Glossary
This glossary defines terms that are used in the documentation for BEA WebLogic Platform. Terms displayed in blue, other than URLs, are defined in this glossary.
Click a letter in the glossary index. Or use the Page Down key, the Page Up key, the arrow keys, or the scroll bar to navigate. Please contact us if you know of a relevant term that is not defined in this glossary.
| A | B | C | D | E | F | G | H | I | J | K | L | M |
| N | O | P | Q | R | S | T | U | V | W | X | Y | Z |
Set of restrictions on the ability of principals (human or software entities) to use software resources. These restrictions are enforced in order to prevent unauthorized use of such resources.
access control information (ACI)
Information about the initiator of a resource access request. The ACI is used to make a decision about enforcing access control.
Data structure used to authorize or prohibit the use of resources, such as network services, by principals. Each entry in an ACL contains a set of permissions associated with a particular principal.
In WebLogic Server 7.x and later, ACLs are deprecated and are replaced by security policies. To continue to protect WebLogic resources with ACLs, use Compatibility security.
In a WebLogic Integration environment, the use of different types of resources is granted to different types of principals:
See authentication, Compatibility security, group, permission, principal, record, security policy, user, and WebLogic resource.
Code that determines whether a subject has permission to perform a given operation on a WebLogic resource. The result of an Access Decision is to permit, deny, or abstain from making a decision. An Access Decision is a component of an Authorization provider.
See Authorization provider, Subject, and WebLogic resource.
Essential characteristics of transaction processing systems:
See transaction.
See access control list (ACL).
The version of the process that at run time will be accessed by external clients through the public URI.
See business process, versioning, and public URI.
Components that use Component Object Model (COM) technologies to provide interoperability with other COM services and components.
See Component Object Model (COM).
Software component that provides an interface between an enterprise information system and an integration server. An application adapter represents a system-level interface to the functionality in the application.
See resource adapter.
Method for resolving inconsistent authorization decisions.
Adjudication provider and Adjudicator
A WebLogic security provider that tallies the results that multiple Access Decisions return, resolves conflicts between the Access Decisions, and determines the final PERMIT or DENY decision. The Adjudicator is a component of the Adjudication provider.
See Access Decision and security provider.
Browser-based interface used by a system administrator to configure and monitor WebLogic Platform.
See WebLogic Integration Administration Console and WebLogic Server Administration Console.
Type of principal that accesses a resource in a WebLogic Server environment without being authenticated.
Third-party XML parser, provided by the Apache Software Foundation, that implements the W3C XML, DOM, and SAX standards.
See application programming interface (API).
Client-side Java program, usually embedded in an HTML page and viewed with a Java-enabled Web browser.
One or more software programs, used collectively by an end user to perform computing tasks. You use WebLogic Workshop to build an application consisting of a set of projects, libraries, and resources.
See application server.
A standards-based integration solution for connecting applications both within and between enterprises. The WebLogic Integration solution provides a means to integrate applications by defining communication endpoints, either in custom code or in a business process defined with WebLogic Workshop.
application programming interface (API)
A server designed to make it easier for developers to isolate the business logic in their projects (usually through components) and develop three-tier applications. Resources include databases, ERP applications, and traditional mainframe applications. Application servers also provide tools for developing user interfaces and for deploying an application to the Web. Many application servers offer additional features such as transaction management, clustering, fail-over, and load balancing. BEA WebLogic Server is a Java Application Server, which complies with the Java 2 Enterprise Edition (J2EE) platform.
Business-level interface to the functionality in an application. An application view is configured for a single business purpose, and contains only services related to that business purpose. Additionally, an application view represents both events and services that support a business purpose, allowing the business user to interact with the application view for all communication with an application.
A key-based cryptography that uses an encryption algorithm in which different keys, private and public, are used to encrypt and decrypt the data. Asymmetric key cryptography is also called public key cryptography.
See private key, public key, and symmetric key cryptography.
Characteristic of events that occur at different times such that the relationship between the times when those events occur is unpredictable.
In distributed application architectures such as Web services, clients invoke methods (or send messages to) servers and servers respond. If a client is blocked from performing other work while waiting for a server to respond, the interaction is described as synchronous because the client is synchronized with the server.
If an interaction is designed such that a client can continue performing other work while the server prepares its response, and the server can notify the client when the response is ready, the interaction is described as asynchronous.
An asynchronous architecture is useful in event-driven scenarios, in which an event can arrive at any time and the receiver can handle it whenever it arrives.
A business process which is invoked by an asynchronous method as the Starting Event. This includes business processes that are invoked via a Client Request node, a Subscription node, or one of several Client Request or Subscription nodes (i. e., an Event Choice node).
See business process.
A method that returns immediately and always returns void. Clients that use asynchronous methods do not have to wait for a meaningful response from the server before they can perform other tasks. See asynchronous web service, synchronous method.
A web service that provides asynchronous functionality, either by using asynchronous methods or by using synchronous methods and callbacks in an asynchronous manner. Interactions in asynchronous web services are designed to allow the client to continue performing other work while the server prepares its response. The server notifies the client when the response is ready. An asynchronous architecture is useful in event-driven scenarios where the receiver handles the event whenever it arrives. See asynchronous method, synchronous web service.
Information that is sent with a business message.
Process whereby information about operating requests and the outcome of those requests is collected, stored, and distributed for the purposes of non-repudiation. Auditing provides an electronic trail of computer activity.
See Auditing provider.
In a WebLogic Server environment, a security provider that provides auditing services.
See auditing and security provider.
Process whereby the identity of users or system processes are proved or verified. Authentication also involves remembering, transporting, and making identity information available to various components of a system when that information is needed. Authentication typically involves username/password combinations, but can also be done using tokens.
See Authentication provider, Identity Assertion, LoginModule, perimeter authentication, and token.
A security provider that enables WebLogic Server to establish trust by validating a user. The WebLogic Security Service architecture supports Authentication providers that perform username/password authentication; certificate-based authentication directly with WebLogic Server; and HTTP certificate-based authentication proxied through an external Web server.
See authentication, digital certificate, security provider, and user.
Process whereby the interactions between users and resources are limited to ensure integrity, confidentiality, and availability. Authorization controls access to resources based on user identity or other information.
In the WebLogic Server environment, a process whereby a user's access to a WebLogic resource is permitted or denied based on the user's security role and the security policy assigned to the requested WebLogic resource.
See Authorization provider, security policy, user, and WebLogic resource.
In the WebLogic Server environment, a security provider that controls access to WebLogic resources based on the user’s security role and the security policy assigned to the requested WebLogic resource.
See security provider, user, and WebLogic resource.
Practice whereby companies buy and sell to each other directly, that is, business-to-business (B2B), through electronic transactions.
A Java class you can assign to a portal component (such as a book or page) that runs before the component is rendered. For example, a backing file can process a request and a portal component can use the return values in rendering.
See WebLogic Integration.
See WebLogic Portal.
See WebLogic Server.
Transaction in which an Enterprise JavaBean (EJB) controls the transaction boundaries. In a bean-managed transaction, controls can be specified using JTA. The EJB code manages the transaction, which can begin in one method and end in another.
See container-managed transaction, Enterprise JavaBeans (EJB), Java Transaction API (JTA), and transaction.
The use of events to record user behavior in a portal that is stored in a database.
Industry initiative to define the BizTalk Framework, a set of guidelines for publishing XML schemas and using XML messages. Started by Microsoft, it is supported by a wide range of organizations, including technology vendors (such as SAP, CommerceOne, and Ariba) and technology users (such as BASDA). BizTalk is not a standards body, but a community of standards users.
See also http://www.biztalk.org.
A book contains one or more pages, with the currently selected page determined by a control such as a tab set.
See business process management (BPM).
Mechanism that enables you to cause Webflow to direct to different destination nodes, based on the value of the object returned from successful execution of the input processor or pipeline.
See node.
Trading partner that uses a Web browser to communicate with other trading partners.
See business transaction protocol (BTP).
A resource you can add to a method of your web service. A buffer ensures that your method returns to the client immediately, so that the client need not wait for the server to process other requests. Incoming calls to a buffered method are queued so that the server is not overwhelmed with requests.
Practice of adding a buffer to a method of your service to ensure that the service returns to the client immediately. This mechanism eliminates the need for the client to wait for the server to process other requests. Incoming calls to a buffered method are queued so that the server is not overwhelmed with requests.
XML part of the payload of a business message.
Staff member who combines the skills of a Business Analyst and Developer. A BE may:
See developer.
Basic unit of communication between trading partners in a conversation. A multipart MIME message, it consists of business documents, and attachments.
Method of adding user-defined operations in WebLogic Integration by invoking EJBs or calling Java classes.
A set of related business operations, such as order processing, that is automated in whole or in part. When a business process is executed, information is passed to a particular participant at a particular time, according to a set of intelligent business rules that enable computers to perform most of the work, leaving humans to deal only with exceptions.
business process management (BPM)
A set of tools and technologies that enables the integration of diverse applications and human participants, as well as the coordinated exchange of information between trading partners outside of the enterprise. Business processes allow you to orchestrate the execution of business logic and the exchange of business documents among back-end systems, users and trading partners (systems and users) in a loosely coupled fashion.
Set of rules that governs the electronic exchange of business information between enterprises across a network. A business protocol specifies the structure of business messages, the method for processing the messages, and the method for routing them to the appropriate recipients. WebLogic Integration trading partners can use the business protocol to send and receive business messages.
Set of logic plug-ins that implements a business protocol.
Interface to a conversation definition. A trading partner offers a business service to other trading partners who may want to interact with it.
business transaction protocol (BTP)
Standard that provides an open and well-defined method for managing long-running, complex transactions common in B2B e-commerce. BTP is an XML-based vocabulary protocol for representing and seamlessly managing complex, multistep B2B transactions over the Internet. BTP enables trading partners to manage complex XML message exchanges as long-running, loosely coupled conversations.
business-to-business (B2B) e-commerce
See B2B e-commerce.
Compiled format for Java programs that can be run (interpreted) on any computer with a Java virtual machine (JVM).
See Java virtual machine (JVM).
Compressed file used to load classes and other files required to run an applet in a single hypertext transfer protocol (HTTP) request. Can be used only with applets running under Microsoft Internet Explorer, version 4.0 or later.
A WebLogic Server 6.x feature that applies to WebLogic Server 7.x and later only if you use Compatibility security. A Caching realm is a temporary location in memory that contains frequently called ACLs, users, groups, and so on, from the primary realm. In WebLogic Server 6.x, users, groups, and ACL objects are stored in the filerealm.properties file, and reading from a file can be very slow. The Caching realm is a communication layer on top of the primary realm and is used for lookups, by default. If the Caching realm lookup fails, a lookup is performed on the primary realm.
See access control list, Compatibility security, group, and user.
Method defined on the client that your web service can call. Callbacks make it possible to support an asynchronous two-way exchange between a client and a service. For example, if a service performs a time-consuming operation, the service can immediately acknowledge the client's request with a simple return value, then later use the callback to return the full result of the operation. A callback must participate in a conversation.
Method run by your service when it receives a corresponding callback. The callback handler is defined by the control that includes the callback. For example, the timer control provides the onTimeout method as a callback handler. You have the option of adding code that will run when the timer fires.
