A framework of deploying CORBA objects written in Java, which adhere to the EJB specification.
The component coordinator in an EJB application and one of the key EJB runtime components.
A serialized object that provides information, such as transaction and security policies, about how an EJB application or object should be deployed.
The mechanism that binds code together with the data that it manipulates. Encapsulation provides a wrapper that keeps both the code and the data safe from outside intervention.
An algorithm used to alter a file's format, such as compression.
The practice of encoding (encrypting) data in such a way that only an intended recipient can decode (decrypt) and read the data.
Enterprise beans are server-side components that encapsulate the business logic of an application, which is the code that fulfills the purpose of the application.
The set of activities supported by multi-module application software that helps a manufacturer or other business manage important parts of their business, including product planning, parts purchasing, inventory management, supplier interaction, customer service, and order tracking.
An entity bean is a complex business entity. An entity bean models a business entity or models multiple actions within a business process. Entity beans are often used to facilitate business services that involve data and computations on that data. For example, an application developer might implement an entity bean to retrieve and perform computation on items within a purchase order. Your entity bean can manage multiple, dependent, persistent objects in performing its necessary tasks.
The ability to reconfigure a computing system to utilize an alternate active component when a similar component fails.
A system of failure detection and recovery. Components monitor each other continuously. When a component fails, Oracle9i Application Server detects the failure and restarts the failed component, restoring any preserved state information when possible.
A collection of clusters and instances that share the same Oracle9iAS Infrastructure.
The ability of a computing system to withstand faults and errors while continuing to provide the required services.
The practice of assigning an authentication or restriction scheme by controlling access to a specific file or group of files.
A short alphanumeric suffix attached to a filename following a dot "." that represents the file's format. Oracle9i Application Server uses filename extensions to identify several kinds of file formats, including MIME types and encodings.
A machine that acts as an intermediary to protect a set of computers or networks from outside attack. It regulates access to computers on a local area network from outside, and regulates access to outside computers from within the local area network. A firewall can work either by acting as a proxy server that forwards requests so that the requests behave as though they were issued by the firewall machine, or by examining requests and attempting to eliminate suspect calls.
Sometimes referred to as UI (user interface), GUI is the graphical, as opposed to purely textual, user interface to a computer. Elements of the GUI include pull-down menus, buttons, icons, windows, and graphics.
A computer with a unique domain name.
Applications typically developed by independent software vendors and administered by application service providers. These applications are accessed on an external Web site that enables multiple companies to utilize the applications.
Services offered by application service providers for multiple subscribers.
An application deployment environment in which multiple customers and companies subscribe to shared services.
A character string that uniquely identifies a computer within a DNS domain.
A method for deploying new applications that does not require restarting the application server. With hot deployment, changes made to the server configuration files are automatically detected, and you can deploy new applications without restarting the server.
|
See:
automatic deployment for comparison |
The underlying format, or protocol, used by the Web to format and transmit messages and determine what actions Web servers and browsers should take in response to various commands. HTTP is the protocol used between Oracle9i Application Server and clients.
A server which receives HTTP requests from remote browsers, converts the requested URL to a filename, and returns the file to the requester.
A body of information that a browser sends along with a URL when requesting a Web page. It includes such information as the browser type and MIME types.
Information requested by a client in the form of an HTTP header.
Information supplied by an HTTP listener or an application.
A version of HTTP with provisions for secure data transmission.
A format for encoding hypertext documents that may contain text, graphics, and references to programs and other hypertext documents.
Identity-Based Access Control. The use of digital IDs to control access to a resource.
An application server instance is the set of processes required to run the configured components within an application server installation. There can be only one application server instance per application server installation. The terms installation and instance are sometimes used interchangeably, however, it is important to remember that an installation is the set of files installed into an Oracle home and an instance is a set of processes associated with those files.
A visual tool containing editors, debuggers, screen painters, object browsers etc.
Interface Definition Language. A standard language for interface specification primarily used for CORBA object interface definition. IDL is declarative and does not reveal the implementation of a CORBA object. CORBA defines standard mappings from IDL to various programming languages.
Internet Inter-ORB Protocol. An Internet transport protocol used by CORBA objects to communicate with each other. In the context of Oracle9i Application Server, IIOP is used by ECO/Java and EJB objects. IIOP is also used between Oracle9i Application Server components.
The process by which one class acquires the methods and properties of another in object-oriented programming methodology
An application server instance is the set of processes required to run the configured components within an application server installation. There can be only one application server instance per application server installation. The terms installation and instance are sometimes used interchangeably, however, it is important to remember that an installation is the set of files installed into an Oracle home and an instance is a set of processes associated with those files.
Microsoft's Web server that runs on Windows NT/2000 platforms.
Interoperable Object Reference. This is a unique string for each CORBA object and is created when an object reference is passed among different ORBs. You can pass this string to a method to determine the actual object reference.
A four-part number separated by periods that uniquely identifies a computer on the Internet; the number format is defined by the Internet Protocol (IP).
A restriction scheme that allows or denies access to files based on the client machine's IP address.
Java 2 Platform, Enterprise Edition. This platform enables application developers to develop, deploy, and manage multi-tier, server-centric, enterprise level applications.
The runtime portion of a J2EE product, which provides EJB containers, Web containers, or both. J2EE servers are usually located in the middle tier of a three-tier architecture.
Java 2 Platform, Standard Edition. This platform enables application developers to develop, deploy, and manage Java applets and applications on a desktop client platform such as a personal computer or workstation.
Java Authentication and Authorization Service. A Java package that enables services to authenticate and enforce access control upon users. JAAS implements a Java version of the standard Pluggable Authentication Module (PAM) framework, and extends the access control architecture of the Java 2 Security Model to support user-based authorization.
There are different types of Java Archive (JAR) files. An EJB JAR file contains its deployment descriptors (DD), related files, and the .class files for the enterprise bean. An application client JAR file contains its DD, related files, and the .class files for the application client. JAR files are packaged together with WAR files into EAR files.
A language developed by Sun Microsystems. This language is fully object-oriented, extremely portable, and optimized for creating distributed applications on the Internet or other computer networks.
A portable platform-independent component model that enables developers to write reusable components once and run them anywhere.
A program that interprets and executes Java bytecode independently of a Web browser.
Provides developers and administrators with increased control over many aspects of enterprise applet, component, servlet, and application security. The Java 2 Security Model is capability-based and enables you to establish protection domains, and set security policies for these domains.
Permissions are the basis of the Java 2 Security Model. All Java classes (whether run locally or downloaded remotely) are subject to a configured security policy that defines the set of permissions available for those classes. Each permission represents a specific access to a particular resource.
A tool for generating API documentation in HTML format from documentation comments in Java source code. These HTML pages describe the classes, inner classes, interfaces, constructors, methods, and fields.
Java DataBase Connectivity. A Java package that provides connectivity to databases from within Java.
Just-in-time compilation is the process by which the Java Virtual Machine keeps a copy of native code that it generates from bytecode the first time a method is encountered. Subsequently, when the method is run, the JIT uses the native code without having to interpret the method, resulting in a boost in performance.
Java Naming and Directory Interface. JNDI consists of a standard set of APIs that provide directory and naming services. Oracle9i Application Server has a JNDI naming server which clients can use to obtain object references to ECO/Java objects or Enterprise JavaBean objects.
An open source servlet engine that can communicate with Oracle HTTP Server by configuring it to accept a servlet request from mod_jserv, which is an Oracle HTTP Server plug-in.
JavaServer Page. An extension to the servlet functionality that enables a simple programmatic interface to Web pages. JSPs are HTML pages with special tags and embedded Java code that is executed on the Web or application server providing dynamic functionality to HTML pages. JSPs are actually compiled into servlets when first requested and run in the servlet container.
A JSP translator is an entity that translates, executes, and processes JSP pages and delivers requests to them. The exact architecture of a JSP translator varies from implementation to implementation, but it consists of a servlet or a collection of servlets. The JSP translator, therefore, is executed by a servlet container.