Principal that is associated with an application component instance during a method invocation. For example, an EJB instance can call the getCallerPrincipal method to get the principal associated with the current security context.
See Enterprise JavaBeans (EJB) and principal.
Named group of scenarios that coordinate multiple Personalization, Commerce, and Campaign services to drive portal usage and achieve business goals.
See scenario.
Reduction in the price charged for product items, orders, or shipping cost conditionally targeted to a subset of the entire user population. WebLogic Workshop allows you to define the discounts that you might later decide to offer to your online customers.
Goal for a campaign that defines its termination. When the goal is satisfied, the campaign can end, even if the goal is fulfilled before the scheduled end date. This goal is specified in the campaign editor in the WebLogic Workshop and can be edited in the WebLogic Administration Portal.
Set of portal services that enable portal developers to create and track marketing goals. Campaigns are set up and managed using WebLogic Workshop.
Organization that commissions a campaign. Is often the organization that owns and operates the Web site (or a subset of that organization). In WebLogic Workshop, the sponsor can be used as a criterion for campaign searches, as well as for reporting and analysis.
State of a campaign: active or inactive. When a campaign is saved, it is in an active state and is ready to run between the specified start and stop times when the appropriate conditions are met. When you disqualify an active campaign from running, or you stop a running campaign prior to the specified stop date, the campaign is in an inactive state.
In XML, to convert from one type to another.
Single point of access to several product catalog services: Category Manager service, Product Item Manager service, Custom Data Manager service, and Catalog Query Manager service.
See service.
Service that queries the Commerce services product catalog. It defines two types of catalog searches: keyword searches and attribute-based searches. A keyword search is a simple search on a number of keywords, whereas an attribute-based search allows a complex Boolean expression on any of the item attributes to be evaluated.
See service.
Service that manages the hierarchical structure of the Commerce services product catalog. It defines a complex interface for creating and modifying the hierarchy and for mapping items into categories.
See service.
See digital certificate.
Method of providing a confident identification of a client by a server through the use of digital certificates. Certificate authentication is generally preferred over password authentication because it is based on what the user has (a private key), as well as what the user knows (a password that protects the private key).
See authentication, certificate authority, and digital certificate.
Trusted entity that issues public key certificates. A certificate authority attests to a user's real-world identity, much as a notary public does.
See certificate chain, digital certificate, entity, private key, public key, and trusted (root) certificate authority.
An array that contains a private key, the matching public key, and a chain of digital certificates for trusted certificate authorities, each of which is the issuer of the previous digital certificate. The certificate for the server, authority, authority2, and authority3, constitute a chain, where the server certificate is signed by the authority, the authority's certificate is signed by authority2, and authority2's certificate is signed by authority3. If the certificate authority for any of these authorities is recognized by the client, the client authenticates the server.
Process that causes a Webflow to move from one processor node (that is, an input processor or pipeline) to another processor node. This mechanism relieves you of the need to use processor nodes between presentation nodes. In a chaining arrangement, the result state of one successfully executed processor node is another processor node.
See node.
Interactive process whereby a customer confirms items to be purchased, and provides payment and shipping information. The Commerce services then validate the customer information, post the credit card transaction, and log shipping and tax payment requirements. The checkout process invokes the Registering Users and Managing Customer services and the Managing Purchases and Processing Orders services.
See Managing Purchases and Processing Orders services and Registering Customers and Managing Customer services.
In cryptography, a coding system used to create encrypted messages.
See cipher, cipher suite, cipher text, and secure sockets layer (SSL).
Secure sockets layer (SSL) encryption method. Includes three types of algorithms that can be used to protect the integrity of a communication: the key exchange algorithm, the symmetric encryption algorithm, and the secure hash algorithm.
See cipher and secure sockets layer (SSL).
In cryptography, text that is encrypted.
Category of objects used in object-oriented programming. A class defines the implementation of a particular kind of object. A class definition defines instances and class variables and methods, and specifies the interfaces and class implementations and the immediate superclass of the class. If the superclass is not explicitly specified, it is implicitly assumed to be Object.
See object-oriented programming (OOP) and class library.
A set of client programming tools called classes. These tools can be used in a Java or C++ program, or in a Java applet that can be embedded in a Web page.
See class.
List of paths for the file system directories or Java archive files to be searched by a Java Virtual Machine (JVM) at run time, in order to locate the executable class files required at that time. The list may be supplied through an operating system environment variable (CLASSPATH) or a command-line switch (-classpath) sent to the virtual machine. Application server containers, such as servlet engines and EJB containers, may contain additional levels of classpath information.
See class and class library.
Act of clicking an ad. The number of clickthroughs can be used as one criterion to determine whether the goal of a campaign has been met.
Program that performs the following steps:
If a client is located on a machine that belongs to the domain to which the target servers also belong, then the client is called a native client. If the client is located on a machine outside that domain, then the client is called a remote client or a Workstation client.
client (CORBA)
Code that invokes an operation on a distributed object.
Any application that makes a request to a web service to return data. The client can be written in any language and running on any platform, so long as it communicates in the manner that the web service expects. Most web services expect to receive requests over an Internet protocol such as HTTP, and they expect those requests to be XML messages formatted according to the SOAP specification. See simple object access protocol (SOAP).
A business process node which provides a means for a client to make a request to a business process.
See business process.
client request with return node
A node which starts a business process as the result of receiving a synchronous request from a client. Any nodes added between the receive and send nodes inside the Client Request with Return group are executed within the scope of the synchronous operation. This node is only available as the starting event of a business process.
A business process node which provides a way for a business process to send messages to clients.
See business process.
Network in which heterogeneous clients make requests over various protocols for many different services on the network and the requests are fulfilled transparently by a high-performance, intelligent intermediate server or cluster of servers, such as the pure-Java WebLogic Server.
See client/server and Web service.
Network architecture in which computer processing is distributed among clients (desktop PCs) and a server or servers (central computer).
See client/network.
Character Large Objects
Group of WebLogic server instances that work together to provide an application platform that is more powerful and reliable than a single server. A cluster appears to its clients as a single server but it is, in fact, a group of servers acting as one. If properly designed and configured, a cluster can provide both availability and scalability. New processes and machines can be added to a cluster, dynamically, to handle increased load without shutting down the cluster. Individual servers can be removed from the cluster periodically so that maintenance can be done without affecting cluster performance.
In this documentation, the character encoding of the field data.
See applet and package name.
Base URL for locating an applet's classes on the server host. To get the complete URL for an applet, combine the CODEBASE with the applet's CODE name.
See Component Object Model (COM).
Representation of an object that conforms to the Component Object Model (COM) standards, including implementations of all necessary interfaces.
Development kit for an application that services product catalog requests and manages customer orders. It includes database schemas, Java components and libraries, configuration files, and interaction management tie-ins.
See JSP template and Web application (Webapp).
See transaction.
Defines a standard client API for application components and enables application components and Enterprise Application Integration (EAI) frameworks to drive EIS using a common client API. The J2EE Connector Architecture defines a CCI for EIS access.
See application programming interface (API), Enterprise Information System (EIS), and J2EE Connector Architecture.
The capability of an application built using one release or service pack to run in another release or service pack, with or without rebuilding the application.
Security realm that is the default (active) security realm if you are using Compatibility security. The Compatibility realm adapts your existing WebLogic Server 6.x Authentication and Authorization providers so that you can use them in WebLogic Server 7.x or later. The only security realm available in Compatibility security is the Compatibility realm.
See Compatibility security, default realm, security provider, security realm, and WebLogic security provider.
The capability to run security configurations from WebLogic Server 6.x in later releases of WebLogic Server. Using Compatibility security in WebLogic Server 7.x or later, you configure 6.x security realms; define users, groups, and ACLs; manage protection of user accounts; and install custom auditing providers. The only security realm available in Compatibility security is the Compatibility realm. The Realm Adapter providers in the Compatibility realm allow backward compatibility to the authentication and authorization services in 6.x security realms.
See access control list, Auditing provider, Compatibility realm, group, Realm Adapter Authentication provider, Realm Adapter Authorization provider, security realm, and user.
An XML element that can contain other elements or attributes. The definition for a complex type appears as <complexType> in an XML schema document. See simple type.
Part of an application.
Collection of services that enables software components to interoperate in a networked environment.
See COM view.
The rules, such as user properties, events, and dates and times, which trigger predefined personalized actions to occur for portal visitors. Conditions are used to define User Segments, Content Selectors, and Campaigns.
Set of hardware, hardware options, software, and software setup on a computer or on a network.
See configuration set and configure.
Name or number used to reference a particular configuration in a configuration partition. Each configuration set describes the services to be used when the configuration is active.
See configuration and configure.
To customize hardware and software for a computer or for a network.
An object that provides connectivity to a resource manager and enables an application client to connect to a resource manager, perform transactions, and access services provided by that resource manager. A connection can be either transactional or nontransactional.
See resource manager.
A programmable filter that WebLogic Server uses to determine whether the server should allow incoming connections from a network client. In addition to security policies that protect WebLogic resources based on user characteristics, you can add another layer of security by filtering based on network connections.
See security policy, user, and WebLogic resource.
In Webflow, a small graphical device on the edge of a node that marks the point at which an event or exception is connected to that node. In some cases, it may be helpful to move the node's connection port.
See node.
See resource adapter.
In a WebLogic Server environment, pseudomethod used to create an object. In Java, constructors are instance methods with the same names as their classes. Java constructors are invoked using the new keyword.
See class, instance, Java, metadata interface, and object.
Part of an application server, such as WebLogic Server, that provides deployment and run-time support for application components. A container allows you to monitor and manage supported components as well as the service(s) that monitor and manage the components. A container can be any of the following:
See Enterprise JavaBeans (EJB), Java Server Pages (JSP), and servlet.
Transaction in which an Enterprise JavaBean container controls the transaction boundaries. In a container-managed transaction, controls are specified in the deployment descriptor. When a bean method is invoked, the container manages the transaction, which begins and ends in the same method. An entity bean must use container-managed transactions.
See bean-managed transaction and transaction.
System that manages a collection of content objects (articles, documents, images, and so forth), including metadata about the content. See metadata.
The content repository stores content as well as meta-data in a database. Multiple content management repositories – including BEA and 3rd party – can be integrated in a single virtual content repository. Developers can query the repository and retrieve and display personalized content in portal applications.
A content selector is one of several mechanisms that WebLogic Portal provides for retrieving documents from a content management system. Use content selector JSP tags and a set of other JSP tags to retrieve and display the content targeted by the content selector.
A ContextHandler is a high-performing WebLogic class that obtains additional context and container-specific information from the resource container, and provides that information to security providers making access or role mapping decisions. The ContextHandler interface provides a way for an internal WebLogic resource container to pass additional information to a WebLogic Security Framework call, so that a security provider can obtain contextual information beyond what is provided by the arguments to a particular method. A ContextHandler is essentially a name/value list, and as such, it requires that a security provider know what names to look for. (In other words, use of a ContextHandler requires close cooperation between the WebLogic resource container and the security provider.)
See security provider, WebLogic container, and WebLogic Security Framework.
Component used in a Web service so that a service can communicate with other kinds of applications and components. For example, a database control enables a Web service to request data from a database. A service control makes it easy for one Web service to call another.
A file that defines a control. Controls with the CTRL extension were created in an earlier version of WebLogic Workshop but continue to be supported. See Java control (JCX).
Someone who builds Java controls to encapsulate reusable functionality. A control author writes a control class, then (as needed) adds nested controls, implements methods and callbacks, and defines properties.
Implements the control interface containing methods exposed by a Java business control. The class name is the same as the control interface name, but ends with “Impl”. A control class file has a .jcs extension.
A Java interface that defines the methods exposed by a Java business control. A control interface always extends the com.bea.control.Control interface or an interface derived from it.
Control receive nodes represent points in business processes at which the process receives asynchronous messages from resources (via controls). A business process waits at a Control Receive node until it receives a message from the specified control. Control nodes are mutable or morphable; you can change them into another type of control by dragging and dropping a control method of a different type.
See business process.
Control send nodes represent points in business processes at which they send asynchronous messages to resources (via controls). Control nodes are mutable or morphable; you can change them into another type of control by dragging and dropping a control method of a different type.
See business process.
Control Send with Return nodes handle synchronous exchange of messages between business processes and resources (via controls). Control nodes are mutable or morphable; you can change them into another type of control by dragging and dropping a control method of a different type.
See business process.
A capability WebLogic Workshop automatically provides to web services to help them keep track of which responses go to which clients in response to requests. For example, when events occur in the web service that must be passed on to clients via callbacks, WebLogic Workshop's correlation capability routes the callback messages automatically.
Security-related attribute of a Subject, which may contain information used to authenticate the Subject to new services. Types of credentials include username/password combinations, Kerberos tickets, and public key certificates.
See credential mapping, Credential Mapping provider, digital certificate, Kerberos ticket, public key, and Subject.
The process whereby a legacy system's database is used to obtain an appropriate set of credentials to authenticate users to a target resource. WebLogic Server uses credential mapping to map credentials used by WebLogic Server users to credentials used in a legacy (or any remote) system. WebLogic Server then uses the credential maps to log in to a remote system on behalf of a subject that has already been authenticated.
See credential, Credential Mapping provider, and resource.
A security provider that is used to provide credential mapping services and bring new types of credentials into the WebLogic Server environment.
See credential, credential mapping, and security provider.
WebLogic Server security feature that allows users to authenticate once but access multiple applications, even if these applications reside in different DNS domains. You can use this feature to construct a network of affiliates or partners that participate in a Single Sign-On domain. See also single sign-on. NOTE: Cross-domain single sign-on is only supported for Java clients, that is, clients that are running a Java Virtual Machine (JVM); Cross-domain single sign-on is not supported with Web browser clients.
A protocol that is based on IIOP (GIOP 1.2) and the CORBA Common Secure Interoperability version 2 (CSIv2) CORBA specification. The secure interoperability requirements for EJB2.0 and other J2EE1.4.1 containers correspond to Conformance Level 0 of the CSIv2 specification. The CORBA Security Attribute Service (SAS) is the protocol that is used in CSIv2. For more information, see http://www.omg.org/technology/documents/formal/omg_security.htm.
See control (CTRL) file.
Service that defines an interface for giving persistence to custom attributes of product items. (Custom attributes are attributes not defined in the ProductItem interface.)
See service.
Security providers written by third-party security vendors or customer security developers that can be integrated into the WebLogic Security Service. Custom security providers are implementations of the Security Service Provider Interfaces (SSPIs) and are not supplied with the WebLogic Server product.
See Security Service Provider Interfaces (SSPIs), security provider, security realm, WebLogic security provider, and WebLogic Security Service.
In WebLogic Server 7.x and later, supported only in Compatibility security. In WebLogic Sever 6.x, you customize authentication by creating your own security realm and integrating it into the WebLogic Server environment.
A control that makes it easy to access a relational database from your Java code using SQL commands.
Intermediary class that mediates initialization calls between a security provider and the security provider's database.
See security provider database.
A business process node that allows you to incorporate true or false decisions into a process. A Decision node consists of one condition, a path below the condition, which represents the path of execution followed when the decision evaluates to true, and a path to the right of the condition, which represents the path of execution followed when the condition evaluates to false (the default path). A Decision node can contain additional conditions, in which case if the first condition evaluates to false, the second condition is evaluated. If the second condition evaluates to false, the next condition is evaluated, and so on. The default path is executed if no conditions are met.
See business process.
Security that is defined, or declared, using the application deployment descriptors. For Web applications, you define the deployment descriptors in the web.xml and weblogic.xml files. For EJBs, you define the deployment descriptors in the ejb-jar.xml and weblogic-ejb-jar.xml files.
Component that processes the protocol-specific message headers, identifies the sending trading partner, enlists the sending trading partner in a conversation, prepares a reply for the sender, and forwards the message to the scheduling service.
Process of taking cipher text (encrypted data) and a cryptographic key and producing plain text (the original unencrypted data).
See encryption.
The active security realm. In WebLogic Server 7.x and later, you can configure multiple security realms in a WebLogic Server domain; however, only one can be the default (active) security realm.
See Custom security realm, security realm, and WebLogic Server domain.
A definition is the source for a portal object, and resides in the library.
Hierarchy-based administration that allows administrators to delegate administrative sub-tasks to others
Authorization, by principal A, for principal B to use principal A's identity or privilege, sometimes with restrictions.
Sequence of bytes that denotes the end of a field or group of data.
Denial of Service (DoS) attack
Security attack in which an user or organization is deprived of the services of a resource they would normally expect to have. For example, an enterprise Web site may be forced to cease operation, thus forcing the enterprise to spend a lot of time and money.
XML file that supplies an application server with the information it requires to configure deployment properties for standard J2EE components, such as EJBs, Web Applications, Resource Adapters, and Enterprise Applications. It also enables a system administrator to define permissions on a J2EE component and to configure resources used by a component. Deployment descriptors conform to a Document Type Definition (DTD) provided by Sun Microsystems, Inc. JavaSoft.
See Document Type Definition (DTD), Enterprise JavaBeans (EJB), and XML.
A desktop contains all the portlets, content, and look and feel elements necessary to create individual user views of a portal. All users access the default before they define their own desktops. A portal contains one or more desktops.
Generic name for the role played by any technical expert in an organization who creates and/or maintains Web applications by writing code. In the Java 2 Platform Enterprise Edition (J2EE) Specification, developers are referred to as Application Component Providers.
Developers have special access privileges that may not be shared by individuals in other organizational roles.
Numerous areas of expertise divide developers into various categories: Java/EJB developers, HTML/JSP developers, application assembler/deployers, and system administrators.
An instance of WebLogic Server that is configured for use in a development environment. See also production server.
Digital equivalent of an ID card that is used by WebLogic Integration, with a public key encryption system, to authenticate trading partners. A digital certificate is a digital statement that associates a particular public key with a name or other attributes that are used to identify the certificate's owner. The statement is digitally signed by a certificate authority. Therefore, by trusting the certificate authority to sign only true statements, you can trust that the public key belongs to the entity (typically, a person, a corporation, or an agency) named in the certificate.
See certificate authority, digital signature, public key, and trusted (root) certificate authority.
String of bits used to protect the security of data being exchanged by two entities by verifying the identities of those entities. Specifically, this string is used to verify that the data came from the sending entity of record and was not modified in transit. A digital signature is computed from an entity's signed data and private key. It can be trusted only to the extent that the public key used to verify it can be trusted.
See entity, private key, and public key.
Application that is divided into two or more parts (such as a client and a server), residing on different computers that communicate through a network. Web applications are, by nature, distributed applications.
Application design and implementation strategy that divides an application into units that are executed on different computers and communicate through a network. For example, an application can be divided into three distributed units: a user interface unit, a processing unit, and a storage unit.
Object that can be located anywhere on a network. Distributed objects are packaged as independent pieces of code that can be accessed by remote clients through method invocations. The language and compiler used to create distributed objects are totally transparent to the clients. Clients do not need to know the location in which the distributed object resides or the operating system on which it runs.
distributed object model (DOM)
Abstraction that describes the way applications are partitioned, that is, how the logic is divided between the tiers (multitier or two-tier) that support it.
Global transaction involving multiple servers and one or more resources. In a distributed transaction environment, a client application may send requests to several servers resulting in resource updates at multiple resource managers. To complete a transaction, the transaction manager for each participant (client, servers, and resource managers) must be polled to coordinate the commit process for each participant within its domain.
See transaction, transaction manager, and resource manager.
A business process node which provides Do While loop capabilities in a process. For Do While groups, business process activities are added before the condition in the loop. At run time, the activities defined in a Do While loop are performed; then the condition is evaluated. Therefore, the activities inside a Do While group are performed one or many times, depending on the results of the evaluation of the condition.
See business process.
Schema, such as a Document Type Definition (DTD), that specifies the prerequisites for a valid document. WebLogic Integration document definitions are provided in XML DTDs. Each document definition includes two attributes: System ID (a DTD system identifier); and URL, which specifies the location of the document definition.
Definition of the method through which a document is exchanged. A document exchange defines a business protocol and some run-time parameters.
Document Type Definition (DTD)
File that defines the format (grammar and syntax) to be used for associated messages or files written in either XML or SGML. Specifically, a DTD file defines how the markup tags in an XML or SGML document should be interpreted by the application that is presenting that document, so that the document is displayed or printed as intended. The definition conforms to the rules of the Standard Generalized Markup Language (SGML). DTDs are part of the W3C XML specification.
See schema.
See distributed object model (DOM).
An interactive, graphical user interface (GUI) that facilitates the creation of a new WebLogic Server domain. The wizard can create WebLogic Server domain configurations for stand-alone servers, Administration Servers with Node Managers and Managed Servers, and clustered servers. You can use it to create the appropriate directory structure for your WebLogic Server domain, a basic config.xml file, and scripts that you can use to start the servers in your domain.
See Document Type Definition (DTD).
Datatype for which the memory size is not known when the code is compiled; a the memory size of a dynamic datatype is known only when the code is executed.
See enterprise application archive (EAR).
See electronic business XML (ebXML).
The standardized, combined form of the JavaScript and JScript languages. JavaScript was developed by Netscape Communications and JScript was developed by Microsoft Corporation. The European Computer Manufacturers Association (ECMA) acted as the standards body for ECMAScript.
Standardized language that combines JavaScript and JScript. JavaScript was developed by Netscape Communications; JScript, by Microsoft Corporation. ECMAScript was created by a standards body called the European Computer Manufacturers Association (ECMA).
See Electronic Data Interchange (EDI).
See Enterprise Information System (EIS).
See Enterprise JavaBeans (EJB).
electronic business XML (ebXML)
Set of specifications for a modular framework supporting the electronic exchange of business data. Developed for global usage through a joint initiative of the United Nations (UN/CEFACT) and OASIS.
Electronic Data Interchange (EDI)
Industry standard for the format of business messages used in e-commerce, and for the legal terms governing the use of such messages.
A unit of XML data. An element can enclose other elements.
A server that contains user, group, security role, security policy and credential information. The WebLogic Authentication, Authorization, Role Mapping, and Credential Mapping providers use the embedded LDAP server as their security provider databases.