Tags that are used in JavaServer Pages (JSP). These tags use the <jsp: syntax and enclose action elements in the JSP with "begin" and "end" tags similar to XML statements.
Java Transaction Service. It provides the services necessary for applications and databases to become part of a transaction. JTS is the Java version of OTS.
Java Virtual Machine. A virtual machine is an abstract specification for a computing device that can be implemented in different ways, in software or hardware. You compile to the instruction set of a virtual machine much like you would compile to the instruction set of a microprocessor.
The Java Virtual Machine is part of the Java runtime environment responsible for interpreting Java bytecode. It consists of a bytecode instruction set, a set of registers, a stack, a garbage-collected heap, and an area for storing methods. Java bytecode is executable by any JVM running on any machine.
A pair of mathematically related keys (a public key and a private key) associated with a user and used in public-key encryption.
A two-character alphanumeric string that identifies a human language, as defined by RFC 1766.
Lightweight Directory Access Protocol. A protocol that allows clients to access information from a directory server. This protocol enables corporate directory entries to be arranged in a hierarchical structure that reflects geographic and organizational boundaries.
Listeners are HTTP servers; they handle incoming requests and route them to the dispatcher.
The authentication modules configured for a particular application. The LoginContext class decouples the application code from the authentication services, and different login modules can be plugged in under an application without affecting the application code.
Authenticates the username and password of a client user attempting to access an application. Once authenticated, the Login Server passes the client's identity to various applications. An encrypted login cookie identifies the client as being authenticated. The Login Server provides sign-on (SSO) authentication. This enables a user to access multiple accounts and applications with a single username and password.
A text file that describes the contents of a JAR file. For EJB JAR files, the manifest file identifies it as an "ejb-jar" file. The manifest file also indicates which elements in the JAR file are the EJB deployment descriptors for the components to be deployed.
The smallest unit of information inserted into and retrieved from a queue. A message consists of the following:
The control information represents message properties used by the queue to manage messages. The payload data is the information stored in the queue. A message can reside in only one queue.
Message-driven beans (MDB) provide an easier method to implement asychronous communication than using straight JMS. MDBs were created to receive asynchronous JMS messages. The container handles much of the setup required for JMS queues and topics. It sends all messages to the interested MDB.
A performance statistic, such as uptime or queue.
Multipurpose Internet Mail Extension type. A message format used on the Internet to describe the contents of a message and defined by the MIME standard. MIME is used by HTTP servers to describe the type of content being delivered. Several RFCs define MIME.
A module, or plug-in, of Oracle HTTP Server that provides access control based on client host name or IP address.
Provides communication between the SSO-enabled Login Server and the Oracle HTTP Server listener.
A single listener that can respond to requests directed at more than one address/port combination. A multiport can be configured to respond to requests differently if they are made to a different address/port combination on the same listener.
In the scope of performance monitoring tools, a noun is a component of an Oracle9i Application Server site. Examples of a noun are component, object, class, bean, process, piece of code, computer, process, etc.
The set of mechanisms used to translate data between various languages and character sets.
A method of programming that organizes a program around its data (objects) and a set of well-defined interfaces to that data. It is a revolutionary new way of looking at computer programming. A generalization of data object along with its possible data variables and methods (what to do with variables) in a class of data objects.
A unique identifier that is used to represent an object instance in a distributed system.
Oracle Call Interface. An API or low-level tool to access Oracle databases and execute SQL and PL/SQL statements.
Generally, any item that can be individually selected or manipulated. This includes buttons and pull-down menus. In object-oriented programming, an object is a self-contained entity that consists of both data and procedures to manipulate the data.
Object Management Group. A consortium with a membership of more than 700 companies. The organization's goal is to provide a common framework for developing applications using object-oriented programming techniques. OMG is responsible for the CORBA specification.
An environment variable (UNIX) or registry key (Windows) that indicates the directory where Oracle software is installed.
A server deployment platform consisting of Oracle9i Application Server, Oracle9i Database Server, and Oracle9i Developer Suite.
A complete set of J2EE containers written entirely in Java that execute on the Java Virtual Machine (JVM) of the standard Java Development Kit (JDK).