See credential, group, security policy, and security role.
Component that transforms a message, as necessary, to support the required business protocol, and then forwards the message to the transport service.
Process of algorithmically scrambling data to prevent (or hinder) unauthorized disclosure, while still preserving access to the original data by authorized users. To read an encrypted file, a recipient must have access to a secret key or password that enables the recipient to decrypt it. Unencrypted data is called plaintext; encrypted data is referred to as ciphertext.
Encryption key pair consists of the public key used to encrypt information and a private key used to decipher the information.
enterprise application archive (EAR)
A single-file archive that consists of Web application components, EJB components, and resource adapters. The META-INF\application.xml deployment descriptor contains an element for each Web application, EJB, and connector component, as well as additional elements to describe security roles and application resources such as databases. WebLogic Workshop applications are exploded EAR files that can be deployed to a WebLogic Server instance running in production mode.
Enterprise Information System (EIS)
Software system that provides the information infrastructure for an enterprise. An EIS offers a set of services to its clients. These services are made available to clients via local and/or remote interfaces. Examples of an EIS include:
Enterprise Information System (EIS) resource
Provides EIS-specific functionality to its clients. Examples of an EIS resource include:
Java API that defines a component architecture for multitier client/server systems. Specifically, the EJB specifies an architecture for the development and deployment of object-oriented, distributed, enterprise-level applications. Applications written using the EJB architecture are scalable, transactional, and secure.
See Java 2 Enterprise Edition (J2EE).
Visitor Entitlements are a mechanism for determining who may access the resources in an application and what they may do with those resources. This access is based on the role that a visitor to an application is in, allowing for flexible management of the resources.
Something that exists independently as a particular and discrete unit. Persons, corporations, and objects are examples of entities.
Enterprise JavaBean that represents a database record and includes methods that can be invoked on data in that record.
Stateless session bean that handles the persistence of properties.
A string that represents some aspect of the current operating context. Usually, an environment variable encapsulates information that is useful to all programs that run within a given context. The value that the variable represents can be different in different contexts. For example, CLASSPATH is a standard environment variable that all Java programs use to find Java classes. The value of the CLASSPATH variable differs depending on which Java classes are installed on a computer and the location in which they are installed.
Standard events are generated at important points in an e-commerce site. The components that enable events include Java APIs, JSP tags, JSP scriptlets, Webflow input processors, Pipeline components, content selectors, and classification advislets.
You can add or customize generators for each of the following events:
Each event is generated by JSP tags. You can use the JSP tags that initiate these events to specify which products and what content generate these events. For example, in the wlcsApp E-Commerce Application, the JSP tag for the DisplayProductEvent is located in the details.jsp.
An Event Choice node group represents a point in a business process at which the business process waits to receive one of a possible number of events. Once it receives one of the possible events, the flow of the business process continues. You design other nodes within an Event Choice node group to handle the incoming events. The first node on each branch of an Event Choice node group handles the receipt of one event. The flow of execution proceeds along one branch in an Event Choice node; the branch containing the event that happens first.
The Event Service captures a rich set of portal usage data to enable real-time personalization via Campaigns and reporting (see Behavior Tracking). WebLogic Portal ships with a set of predefined events, including Login, Registration and Commerce events. Customers can augment the OOTB event with custom events.
Condition, often an error, that causes a program or microprocessor to branch to a different routine to handle the error. Java method for handling run-time errors.
The definition of how exceptions are handled within a business process or a portion of a business process. Exception paths can be associated with individual nodes, a group of nodes, or with the entire business process (global). When an exception is thrown, an exception handler associated with the node on which the exception occurs is executed first. If no exception path exists for the node, or if the exception path for the node throws an exception, the exception is caught by an exception handler on a group in which the node is contained. If an exception path on a group does not catch or handle the exception, it is caught by the global exception handler. An exception path associated with a Start node defines the global exception handler for a process.
Transactions within a business process whose boundaries are declared. You create explicit transaction boundaries by selecting contiguous nodes and declaring them to be in a transaction separate from those created implicitly by the application. Resources accessed with a process may also be part of the transaction depending on the nature of the resource and the control that provides access.
See business process and implicit transaction.
extensible markup language (XML)
Metalanguage (a language for describing languages) that you can use to define customized markup languages. It is composed of a subset of standardized general markup language (SGML).
XML facilitates the development of user-defined document types and the creation of programs that can use data from documents of such types. It is rapidly becoming a universal standard for defining, validating, and sharing data formats and documents.
Because XML is text-based (that is, it is not written in binary format), and it uses syntax rather than binary markers to organize data, it can be deployed across heterogeneous and potentially incompatible systems and platforms.
eXtensible Stylesheet Language (XSL)
Language for specifying the format of an XML document.
eXtensible Stylesheet Language Transformations (XSLT)
XML language designed for transforming one XML document into another. An XSLT document, or stylesheet, describes data transformations that are to be performed on nodes of an XML document. Using XSLT, an XML document can be transformed into a variety of text formats, such as XML, HTML, and PDF.
Capability of a system to respond to the failure of a service invocation by redirecting the request for the service to an alternate provider, without requiring user intervention. In other words, the ability of a system to transfer control to a backup component when a fault occurs.
The types of services that can be invoked, through the failover capability, in spite of an initial invocation failure, include the service that performs lookups of service providers, the ability to recover in the event of a server failure, and the ability to find another instance of a service on a reachable server.
In WebLogic Server 6.x, a realm that stores users, groups, encrypted passwords, and ACLs in a file. In WebLogic Server 7.0 and later you use a File realm only with Compatibility security.
When you create a business process, it contains by default a Start node and a Finish node. You can specify additional (optional) endpoints of your business process by adding Finish nodes to those locations where you want the business process to cease execution. A Finish node is always the last node in a business process. You can place a Finish node at the end of the main flow or on any branch of a business process.
See business process.
Software that monitors traffic between an internal network and the Internet, and that regulates the type of network traffic that can enter and leave the internal network. A firewall can be connected to the Internet or set up within a company’s network to prevent unauthorized access to the network. Firewalls protect information on computers and information that is being carried over the network. Firewalls use various types of filters to prevent access, including limiting the types of protocols allowed and restricting access from network nodes by IP addresses and DNS node names.
A region of a portal desktop that is outside the desktop's main body, usually positioned below the main body.
A business process node which provides For Each loop capabilities in a process. For Each nodes represent points in a business process at which a set of activities is performed repeatedly, once for each item in a list. For Each nodes includes an iterator node (on which a list of items is specified) and a loop (in which the activities to be performed for each item in the list are defined). An XML document (or a section of an XML document) is passed into the For Each loop in a business process variable. An iteration variable holds the current element being processed in the For Each loop, for the life of the loop.
See business process.
A Business Process Start Node property which describes error handling behavior. When a business process fails and there is no exception handler configured to handle the exception thrown, the business process is placed into an aborted state and no recovery is possible. However, if the business process is configured to freeze on failure, the business process rolls back to the last commit point and the state is persisted if it fails. The process can then be restarted from the WebLogic Integration Administration Console.
See on sync failure.
Function that reclaims memory from unused objects and variables while a Java program is being run. This function is usually executed automatically in the background, but it can also be requested at specified times by the programmer.
An element that can be referenced from anywhere else in the schema.
A security role that applies to all WebLogic resources within a security realm. For example, if the WebLogic Role Mapping provider is being used in the default security realm, global roles can be defined in terms of user, group, and hours of access.
See Role Mapping provider, scoped role, security realm, security role, and WebLogic resource.
Transaction managed by an external transaction manager (such as WebLogic Server) that can include multiple servers or multiple resources as participants. The transaction is coordinated as an atomic unit of work: All participants either commit or rollback the entire transaction.
See distributed transaction and ACID properties.
In a WebLogic Server environment, set of users that share some characteristics. Groups are a static identity that a server administrator assigns. Groups are associated with security roles. Giving permission to a group is the same as giving the permission to each user who is a member of the group.
See permission and user.
A logical collection of nodes in a business process. You can create a group from one or more nodes or other groups. Groups allow you to simplify the display of your business process and provide an extra level of exception handling logic.
See business process.
In releases of WebLogic Portal prior to 8.1, Group Portals provided a particular view of a portal for users within a specific group. With WebLogic Portal 8.1, these are superceded by role-based Desktops, in which the role of the user determines which Desktops may be accessed. Entitlement roles may be based on user groups, allowing for a similar access hierarchy.
A group profile contains a set of attributes. If a successor is specified when accessing a user profile, that group’s properties will be used if one is not explicitly set for the user. It is effectively a form of inheritance, with added flexibility in that more than one group may be specified as the successor.
See User Management component and user profile.
A region of a portal desktop that is outside the desktop's main body, usually positioned above the main body.
Heuristic completion such that all updates related to the transaction are committed.
See heuristic completion.
Unilateral decision by a resource, during the completion stage of a distributed transaction, to commit or roll back updates. This type of decision can leave distributed data in an indeterminate state. Network failures or transaction timeouts are possible causes for heuristic completion. Also referred to as heuristic decision.
See commit, distributed transaction, and rollback.
See heuristic completion.
Result of a heuristic completion such that the resource manager does not know whether at least one of the updates related to the transaction was rolled back or committed.
See heuristic completion.
Result of a heuristic completion such that some updates related to the transaction were rolled back and other updates were committed.
See heuristic completion.
Result of a heuristic completion such that all updates related to the transaction were rolled back.
See heuristic completion.
One of two interfaces for an enterprise bean, the home interface and the remote interface. The home interface defines zero or more methods for creating and removing an enterprise bean. For session beans, the home interface defines create and remove methods, while for entity beans, the home interface defines create, finder, and remove methods.
See remote interface.
The process of verifying that the name of the host to which an SSL connection is made is the intended or authorized party.
See Host Name Verifier and Secure Sockets Layer (SSL).
Code that validates that the host to which an SSL connection is made is the intended or authorized party. A Host Name Verifier is useful when a WebLogic Server client or a WebLogic Server instance acts as an SSL client to another application server. It helps prevent man-in-the-middle attacks. By default, WebLogic Server, as a function of the SSL handshake, compares the common name in the subject distinguished name (DN) of the SSL server's digital certificate with the host name of the SSL server used to initiate the SSL connection. If the subject DN and the host name do not match, the SSL connection is dropped.
See digital certificate, host name verification, Secure Sockets Layer (SSL), and Subject.
Intermediary that represents the Internet for outgoing HTTP requests and represents many IP destinations for incoming requests.
See internationalization (I18N).
See integrated development environment (IDE).
A function, f, is considered idempotent if f(f(x)) = x. Computer science defines a procedure as idempotent if it produces the same result every time it is performed with the same arguments.
This property is especially useful when dealing with a retry of a replicated object. When a communication failure occurs during an attempt to invoke a remote method, it is not always possible to know whether the failure occurred before or after the method invoked was completed on the server. If the failure occurred after the method completed on the server, a retry results in the same method being called twice (even if it is called on two servers).
Such behavior can produce incorrect results unless the method being invoked is idempotent. If a method is idempotent, then the process of invoking it multiple times with the same arguments is equivalent to invoking it only once.
Set of unique security attributes assigned to a principal. No two identities of principals may be identical. Principals may have several different kinds of identities, each of which must be unique.
Special type of authentication whereby a client’s identity is established through the use of client-supplied tokens that are generated from an outside source. Identity is asserted when these tokens are mapped to usernames. For example, the client’s identity can be established by using a digital certificate, and that certificate can be passed around the system so that users are not asked to sign on more than once. Thus, identity assertion can be used to enable single sign-on.
See authentication, digital certificate, Identity Assertion provider, single sign-on, SSL tunneling, and token.
A security provider that performs perimeter authentication—a special type of authentication using tokens. Identity Assertion providers also allow WebLogic Server to establish trust by validating a user. Thus, the function of an Identity Assertion provider is to validate and map a token to a username.
See perimeter authentication, security provider, token, and user.
See Internet Interoperability Protocol (IIOP).
See implementation.
Named object or class that defines the behavior for all operations and attributes of a supported interface. For example, my_object implements my_impl. Used with RMI to invoke a remote interface.
Properties stored in the WebLogic Personalization Server property tables that do not correspond to getter and setter methods.
Transactions whose behavior is automatically determined (or implied) by business process logic and which are not explicitly visible in a process diagram. When you build a business process, implicit transaction boundaries are formed based on where in the process you place blocking elements. The transaction boundaries within a business process change as you add process nodes to the business process.
See business process and explicit transaction.
Transactions whose behavior is automatically determined (or implied) by business process logic and which are not explicitly visible in a process diagram. When you build a business process, implicit transaction boundaries are formed based on where in the process you place blocking elements. The transaction boundaries within a business process change as you add process nodes to the business process.
See business process and explicit transaction.
Set of components (fundamental services) that support a higher-level set of components in a given computer system. The higher-level components are typically provide the function for which the whole system is used.
Security principal representing the end-user that interacts directly with an application. An end-user can authenticate the use of either a Web client or an application client.
See principal.
A software component in an active state. For example, a Java object is an
instance of a Java class. Similarly, a WebLogic Server instance is the
active state of a WebLogic Server configuration.
A variable in a Java class that can represent a different value for each
instance (object) of the class.
To transition a software component to an active state.
integrated development environment (IDE)
A software environment that supports the task of programming in the context of an existing application.
Ability of applications to share information or to process independently by requesting services and satisfying service requests. In a well-integrated system, each part has a purpose, and the parts combine effectively to achieve the purpose of the overall system.
Component used in a business process so that the process can communicate with other kinds of applications and components. Integration controls are available in WebLogic Workshop only if you are licensed to use WebLogic Integration.
The overarching term for portal personalization, campaigns, and events and behavior tracking. See Behavior Tracking and Personalization.
Static XML document that contains secondary metadata about a service. For a DBMS service adapter, for example, the interaction specification contains the SQL statement used to invoke a process on the database.
Preparation of software for proper behavior in multiple locales. Localization (L10N) is the presentation of text in a specific locale. It covers not only language, but collation, date and time formats, monetary formats, and character encoding.
The term I18N refers to the 18 letters between the i and the n in the word internationalization.)
Internet Interoperability Protocol (IIOP)
Protocol used by CORBA clients to communicate with ORBs over the World Wide Web.
One of several protocols in the TCP family. IP specifies the format of a packet (a piece of a message transmitted over a packet-switching network) and the addressing scheme for it.
Internet Protocol Address (IP address)
Numeric value that uniquely identifies a node in a TCP/IP network. IP addresses are usually shown in dotted-decimal notation: a series of four decimal numbers (0-255) separated by periods, such as 123.205.23.99.
Internet Protocol multicast (IP multicast)
A simple broadcast technology that enables multiple applications to “subscribe” to a given IP address and port number and listen for messages. A multicast address is an IP address in the range from 224.0.0.0 to 239.255.255.255. WebLogic Server uses IP multicast for all one-to-many communications among server instances in a cluster, including cluster-wide JNDI updates and cluster heartbeat.
(1) Ability of entities to exchange requests. (2) The capability of an application deployed in one release or service pack to communicate with another application that is deployed in a different release or service pack. (3) The capability of WebLogic Platform components to communicate with third-party software via standard protocols.
In the context of Web Services, interoperability demands that the functionality of a Web Service application be the same across differing:
Process of performing a method call on a distributed object, with or without knowledge of the object's location on the network. CORBA Static invocation, in which a client stub is used for the invocation and a server skeleton for the service being invoked, is used when the interface of the object is known at compile time. CORBA Dynamic invocation must be used if the interface is not known at compile time.
See Internet Protocol multicast (IP multicast).
See Java 2 Enterprise Edition (J2EE) and JAAS.
A resource adapter used to integrate J2EE-compliant application servers with enterprise information systems (EIS).
See resource adapter, and J2EE Connector Architecture.
Architecture for integrating J2EE-compliant application servers with enterprise information systems (EIS). This architecture comprises two parts: an EIS resource adapter and an application server, such as WebLogic Server, to which the resource adapter plugs in. This architecture defines a set of contracts, such as transactions, security, and connection management, that a resource adapter must support in order to plug in to an application server.
The J2EE Connector Architecture also defines a Common Client Interface (CCI) for EIS access. The CCI, in turn, defines a client API for interacting with heterogeneous EISs.
See Java 2 Enterprise Edition (J2EE) and J2EE Connector.
See Java 2 Platform, Micro Edition (J2ME).
See Java Authentication and Authorization Service (JAAS).
If a security realm has multiple Authentication providers configured, the JAAS control flag determines how the login sequence uses the Authentication providers.
Responsible for authenticating users within the security realm and for populating a subject with the necessary principals (users/groups). A LoginModule is a required component of an Authentication provider, and can be a component of an Identity Assertion provider if you want to develop a separate LoginModule for perimeter authentication. LoginModules that are not used for perimeter authentication also verify the proof material submitted (for example, a user's password).
See authentication, group, Identity Assertion provider, perimeter authentication, principal, security realm, and Subject.
See JAR file.
File format, called Java Archive, used for aggregating many files into one. The format is a compressed (zip) file. It is useful for loading classes and other files required to run an applet in a single HTTP request. JAR files are named with a .jar extension.
Object-oriented programming language, created by Sun Microsystems, Inc., that allows developers to write once, run anywhere.
Java 2 Enterprise Edition (J2EE)
Platform-independent, Java-centric environment for developing and deploying distributed, scalable, enterprise-level applications designed to run on networks, the Internet, and the Web. The J2EE platform consists of a set of services, APIs, and protocols that provide the functionality for developing multitiered, Web-based applications.
J2EE enables programmers to simplify their enterprise applications by basing them on standardized, modular components. J2EE provides, for those components, services that manage many details of application behavior automatically. As a result, an enterprise application developer is not required to write complex custom code for many common functions.
Java 2 Platform, Micro Edition (J2ME)
Java platform technology developed for wireless consumer devices.
A file that contains a set of Java classes organized hierarchically.
Java Authentication and Authorization Service (JAAS)
Set of Java packages that enable services to authenticate and enforce access controls upon users. JAAS implements a Java version of the standard Pluggable Authentication Module (PAM) framework, and supports user-based authorization.
WebLogic Server only implements the authentication portion of JAAS.
See authentication, authorization, and user.
A reusable software component designed to add functionality to a containing application such as a web service, JSP file, business process, and so on. A JCX file extends a control interface that is defined in a JCS file.
A control that extends an existing Java control interface.
The model on which a control author builds controls. The Java control model makes it possible to extend JCS files as JCX files. See Java control implementation (JCS) and Java control extension (JCX).
Java Cryptography Architecture
A framework for accessing and developing cryptographic functionality for the Java platform. For a description of the Java Cryptography Architecture provided by Sun Microsystems, Inc., see http://java.sun.com/j2se/1.3/docs/guide/security/CryptoSpec.html#Introduction.
See Java Cryptography Extensions.
Java Cryptography Extensions (JCE)
Set of Java packages that extends the Java Cryptography Architecture API to include APIs for encryption, key exchange, and Message Authentication Code (MAC) algorithms. See http://java.sun.com/j2se/1.4/docs/guide/security/jce/JCERefGuide.html for a description of JCE provided by Sun Microsystems, Inc.
See Java Cryptography Architecture.
Java database connectivity (JDBC)
JavaSoft specification for Java access to relational databases, published by Sun Microsystems, Inc.
Software development kit, provided by JavaSoft, for writing applications in Java.
JavaSoft collection of application programming interfaces that facilitate the development of cross-platform Java Enterprise software. BEA has implemented many Java Enterprise APIs, including WebLogic Server EJB, WebLogic Server HTTP servlets, WebLogic Server JNDI, WebLogic Server RMI.
Area of memory designated for run-time use by a Java program.
Java Management Extensions (JMX)
A specification for J2EE management components. The specification includes
architecture, design patterns, and APIs. The WebLogic Integration and WebLogic Server administration APIs are based on the JMX API.
Standard API for accessing enterprise messaging systems. An enterprise messaging system, also referred to as Message-Oriented Middleware (MOM), provides a reliable, flexible service for the asynchronous exchange of critical business data and events throughout an enterprise. JMS adds a common API and provider framework for developing portable, message-based applications in the Java programming language.
Java Naming and Directory Interface (JNDI)
The Java Naming and Directory Interface (JNDI) is an API that provides naming services to Java applications. JNDI is an integral component of the Sun Microsystems J2EE technology and is independent of any specific naming or directory service implementation. JNDI allows Java applications in WebLogic Server to access external directory services such as LDAP in a standardized fashion.
Java Run-time Environment (JRE)
Self-contained Java environment that consists of only one element: the JVM. With a JRE installed, users can run Java programs.
See Java Development Kit (JDK), and Java virtual machine (JVM).
Scripting element containing a code fragment that is valid in the scripting language used in the Java Server Page (JSP) specification. The JSP specification defines the concept of a valid scriptlet for cases in which the language page attribute is java.
Security manager for the Java virtual machine (JVM). The Java Security Manager works with the Java API to define security boundaries through the java.lang.SecurityManager class, thus, enabling developers to establish a custom security policy for their Java applications. WebLogic Server supports the use of the Java Security Manager to prevent untrusted code from performing actions that are restricted by the Java security policy file. The Java Security Manager uses the Java security policy file to enforce a set of permissions granted to classes. The permissions allow specified classes running in that instance of the JVM to permit or deny certain runtime operations.
See Java security policy file and policy condition.
File used by the Java Security Manager to enforce a set of permissions granted to specified classes running in an instance of the WebLogic Server-supported Java Virtual Machine (JVM). Classes running in that instance of the JVM use the permissions to permit or deny certain runtime operations.
See Java Security Manager and policy condition.
J2EE component that extends the servlet class and supports rapid server-side development of HTML interfaces that can be comingled with Java.
Server-side Java program that displays output in a browser. It is usually executed in response to an HTTP request.
Parameter, similar to an environment variable in a native program, that encapsulates information about the environment in which a Java program is run. Properties used in BEA products conform to the class java.util.Properties, which defines the use of Java system properties.
The XA interface enables an external transaction manager to control the transaction boundaries for operations performed by multiple resource managers using the two-phase commit X/Open XA protocol.