Oracle9iAS Discoverer is a business intelligence tool for analyzing data. Using Oracle9iAS Discoverer's award-winning user interface, users can access and analyze database data. There are two Oracle9iAS Discoverer products:
Oracle9iAS Forms Services deploys Forms applications with database access to Java clients in a Web environment. Oracle9iAS Forms Services automatically optimizes class downloads, network traffic, and interactions with Oracle database. Applications are automatically load-balanced across multiple servers and, therefore, can easily scale to service any number of requests.
A single, consistent combination of the Oracle9iAS Metadata Repository, a directory server, management server, and single signon server. Most Oracle9iAS components use the infrastructure to provide a more integrated environment for application developers and system managers.
The integration hub that coordinates the communication and transformation of messages between two or more heterogeneous applications. Oracle9iAS InterConnect defines business events, their associated data, and any transformations required to map one application's view of a business object to another's view.
Provides a set of connectivity adapters that enable third-party applications and technology environments to participate in integration.
A pre-seeded database containing metadata required by Oracle9i Application Server instances.
Oracle9iAS Portal is a complete solution for building, deploying and monitoring Web database applications and content-driven Web sites. Oracle9iAS Portal enables you to create and view database objects through an easy-to-use HTML-based interface, and provides tools for creating HTML-based interfaces. It also allows you to resolve performance problems using performance tracking facilities, and enables you to manage database security through its interface.
Oracle9iAS Reports Services provides an easy-to-use, scalable, and manageable solution for high-quality database publishing and reporting by creating dynamic reports for the Web and across the enterprise. It enables you to implement a multi-tiered architecture for running your reports.
Oracle9iAS Unified Messaging provides access to all message types using any access method. This means that e-mail, fax, voice mail, and any other mail type are available to users through the access channel and device of their choice.
Oracle9iAS Web Cache is a server accelerator caching service that improves the performance, scalability, and availability of frequently used e-business Web sites that run on the Oracle9i platform. By storing frequently accessed URLs in virtual memory, Oracle9iAS Web Cache eliminates the need to repeatedly process requests for those URLs on the Web server, and it caches both static and dynamically-generated HTTP content from one or more applications Web servers.
Oracle9iAS Wireless is a portal service for delivering information and applications to mobile devices. Using Oracle9iAS Wireless, you can create custom portal sites that use different kinds of content, including Web pages, custom Java applications, and XML-based applications. Oracle9iAS Wireless sites make this diverse information accessible to mobile devices without you having to rewrite the content for each target device platform.
Provides database-resident messaging capabilities that enable reliable, asynchronous communication between applications. Oracle9iAS integration uses Oracle Advanced Queuing as the communication mechanism between adapters, participating applications, and Oracle Workflow.
Oracle Advanced Security provides a comprehensive suite of security features to protect enterprise networks and securely extend corporate networks to the Internet. It provides a single source of integration with network encryption and authentication solutions, single signon services, and security protocols. By integrating industry standards, it delivers unparalleled security to the Oracle network and beyond.
Oracle Business Components for Java is a 100% Java-compatible, XML-powered framework that enables productive development, portable deployment, and flexible customizations of multi-tier database applications from business components.
The Oracle Database Client Developer Kit contains the following client libraries:
Oracle Enterprise Manager Client provides an integrated solution for centrally managing your Oracle environment. Combining a graphical console, Oracle Intelligent Agents, common services, and administrative tools, Oracle Enterprise Manager Client provides a comprehensive systems management platform for managing Oracle9i Application Server. To use this client, you must have a previously installed Oracle Management Server on your network.
Oracle9i Application Server uses the Oracle HTTP Server, which is built on Apache Web server technology. Oracle HTTP Server offers scalability, stability, speed, and extensibility. It also supports Java Servlets, JavaServer Pages, Perl, PL/SQL, and CGI applications.
A general purpose directory service that enables retrieval of information about dispersed users and network resources. Oracle Internet Directory combines LDAP version 3 with the high performance, scalability, robustness, and availability of the Oracle database.