The JTA is defined in the javax.transaction and javax.transaction.XA packages.
See transaction, transaction manager, resource manager, and XA interface.
Java Transaction Service (JTS)
Service that implements a transaction manager that supports the Java Transaction API (JTA) and implements the Java mapping of the OMG Object Transaction Service (OTS) 1.1 specification at the level below the API.
Java interpreter that includes a bytecode instruction set, a set of registers, a stack, a garbage-collected heap, and an area for storing methods. Java code is processed in the JVM on a particular platform (UNIX or Windows).
See Java Development Kit (JDK).
See Java Cryptography Extension (JCE).
The packaged result of a control author's work. May contain more than one Java business control. Includes CLASS files compiled from the control interface, control class, control wizard (if any), supporting classes, and a jc-jar.xml control deployment descriptor that describes any controls contained within. See Java control source (JCS), Java archive (JAR).
See Java business control extension (JCX).
See Java database connectivity (JDBC).
Software component that provides general database connectivity through the ODBC client library. Also known as a Type-1 JDBC driver, the bridge supports Java connectivity to any relational database. It was created as a joint project between INTERSOLV (now DataDirect Technologies) and JavaSoft.
See open database connectivity (ODBC).
See Java Development Kit (JDK).
See just-in-time compiler (JIT).
See Java Message Service (JMS).
See Java Management Extensions (JMX).
See Java Naming and Directory Interface (JNDI).
See Java Run-time Environment (JRE).
String of characters, displayed between angle brackets (<string>), that provides markup instructions within a JSP element. JSP tags can be used with various scripting languages.
Set of tags grouped together to perform a specialized task collectively after being imported into any JSP.
See Java Server Pages (JSP) and JSP tag.
JSP that displays the features of the WebLogic Portal. You can modify these templates to meet your business needs and use them as a model for developing your own site.
See Java Transaction API (JTA).
See Java Transaction Service (JTS).
Compiler that stores generated machine code in memory and reuses it when possible. This practice can result in improved performance for some Java applications.
See Java virtual machine (JVM).
A sequence of a few hundred bytes in length that is used to control access to physically insecure networks. Kerberos tickets are based on the Kerberos protocol. Kerberos is a network authentication protocol that allows entities (users and services) communicating over networks to prove their identity to each other, while preventing eavesdropping or replay attacks. The protocol was designed to provide strong authentication for client/server applications by using secret-key cryptography. For more information, see http://web.mit.edu/kerberos/www/.
See private key.
An in-memory collection of private key and trusted certificate pairs. The information is protected by a passphrase, such as a password, a credit card number, Personal Identification Number, or some other form of personal identification information.
See private key and trusted (root) certificate authority.
String of characters used for either of the following purposes:
See localization (L10N).
The time that elapses while a client waits for a request to be processed and returned over the network
A layout determines the arrangement of portlets and book within a matrix, with one layout for each page. Each cell of this matrix contains a Placeholder, which may in turn contain one or more portlets or books arranged vertically or horizontally.
See Lightweight Directory Access Protocol (LDAP).
Authentication provider that uses a Lightweight Data Access Protocol (LDAP) server to access user and group information, for example, iPlanet’s Active Directory and Novell’s OpenLDAP.
A WebLogic Server 6.x security realm. In WebLogic Server 6.x, security realms provide authentication and authorization services. The LDAP security realm provides authentication through an LDAP server. This server allows you to manage all the users for your organization in one place: the LDAP directory. The LDAP security realm supports Open LDAP, Netscape iPlanet, Microsoft Site Server, and Novell NDS. In WebLogic Server 7.x or later, you can only use the LDAP security realm when using Compatibility security.
See authentication, authorization, Compatibility security, File realm, security realm, and user.
A pre-packaged, re-usable component that you can use in your application. Each workspace has a Libraries folder where you can add JAR files containing classes that you want to use from your application.
The library contains the reusable definitions for portal components such as portals, portlets, books, pages, skins, layouts, and shells.
Instance of a WebLogic Workshop Web service that exists in WebLogic Server for a period of time that is controlled by the Web service developer. This time period is determined by the following factors:
Lightweight Directory Access Protocol (LDAP)
Set of standard protocols for accessing and searching directories (that is, collections of information, such as phone numbers or billing addresses) that reside in a database or on a server. These directories may be physically distributed across multiple systems for access by many applications within an enterprise.
LDAP is based on the X.500 standard, but it is simpler. Unlike X.500, LDAP supports TCP/IP for Internet access.
Because it is closely coupled with the X.509 standard for certificates, LDAP provides an ideal way to publish certificates.
See certificate and X.509.
Basic representation of an integer, floating point, or character value. For example, 3.0 is a double-precision floating point literal, and "a" is a character literal.
Binary format in which bytes at lower addresses have lower significance. This format is used on Intel and VAX processors.
Practice of distributing processing and communications activity evenly across a computer network so that no single device is overwhelmed. The work of answering client requests is moved in response to individual server load. Load balancing requires the ability to move both the identity and state of a provider from one host to another.
Transaction in which a single database or file is accessed and controlled by a single, local resource manager, functioning as a transaction participant.
Use, at run time, of locale-specific language and constructs (such as date formats) in conformance with the principles of internationalization. To make sure your software conforms with these principles, you must:
See internationalization (I18N).
File containing descriptions of the events that occur during an operation. Log files are updated frequently during an operation and are useful for reviewing system operations and errors.
Notification of a particular occurrence that is recorded in a local log. BEA products generate four types of log messages, based on the level of severity of the occurrence being reported: fatal, error, warning, and info. Each log message is accompanied by a timestamp.
See log message.
See JAAS LoginModule.
A selectable combination of skins and skeletons that determine the physical appearance of a portal desktop. A look and feel XML file (.laf) contains pointers to the skins and skeletons to use for the look and feel.
See Skins and Skeletons.
A Business Process Start Node property that describes how to invoke subprocesses when different versions of the parent process exists. For loosely-coupled processes, the subprocess version is set at the time that the subprocess is invoked. In other words, if an instance of your business process is currently running but has not yet reached the state of invoking the subprocess for which you have created a new version, the new version of the subprocess is used when the process invokes the subprocess.
See tightly coupled.
A Java object that provides a management interface for an underlying
resource. An MBean is part of Java Management Extensions (JMX).
In WebLogic Integration, MBean classes are used to monitor run-time information. MBeans are registered with the MBean server that runs inside WebLogic Integration. When MBeans are created, their attributes are populated from the repository. At run time WebLogic Integration updates MBean attributes to reflect the state of the running system. MBeans are implemented as Standard MBeans; that is, each class implements its own MBean interface.
In WebLogic Server, MBeans provide information about a resource's configuration as well as its runtime state.
See security provider.
Defines an operational environment for a J2EE-based, multitier, Web-enabled application that accesses enterprise information systems (EIS). The application consists of one or more application components, such as EJBs, JSPs, and servlets, that are deployed on containers. These containers can be any of the following:
Management Information Base (MIB)
A description of attributes that can be managed through SNMP (Simple
Network Management Protocol). A MIB includes both text descriptions of the
attributes and numerical object identifiers (OIDs) that SNMP software uses
to identify the attributes.
Security violation that occurs when an enemy inserts a machine into a network, captures all the messages exchanged by two parties, possibly modifies those messages, and then retransmits them.
The files used to control portal rendering, including layouts, look and feels, menus, shells, and themes.
See managed bean (MBean).
An XML file used by the WebLogic MBeanMaker to generate files for an MBean type.
See MBean type.
One of several intermediate Java files generated by the WebLogic MBeanMaker utility to create an MBean type for a custom security provider. You edit this file to supply your specific method implementations.
See MBean information file, MBean interface file, and MBean type.
One of several intermediate Java files generated by the WebLogic MBeanMaker utility to create an MBean type for a custom security provider. This file contains mostly metadata and therefore requires no editing.
See MBean implementation file, MBean interface file, and MBean type.
One of several intermediate Java files generated by the WebLogic MBeanMaker utility to create an MBean type for a custom security provider. This file is the client-side API to the MBean that your runtime class or your MBean implementation will use to obtain configuration data, and requires no editing.
See MBean implementation file, MBean information file, MBean type, and runtime class.
JAR file that contains the runtime classes and MBean types for a security provider. MJFs are created by the WebLogic MBeanMaker.
See MBean type, runtime class, and security provider.
Factory for creating the MBeans used to configure and manage security providers. MBean types are created by the WebLogic MBeanMaker.
See MBean and security provider.
The navigation mechanism used by portal pages, such as page tabs or drop-down menus.
Formula used by WebLogic Server to send data across applications. Messages may contain statistical or status information about application processes or instructions for the recipient. Each message consists of two parts:
Description of a collection of text messages indexed by a unique identifier.
Specification of the business content, or payload of a business message. A message definition consists of ordered message parts, the contents of which may be binary or XML. An XML message part defines a business document and requires a document definition. A binary message part defines an attachment and requires no other information.
A digitally created hash, or fingerprint, created from a block of plain text. Even though the complete message is used to create the hash, the message cannot be recreated from the hash. Message digests help prevent man-in-the-middle attacks. Because there is only one digest for any given block of plain text, the digest can be used to verify the authenticity of the message. Thus, this process results in a digital signature of the message, which can be used to provide non-repudiation and integrity services.
A computational procedure that is used to produce a message digest from a block of plain text. Once a message digest is produced, other security mechanisms are used to encrypt and convey the digest. Examples of message digest algorithms are MD5 and SHA-1.
See message digest.
The definition of how messages are handled within a business process or a portion of a business process. Message paths can be associated with individual nodes, a group of nodes, or with the entire process (global). An On Message path can contain a Client Request or Control Receive node at which it receives the message. For the case in which an On Message path is specified for the process (that is, specified at the Start node), the first node on the path can be a Client Request with Return node.
See business process.
The definition of how messages are handled within a business process or a portion of a business process. Message paths can be associated with individual nodes, a group of nodes, or with the process (global). An On Message path can contain a Client Request or Control Receive node at which it receives the message. For the case in which an On Message path is specified for the process (that is, specified at the Start node) the first node on the path can be a Client Request with Return node.
See business process.
EJBs that handle asynchronous messages received from JMS Message Queues. The message-driven bean selects an instance from a pool to process the message.
See Enterprise JavaBeans (EJB), Java Message Service (JMS), and asynchronous.
Data used to indicate the purpose, meaning, or location of other data. Provides a means to query and match content with users by allowing a system such as the content management system to retrieve content, based on the metadata that describes the content.
Interface that accesses information about data; descriptive information about a particular object.
In object-oriented programming, a programmed procedure that is defined as part of a class and included in any object of that class. A class (and thus an object) can have more than one method. A method in an object can have access only to the data known to that object, which ensures data integrity among the set of objects in an application. A method can be reused in multiple objects.
See class, object, and object-oriented programming (OOP).
See Management Information Base (MIB).
To move an application or domain configuration from a third-party product to a BEA product.
Ability of an operating system to execute different parts of an application, called threads, at the same time, allowing the application to perform multiple tasks simultaneously.
Networked environment or application that includes clients (one tier), all the network services to which they need access (one or more tiers), and brokers, application servers, and other kinds of resources suppliers (one or more tiers). Two-tier is commonly used to refer to a client-server environment or application.