Oracle Internet Directory runs as an application in the Oracle database. It communicates with the database, which may be on the same or a different operating system.
A file system that stores its contents in an Oracle database. The contents can range from files to metadata that defines the file system (including foldering, security, and users). Oracle Internet File System indexes textual content in files as they are added or updated. This enables you to search the contents of more than 150 file formats.
LDAP (Lightweight Directory Access Protocol) is the emerging Internet standard for directory services. Oracle LDAP Developer Kit supports client interaction with any LDAP-compliant directory server, for example, Oracle Internet Directory. The toolkit provides tools and development libraries to support client calls to directory services, encrypted connections, and enables you to manage your directory data.
Oracle Management Server provides distributed control between the database and Oracle9i Application Server in the network. As a central engine for notifications, it processes all system management tasks and administers the distribution of these tasks across the enterprise. Ensure that you do not have multiple Oracle Management Servers installed on a single machine.
A Java-based application that security administrators use to manage public-key security credentials on clients and server. Security credentials consist of a public/private key pair, a certificate, and a trustpoint.
Lets you automate and continuously improve business processes, routing information of any type according to easily-changeable business rules to users both inside and outside a company's enterprise.
The Oracle XML Developer Kit (XDK) contains the necessary XML components libraries and utilities to give developers the ability to easily XML-enable applications and Web sites. Oracle XDK supports development in Java, C, C++, and PL/SQL with a collection of libraries, command-line utilities, and tools.
In programming, the ability to use the same name for more than one variable or procedure, requiring the compiler to differentiate them based on context. Overloaded procedures and functions (in PL/SQL) or methods (in Java) have the same name but take different parameters and do similar but not identical things.
Object Request Broker. In CORBA, an ORB acts as a "broker" between a client request for a service from a distributed object or component and completion of that request. Having ORB support in a network means that a client program can request a service without having to understand where the server is in the distributed network or what language the server object is written in.
Object Transaction Service. It provides the services necessary for applications and databases to become part of a transaction.
A group of PL/SQL or Java functions and procedures.
Oracle's proprietary extension to the SQL language. PL/SQL adds procedural and other constructs to SQL that make it suitable for writing applications.
An authorization rules repository for JAAS. A policy contains the rules with which a user is authorized to use resources, such as a database. The primary function of a policy implementation is to answer the question:
Given a grantee, return the granted permissions for the grantee.
Grants permissions to the trusted codes or applications that you run. These codes or applications are not allowed to access resources unless they are explicitly granted permission to do so by the security policy in effect. In Java environments, the permission must be granted by an entry in a policy file.
A store that provides secure, centralized storage, retrieval, and administration of JAAS policies (the roles and privileges of a user). Oracle Internet Directory (OID) is the policy store used for storing this information.
In Object-Oriented Programming, polymorphism (from the greek meaning "heaving multiple forms ") is the characteristic of being able to assign a different meaning to a particular symbol or "operator" in different contexts.
A number that TCP uses to route transmitted data to and from a particular program.
Portal sites give users a single, centralized, personalized view of relevant applications and data.
A re-usable information component that summarizes or provides access to an information source. Portlets are the fundament building blocks of an Oracle9iAS Portal page.
A principal is a specific authenticated identity, such as a user named frank. A principal is essentially an identity associated with a subject. A principal can be associated with a subject (such as a user) upon successful authentication to a computing service.
A key used by a limited number of communicating parties to decrypt data encrypted with a public key.
Introduced in Solaris 2.6, processor sets allow a group of processors to be allocated for the exclusive use of one or more applications. This gives a system administrator control over the creation, management, and binding of processes into processor sets.
A fundamental building block of system security. The protection domain concept serves as a convenient mechanism for grouping and isolation between units of protection. For example, it is possible to separate protection domains from interacting with each other so that any permitted interaction must be either through trusted system code or explicitly allowed by the domains concerned.
A proxy server typically sits on a network firewall and allows clients behind the firewall to access Web resources. All requests from clients go to the proxy server rather than directly to the destination server. The proxy server forwards the request to the destination server and passes the received information back to the client. The proxy server channels all Web traffic at a site through a single, secure port; this allows an organization to create a secure firewall by preventing Internet access to internal machines, while allowing Web access.
The right to perform an action on the database. These can either be general (system privileges) or specific to particular database objects (object privileges). They can also be grouped into roles.
A key known to all users, used to encrypt data in such a way that only a specific user can decrypt it.
A set of well-established techniques and standards that ensure that data passes securely over a network, from the sender to the receiver, without any interference from a third party. Public-key cryptography facilitates encryption and decryption, tamper detection, authentication, and nonrepudiation.
A form of encryption that uses a key pair (a public key and a private key) to encrypt and decrypt data.
The optional portion of a URL that specifies parameters to be passed to an application.
RSA encryption algorithms.
Provides access to a policy store of users and roles (groups) and optionally provides administrative functionality. Oracle provides a proprietary Realm API that implements the notion of a user community. Essentially a user community instance is a realm that is maintained internally by the authorization system.
Duplicate or extra computing components that protect a computing system.
The ability of a computing system to operate without failing. Reliability is measured by mean-time-between-failures (MTBF).
The time required to process a request.
The number of requests processed per unit of time.
A security scheme that restricts access to files provided by the server to client machines within certain groups of IP addresses or DNS domains.
A utility that converts a CORBA server object's interfaces to IDL (for example, Java to IDL). These IDL interfaces can then be converted to CORBA stub and skeleton code by a IDL compiler (e.g. IDL-to-Java) for use by clients.
Request for Comments. A collection of Internet-related articles.
Remote Method Invocation. An interaction scheme for distributed objects written in Java. It enables a Java program running on one computer to access the methods of another Java program running on another computer.
A group of database privileges that can be granted and revoked as a unit. Specific privileges can be granted and revoked from the role dynamically, and the role can be enabled or disabled dynamically for specific users.
A user is granted multiple roles, but not all roles are enabled by default. The user can selectively enable the required roles to accomplish a specific task in a user session, thus ensuring the principle of least privilege. That is, the user is not enabling permissions or privileges unnecessary for the task. This limits the damage that can result from an accident or error.
A process that simplifies the administrative process of authorization management based on direct assignment of permissions to users. Instead of directly assigning permissions to users, permissions are assigned to roles, and users are granted their permissions by being made members of appropriate roles. Multiple roles can be granted to a user, and a role can also be granted other roles, thus forming a role hierarchy that provides security administrators with a tool to model enterprise security policies.
The process of directing data from one machine on the Internet to another by way of intermediate machines.
An Oracle partner supplying encryption algorithms for the HTTP server and Web Request Broker.
The ability to handle increasing numbers of hardware requests without adversely affecting latency and throughput.
A collection of database objects, including logical structures such as tables, views, sequences, stored procedures, synonyms, indexes, clusters, and database links.
A schema has the name of the user who controls it.
It prevents unauthorized users from accessing protected files or applications. The Oracle9i platform supports both authentication schemes and restriction schemes.
The Oracle9i platform supports the following types of authentication:
The following restriction schemes are supported:
An interface that a Java class implements to enable itself to be persistent through the Java Serialization service. This service allows a bean's state to be stored and retrieved.
There are two types of servers relevant to this product. The first is Oracle9i Database Server, which is a relational database server dedicated to performing data management duties on behalf of clients using any number of possible interfaces. The other is Oracle9i Application Server which is a collection of middleware services and tools that provide a scalable, robust, secure, and extensible platform for distributed, object-oriented applications. Oracle9i Application Server supports access to applications from both Web clients (browsers) using HTTP and Common Object Request Broker Architecture (CORBA) clients, which use the CORBA and the Internet Inter-ORB (IIOP) protocols.
A small Java program that runs on a Web server, as opposed to an applet, which is a Java program that runs in a client browser. Servlets take client HTTP requests from a browser, generate dynamic content (such as through querying a database), and provide an HTTP response back to the browser.
The runtime environment for a Java Servlet. The servlet container calls the methods of a servlet and provides services to the servlet while it is executing.