See client/network and two-tier.
Authentication that requires both client and server to present proof of identity. Two-way SSL authentication is a form of mutual authentication in that both client and server present digital certificates to prove their identity. However, with two-way SSL, the authentication happens at the SSL level, whereas other forms of mutual authentication are executed at higher levels in the protocol stack.
See authentication, digital certificate, Secure Sockets Layer (SSL), two-way SSL authentication, and trusted (root) certificate authority.
Association of a name with an object reference. Name bindings are stored in a naming context.
See bind.
Process of converting a name to an object reference.
Java mechanism for calling methods or functions in a language other than Java.
A nested page aggregates a set of portlets and books.
Icon that represents a state in a Webflow mechanism. Depending on the node type (presentation or processor), there are a number of predefined events that may occur (such as a visitor clicking a link on a Web page). When a particular event happens, the Webflow decides which subsequent node to invoke to continue the flow. The invocation of a node to continue the flow is referred to as a transition.
In WebLogic Integration, components of a business process representing actions, decisions, or the exchange of information.
Defines an operational environment for a two-tier application. An application client directly uses a resource adapter to access the enterprise information system (EIS); the EIS defines the second tier for a two-tier application.
Mechanism that provides legal proof that a message was sent or received. Nonrepudiation of origin provides legal proof that a message was sent; it links a received message to the sender of the message. Nonrepudiation of receipt provides legal proof that a message was received; it links a processed message to the recipient of the message.
Irrefutable evidence that a security event occurred.
Entity defined by its state, behavior, and identity. These attributes (also known as properties) are defined by an object's object system.
object-oriented programming (OOP)
Type of programming that merges data, information about its structure, and the functions to process the data into a single object. Relationships can be created between one object and another.
See open database connectivity (ODBC).
A Business Process Start Node property which specifies error handling behavior. This property only applies to the process if it is configured to be a synchronous subprocess; it is ignored for any other business processes. If a synchronous subprocess fails, the default behavior is to mark it as rollback only, which causes both the subprocess and the parent process to rollback. However, if the on sync failure property is set to rethrow, only the subprocess will rollback.
See freeze on failure.
Type of SSL authentication which requires the server to present a certificate to the client, but the client is not required to present a certificate to the server. The client must authenticate the server, but the server will accept any client into the connection. Enabled by default in WebLogic Server.
See mutual authentication and two-way SSL authentication.
open database connectivity (ODBC)
Microsoft's standard mechanism for accessing relational databases.
See Java database connectivity (JDBC) and JDBC-ODBC bridge.
open software distribution (OSD)
File format specification submitted to the W3C and used to facilitate automatic distribution of software over a network. OSD specifies the use of an XML-encoded manifest for a software distribution that details the component files and their dependencies.
See extensible markup language (XML).
System that implements specified common standards across different computer vendors. Implementing open system standards for communication allows computers from different vendors to communicate with each other.
Open Systems Interconnect Transaction Processing (OSI TP)
ISO standard (ISOIIEC 10026-2) for services and protocols that are used to establish dialogs and pass messages between clients and service routines on different computers. A software implementation of the ISOIIEC 10026-2 standard.
Open Systems Interconnection (OSI)
Consortium that facilitates communication among different types of computer systems.
A method that is exposed to a client.
Organization for the Advancement of Structured Information Standards (OASIS)
International consortium dedicated to the rapid adoption of product- and platform-independent formats based on public standards, such as XML. OASIS operates a Web site that offers resources, and that functions as a repository for XML specifications, such as vocabularies, DTDs, schemas, and namespaces. You can visit this Web site at http://www.xml.org.
See open software distribution (OSD).
See Open Systems Interconnect Transaction Processing (OSI TP).
See Platform for Privacy Preferences Project (P3P).
Logical grouping of classes or interfaces in Java, declared by the package keyword on the first line of a .java file.
Name of a logical grouping of classes or interfaces in Java, declared by the package keyword on the first line of a.java file. A fully qualified package name is a unique naming scheme (for example, weblogic.jdbc.t3.Driver) reflecting the hierarchy and location of the compiled class file. Compiled Java class files that are part of a named package must be placed in the CLASSPATH of the host VM in order to be accessed by the Java interpreter or other utilities. The package name forms the CODE value in an applet tag.
Any type of application that is purchased rather than developed. Such applications contain reusable business processes that represent best-of-breed business models, and do not require a full-scale development effort.
A page contains one or more portlets or books, whose position is dictated by the associated layout.
Links two or more JavaServer Pages in a definable sequence within a web application.
A Parallel node represents a point in a business process at which a number of activities are executed in parallel. By default, parallel nodes contain an AND join condition. In this case, the activities on all branches must complete before the flow of execution proceeds to the node following the parallel node. You can change the join condition to OR. In this case, when the activities on one branch complete, the execution of activities on all other branches terminates, and the flow of execution proceeds to the node following the parallel node.
See business process.
Program that receives input in the form of sequential source program instructions, interactive online commands, markup tags, or some other defined interface and breaks them up into parts (for example, the nouns (objects), verbs (methods), and their attributes or options) that can then be managed by other programming (for example, other components in a compiler).
See Apache XML Parser.
Perform nodes provide a means for visually representing custom code within a process diagram. When you add a Perform node to your business process, a method is created in the JPD file. You subsequently customize the method signature in Source View.
See business process.
Authentication that occurs outside the application server domain. Perimeter authentication is typically accomplished when a remote user specifies an asserted identity and some form of corresponding proof material, normally in the form of a passphrase (such as a password, a credit card number, Personal Identification Number, or some other form of personal identification information.), to an authentication server (typically a Web server) that performs the verification and then passes an artifact, or token, to the application server domain (for example, a WebLogic Server domain). The application server can then pass the token around to systems in the domain so that users are not asked to sign on more than once.
The authentication agent, the entity that actually vouches for the identity, can take many forms, such as a Virtual Private Network (VPN), a firewall, an enterprise authentication service (Web server), or some other form of global identity service.
The WebLogic Server security architecture supports Identity Assertion providers that perform perimeter authentication (Web server, firewall, VPN) and handle multiple security token types and protocols (SOAP, IIOP-CSIv2).
See authentication and Identity Assertion.
Defines access to a system resource. To allow access to a WebLogic Server resource, the corresponding permission must be explicitly granted to the principal attempting access.
Ability to carry out certain operations on certain objects, as defined in an access control list. Permissions may be positive (explicitly allowing certain operations on certain objects), or negative (explicitly disallowing certain operations on certain objects). In a WebLogic Server environment, all permissions are positive; to disallow an operation, you must exclude a principal from the ACL that authorizes the operation.
See access control list (ACL) and principal.
Process that saves information or state, in a resource such as a file or database, that would otherwise be transient.
Object that exists independently of the process within which its object reference is created.
Services used by Web content developers to tailor an application to a particular individual or group, based on profile criteria or other variables.
A personalization placeholder is different from a portal placeholder, in that the former is used to target content to a portlet based upon profile attributes of the current visitor, whereas the latter is used to position portlets within a layout.
Predefined locations in which content may appear in a portal Web site. Placeholders answer the question, “Where, on my Web site, should this message be conveyed?” and should have descriptive names that allow for quick identification.
See Public-Key Cryptography Standards (PKCS-1).
Predefined locations in which advertisements may appear in a portal Web site. Placeholders answer the question, “Where, on my Web site, should this message be conveyed?” and should have descriptive names that allow for quick identification.
Platform for Privacy Preferences Project (P3P)
Emerging industry standard that is designed to provide an automated way to compare consumers' privacy preferences with the privacy practices of the Web sites they visit. It lets Web sites express their privacy practices in a format that can be retrieved automatically and interpreted easily.
Software module that adds functionality to a larger application.
A condition under which a security policy will be created. Policy conditions, along with the specific information you supply for the condition (such as an actual user name, group, security role, or start/stop times), are called expressions.
See policy statement.
See policy statement.
Collection of expressions that define who is granted access to a WebLogic resource, and is therefore the main part of any security policy you create. Policy statements are also referred to as policy expressions.
See policy condition.
To transfer a program from one hardware or software environment to another by rewriting sections of the code that are machine dependent, and then recompiling the program on the new environment. For example, the phrase, “to port the application to WebLogic Server,” means to make the necessary changes in the application to enable it to run on WebLogic Server.
Entity on a TCP/IP host that identifies a logical communications channel and distinguishes one connection from another. A TCP/IP server, for instance a WebLogic Server instance, listens for incoming connection requests at a designated port. A TCP/IP client initiates a connection with the server by specifying the host's IP address and the server's designated port number.
A portal is a Web application that provides a unified user interface to aggregated content and integrated applications. Access to portals and their associated resources is dictated by the user’s role, allowing administrators to easily manage the site’s contents.
The user’s view of the portal may be personalized, both explicitly based on user feedback and implicitly based on user behavior.
Built-in Java code components that let you easily and quickly access portal services within a Java Page Flow. For example, you can add a User Login Control to a Java Page Flow to provide authentication for the page flow process.
A portal placeholder is used to position portlets or books within a layout.
See personalization placeholder.
The user interface for application integration and content aggregation. Typically a JSP file or Java Page Flow, portlets make up the basic building blocks of the WebLogic Platform.
See portal.
Portlets can be grouped together into sets, whereby the portlet set can be treated as one logical component in the ide and the administration tools.
A notation in which you enclose the filtering statement in square brackets.
Icon that represents states in which a Webflow presents or displays something to a person interacting with the Web application. A Webflow must always start and end with a presentation node.
See node and processor node.
See authentication, group, permission, and user.
The act of signing and later verifying that a principal has not been altered since it was signed. Principal validation establishes trust of principals.
See principal.
Encryption/decryption key known only to the party or parties that exchange secure messages. It is called private because it must be kept secret from everyone but the owner.
See public key.
The computational procedure used to encode, or encrypt, ciphertext. Data encrypted with the private key can only be decrypted by the public key.
See private key, public key, and public key algorithm.
Icon that represents states in which the Webflow invokes more specialized components to handle activities like form validation, or back-end business logic that drives the site's presentation. The processor nodes available for use are:
See node.
An instance of WebLogic Server that is configured for use in a production environment. See also development server.
Application security that is defined in servlets and EJBs using Java methods.
A WebLogic Workshop component that provides the directory structure in which web service files, including supporting files, reside. A project is part of an application.
In WebLogic Workshop, specifies attributes that guide a component's run-time behavior. Properties and their attribute values are stored as annotations in source code. Components that expose properties include controls, Web services, JSP pages, and business processes. When developing Java controls, a control author defines properties and attributes through an XML file of a particular schema. The control's source code defines attribute-influenced behavior. See Java control source (JCS).
In WebLogic Server, the mechanism for storing metadata uses name/value pairs. All properties include the following information: property name, data type and selection mode--which specifies whether a property is single-valued (that is, it has a single default value) or multilevel (that is, it has a collection of default values)--and value ranges for defining default values.
An XML file that describes the properties exposed by a Java business control, including property attributes, types, default values, and allowable locations. Control property values are stored as attributes of an annotation in source code.