Servlet zones are analogous to virtual directories in a Web server. Each zone can have its own set of servlets and can use a dedicated Java virtual machine (JVM). All of the servlets in one servlet zone share the same servlet repository, which is a location where Java class files are loaded.
A session bean implements one or more business tasks. A session bean might contain methods that query and update data in a relational table. Session beans are often used to implement services. For example, an application developer might implement one or several session beans that retrieve and update inventory data in a database.
A secret key used by SSL to encrypt data transmitted over a secure connection. The client generates the session key after Oracle9i Application Server authenticates itself and sends it to Oracle9i Application Server using public-key encryption.
This is a very simple process on every host that detects if an Oracle HTTP Server listener process on that host is alive. If the listener process dies, then the shadow process brings a new instance up to handle requests.
A form of encryption that uses a single key both to encrypt and to decrypt a document. Shared secret-key encryption is much faster than public-key encryption, but is more vulnerable to attack.
In CORBA, skeletons are classes that are generated as part of the IDL compilation process. They receive calls from client stubs, unmarshal parameters, and call the method implementation.
Simple Network Management Protocol. A set of protocols for managing complex networks. The versions of SNMP were developed in the early 1980s. SNMP works by sending messages, called protocol data units (PDUs), to different parts of a network. SNMP-compliant devices, called agents, store data about themselves in Management Information Bases (MIBs) and return this data to the SNMP requesters.
Simple Object Access Protocol. A lightweight, XML-based protocol for exchanging information in a decentralized, distributed environment. SOAP supports different styles of information exchange, including: Remote Procedure Call style (RPC) and Message-oriented exchange. RPC style information exchange allows for request-response processing, where an endpoint receives a procedure oriented message and replies with a correlated response message. Message-oriented information exchange supports organizations and applications that need to exchange business or other types of documents where a message is sent but the sender may not expect or wait for an immediate response.
Secure Sockets Layer. A standard for the secure transmission of documents over the Internet using HTTPS (secure HTTP). SSL uses digital signatures to ensure that transmitted data is not tampered with.
Single Signon. The ability for a user to authenticate once, combined with strong authentication occurring transparently in subsequent connections to other databases or applications. SSO lets a user access multiple accounts and applications with a single password.
An application that maintains its own state information.
In a stateful session bean, instance variables represent the state of a unique client-bean session. Because the client interacts with its bean, this state is often called the conversational state. This conversation state is retained for the duration of the client-bean session. If the client removes the bean or terminates, the session ends and the state disappears.
An application that does not store state information. Requests to a stateless application must include all information that the application needs to run properly.
A stateless session bean does not maintain a conversational state for a particular client. When a client invokes the method of a stateless bean, the bean instance variables may contain a state, but only for the duration of the invocation. When the method is finished, the state is no longer retained. Except during method invocation, all instances of a stateless bean are equivalent, allowing the EJB container to assign an instance to any client. Because stateless session beans can support multiple clients, they can offer better scalability for applications that require large numbers of clients.
A set of PL/SQL instructions that are stored in a database.
In CORBA, stubs are classes that are generated as part of the IDL compilation process (e.g. using an IDL-to-Java compiler). The compiler creates the stubs from the IDL interfaces of a server object. The stubs contain code that handles operations needed to access remote objects. A client application uses the generated stubs to access methods in the remote server object.
The internationally accepted standard for relational systems, covering not only query but also data definition, manipulation, security, and some aspects of referential integrity.
A process that receives queries for a particular managed element from the master agent and sends back the appropriate answers to the master agent. The SNMP subagent detects unexpected events and forwards them to the master agent.
A subject refers to any user of a computing service. Since users, roles, and computing services use computing services, all are subjects. A subject is the source of a service request. To identify the subjects with which it interacts, a computing service typically relies on names. Subjects can have different names for each individual service with which they interact. These individual names are known as principals. For example, a user can have a name principal (user frank), a role principal (role hr), and a social security number principal (123-45-6789).
Customers (such as a company) that use (subscribe to) an application deployed in a hosted environment.
In the scope of the performance monitoring tools, a subscription is a request by a user to track a particular metric.
A client-server computing architecture where systems are separated into three layers: the interface layer, the application logic layer, and the database layer. Clients in this model are thin clients which do not contain as many resources as clients in the two-tier architecture. The application logic layer which is also known as the middle-tier provides the computing power and resources for the client. Oracle9i Application Server fulfills this role ideally as a development and deployment platform for database enabled applications.
This is an HTTP request that is handled by the Oracle HTTP Server module, mod_oprocmgr. It is used for server process management and administration.
Transparent Network Substrate string, a foundation technology, built into Net8, Oracle Connection Manager and Oracle Names, that works with any standard network transport protocol. The TNS string contains destination service and network route information. Users initiate a connect request by passing a user name and password along with a connect identifier in a TNS String for the service to which they wish to connect.
A transaction is a collection of operations that work toward a goal of satisfying a single user's need. A transaction guarantees that all operations within it either succeed or fail.
As an example, a transfer from a savings account to a checking account has a transaction that debits the savings account and credits the checking account. If both operations succeed, the transaction is committed, otherwise the transaction is rolled back.
An OTS service that enables you to perform transactions that span several HTTP requests. The transaction service is based on the XA open model transactions defined by the X/Open Company.
A database that has been configured to be involved within a transaction. Once configured, more than one database can be managed by Oracle9i Application Server in committing resources on all databases involved in the transaction. A database cannot be involved in a transaction unless the DAD is configured to be transactional.
Also referred to as a trusted certificate authority (CA), a trustpoint is an issuer of certificates whom you can trust. You can use Oracle Wallet Manager to manage trustpoint information associated with your application.
The traditional client-server computing architecture with application front-end and logic executing on a client that accesses a database.
Universal Description, Discover, and Integration. An online electronic registry that serves as electronic Yellow Pages, providing an information structure where various business entities register themselves and the services they offer through their WSDL definitions. There are two types of UDDI registries, public UDDI registries that serve as aggregation points for a variety of businesses to publish their services, and private UDDI registries that serve a similar role within organizations.
A 16-bit character encoding scheme supporting a large subset of characters found in both Western and Asian languages.
Uniform Resource Identifier. The generic term for all types of names and addresses that refer to objects on the World Wide Web. A URL is one kind of URI.
Uniform Resource Locator. A URL, a form of URI, is a compact string representation of the location for a resource that is available via the Internet. It is also the text-string format Web clients use to encode requests to Oracle9i Application Server.
In a virtual file system, a virtual pathname is a synonym that the virtual file system maps to a file stored in the file system maintained by the host machine's operating system.
A wallet is an abstraction used to store and manager security credentials for an individual entity. It implements the storage and retrieval of credentials for use with various cryptographic services.
Web Archive (WAR) files contain the Web component modules of J2EE applications. A WAR file contains its deployment descriptors (DD), related files, and the .class files for the servlet or the .jsp files for a JSP page.
A thread in an Oracle HTTP Server parent process. It is spawned by the parent init process of mod_oprocmgr. Its purpose is to periodically check the status of each process running on the server. If a process is dead or if it fails to start up, then the watcher thread will issue an HTTP request to start a new process.
J2EE Web components can be either JavaServer Pages (JSPs) or servlets. Static HTML pages, applets, or server-side utilities can be bundled with Web components during application assembly, but are not considered Web components by the J2EE specification.
A portal accessible from wireless devices such as a cellular telephone.
Web Services Description Language. An XML format for describing network services containing RPC-oriented and message-oriented information. Programmers or automated development tools can create WSDL files to describe a service and can make the description available over the Internet. Client-side programmers and development tools can use published WSDL descriptions to obtain information about available Web Services and to build and create proxies or program templates that access available services.
A standard for developing an electronic directory of users in an organization so that it can be part of a global directory available to anyone in the world with Internet access. Such a directory is sometimes called a global White Pages directory. The idea is to be able to look up people in a user-friendly way by name, department, or organization.
eXtensible Markup Langage. XML is a set of rules for defining data markup in a plain text format.
|
 Copyright © 2002 Oracle Corporation. All Rights Reserved. |
|