Collection of metadata that describes a logical grouping of properties. Property sets allow properties to be conveniently grouped, and allow multiple properties with the same name to be defined.
In WebLogic Portal, property sets are the schemas for personalization attributes. They offer a convenient way to give a name to a group of properties for a specific purpose.
WebLogic Portal component that you can use to name properties and group them into property sets, which you can also name. Properties represent the attributes of an object. For example, backgroundColor is a property of an HTML page.
When you create a property, you specify the type of attribute value (for example, text, integer, date/time), whether it defines multiple or single values, whether it restricts values to a certain set, and a default value. You can create property sets based on the following types: User/Group, Session, and Request.
You can apply named properties and property sets to users and groups, HTTP sessions and HTTP requests (wrapped by a ConfigurableEntity component), or content that is accessible from the Content Manager. However, property sets do not manage content; the document loader utility, or a third-party content management tool, manages content metadata.
For example, developers want visitors to be able to specify different background colors for each of their portals. By creating portal A and portal B property sets, the property backgroundColor can exist for both portal A and portal B. While the two backgroundColor properties have the same name, they could have the same or different definitions.
The process of sending files from point A to point B, usually from a server to a client. The server might implement the J2EE platform, and the client, the J2ME platform.
See proxy server.
Server that sends requests to another server for processing. WebLogic Server supports proxying of HTTP requests with its HTTPProxyServlet. You can proxy to an instance of WebLogic Server from Netscape and Microsoft Internet Information Server (IIS) through WebLogic Server's Netscape Server Application Programming Interface (NSAPI) and Internet Server API (ISAPI) plug-ins. The use of a proxy server is invisible to the end user.
See proxy.
The operations that the web service can perform. The contract is completely under the control of the author of the web service; it cannot be altered by a client of the web service.
The format of the messages to be sent to the service to access its operations and receive operation results.
Value provided by a certificate authority as an encryption key that, combined with a private key, can be used to effectively encrypt messages and digital signatures. The key is called public because it can be made available to anyone. Public key cryptography is also called asymmetric cryptography because different keys are used to encrypt and decrypt the data.
See asymmetric key cryptography and private key.
The computational procedure used to encode, or encrypt, plain text. Data encrypted with the public key can only be decrypted by the private key.
See private key, private key algorithm, and public key.
See asymmetric key cryptography.
Technique in which a pair of asymmetric keys--a public key and a private key--is used for encryption and decryption. The public key is made public by distributing it widely. The private key is never distributed; it is always kept secret.
Extension of public key encryption technology developed for protection of a WebLogic Server environment. Public key encryption is used, in this extension, to establish end-to-end digital signing and data privacy between WebLogic Server and application clients. It complies with the PKCS-7 standard.
This is the URI (Uniform Resource Identifier), corresponding to an instance, by which external clients access the active version of your business process. The default value is the public instance by which clients accessed the original version of the business process.
See business process and See versioning.
Public-Key Cryptography Standard 7 (PKCS-7)
One of a set of Public-Key Cryptography Standards developed by RSA Laboratories in cooperation with an informal consortium, originally including Apple, Microsoft, Digital Equipment Corporation, Lotus, Sun and MIT. PKCS-7 defines a general syntax for messages that include cryptographic enhancements such as digital signatures and encryption.
WebLogic Server public key security complies with the PKCS-7 standard.
Public-Key Cryptography Standards (PKCS-1)
One of a set of Public-Key Cryptography Standards developed by RSA Laboratories for the implementation of encrypted data transmission.
See secure sockets layer (SSL) and RSA.
Simple data structure for managing the time-staged delivery of requests to servers. Queued elements may be sorted in some order of priority. Clients insert items in the queue and servers remove items from the queue, as soon as possible, in batch, or periodically.
XML file that describes the configuration and deployment properties for a resource adapter as described in the J2EE Connector Architecture Specification by Sun Microsystems.
See Document Type Definition (DTD).
See Resource Adapter Archive (RAR).
A WebLogic Server 6.x security realm. In WebLogic Server 6.x, security realms provided authentication and authorization services. The RDBMS security realm stores Users, Groups, and ACLs in a relational database. In WebLogic Server 7.0 and later, you can only use the RDMS security realm when using Compatibility security.
See access control list (ACL), authentication, authorization, Compatibility security, group, security realm, and user.
Realm Adapter Adjudication provider
The Realm Adapter Adjudication provider enables both the WebLogic Authorization provider and the Realm Adapter Authorization provider to be used together for a security realm in Compatibility security.
See Compatibility security and Compatibility realm.
Realm Adapter Auditing provider
Auditing provider in the Compatibility realm that allows you to use implementations of the weblogic.security.audit interface with WebLogic Server. You must run Compatibility security in order to access the Compatibility realm and the Realm Adapter providers through the WebLogic Server Administration Console.
See Compatibility security and Compatibility realm.
Realm Adapter Authentication provider
Authentication provider in the Compatibility realm that allows backward compatibility to the authentication services in 6.x security realms. You must run Compatibility security in order to access the Compatibility realm and the Realm Adapter providers through the WebLogic Server Administration Console.
See Compatibility security and Compatibility realm.
Realm Adapter Authorization provider
Authorization provider in the Compatibility realm that allows backward compatibility to the authorization services in 6.x security realms. You must run Compatibility security in order to access the Compatibility realm and the Realm Adapter providers through the WebLogic Server Administration Console.
See Compatibility security and Compatibility realm.
Type of security provider used to access WebLogic Server 6.x security services when using Compatibility security in WebLogic Server 7.0 or later. These providers allow you to adapt 6.x security providers so that they can be used with WebLogic Server 7.0 and later. You must run Compatibility security in order to access the Compatibility realm and the Realm Adapter providers through the WebLogic Server Administration Console.
See Compatibility security and Compatibility realm.
Request from a coordinator or a participant to complete an identified transaction.
Process of restoring a transaction system after a failure to its most recently committed and consistent state.
In distributed systems, recovery may require the resynchronization of several distributed components. Once a system has been recovered, processing can resume, and transactions that were aborted as a result of the failure can be resubmitted.
Group or field that relies on a prior definition to determine its name, type, and termination attributes.
Registration and Login service
Implementation of business logic and presentation logic through which Web site visitors create a user profile and authenticate with the WebLogic Portal.
See service.
Extent to which a system (or part of a system) produces the correct output on repeated trials (without unintended side effects), while meeting the performance specification.
Process of delivering messages with various options that guarantee the safe arrival of those messages at their destinations, even when machine failures occur. When reliable messaging is used, the following functionality is available: confirmation of receipt of messages; message logging and tracking; correlation of messages; retry attempts; and a choice of message delivery methods.
One of two interfaces for an enterprise bean, the home interface and remote interface. The remote interface defines the business methods callable by a client.
See home interface.
remote method invocation (RMI)
Method that enables an application to invoke methods on objects stored in any remote JVM as if those objects resided on a local system. WebLogic RMI is an implementation of the JavaSoft specification.
See Java virtual machine (JVM).
Database procedure that is stored on the database and can be executed by name. A client with the proper permissions can request that the procedure be executed and the result returned to the client.
Software component responsible for load balancing and failover for a replica-aware stub. The replica handler maintains a list of available replicas and chooses a replica for execution when a remote invocation is made on the replica-aware stub.
To choose one of WebLogic Server's built-in replica handlers, set various flags for RMI and EJB compilation; these flags determine how the replica handler treats service characteristics such as failures and retries, and server affinity.
See remote method invocation (RMI), replica-aware stub, and stub.
Enables load balancing and failover for EJBs and RMI objects in a WebLogic Server cluster. Replica-aware stubs are created for EJBs and RMI objects as a result of the object compilation process. EJBs and RMI objects are deployed homogeneously—to all the server instances in the cluster. Clients that connect to a WebLogic Server cluster and look up a clustered object obtain a replica-aware stub for the object. This stub contains the list of available server instances that host implementations of the object. The stub also contains the load balancing logic for distributing the load among its host servers.
See replica handler, remote method invocation (RMI), and stub.
Directory that contains shared resources such as images and portlet JSPs. You specify the repository directory during Java servlet registration.
See Java servlet and portlet.
See WebLogic resource.
System-level software driver used by either an application server (such as WebLogic Server) or an application client to connect to an enterprise information system (EIS). A resource adapter serves as a J2EE connector. Resource adapters contain the Java components and, if necessary, the native components required to interact with the EIS.
See J2EE Connector and J2EE Connector Architecture.
Resource Adapter Archive (RAR)
Compressed file (in .zip format) used to load classes and other files required to run a resource adapter.
See resource adapter.
Interface and associated software that provides access to a collection of information and processes, such as a database management system. Resource managers provide transaction capabilities and permanence of actions; they are the entities accessed and controlled within a global transaction.
See transaction.
Security principal under whose security context a connection to an enterprise information system (EIS) instance is established.
See principal.
See remote method invocation (RMI).
For WebLogic Server, see security role.
In a WebLogic Integration environment--Definition of activities associated with either B2B integration or business process management (BPM) functionality:
Role Based Access Control (RBAC)
Class of security mechanisms that mediate access to resources through organizational identities called roles.
A condition under which a security role (global or scoped) will be granted to a user or group. Role conditions, along with the specific information you supply when creating the condition (such as an actual user name, group, or start/stop times), are called expressions.
See security policy and role mapping.
Specific information that you supply when creating role conditions.
See role condition.
Process by which the WebLogic Security Service compares users or groups against a security role condition to determine whether they should be dynamically granted a security role. Role mapping occurs at runtime, just prior to when an Access Decision is rendered for a protected WebLogic resource.
See Access Decision, group, principal, role condition, security role, user, WebLogic resource, and WebLogic Security Service.
A security provider that determines what security roles apply to the principals stored in a subject when the subject is attempting to perform an operation on a WebLogic resource. Because this operation usually involves gaining access to the WebLogic resource, Role Mapping providers are typically used with Authorization providers.
See Authorization provider, principal, security role, subject, and WebLogic resource.
A collection of expressions that define how a security role is granted, and is therefore the main part of any security role you create.
See role expression.
To terminate a transaction in such a way that all resources updated within a transaction revert to their original state.
Event that ends a transaction and nullifies or undoes all changes to resources that were specified during that transaction.
See remote procedure call (RPC).
Public-key encryption algorithm for encrypting data transmissions. RSA is a product of RSA Security, Inc. and is one of the algorithms used by SSL to encrypt transmissions between Web servers and browsers.
See secure sockets layer (SSL) and encryption.
Java class that implements a Security Service Provider Interfaces (SSPIs) and contains the actual security-related behavior for a security provider.
See security provider and Security Service Provider Interfaces (SSPIs).
An application's ability to satisfy a range of demands. A scalable application can continue to meet availability and performance requirements as client demand increases. A WebLogic Server cluster increases the scalability of the applications it hosts with features such as load-balancing and failover.
Primary building block of campaigns. A scenario is composed of one or more scenario actions, all of which take place if the criteria for them are met: specifically, if a particular event occurs or if a customer is part of a specified customer segment.
See campaign and scenario action.
Component of scenarios. (A scenario is made up of one or more actions.) The action can be an ad, which queries the content management system for an ad, a piece of e-mail, or a discount. It may also show an ad in a placeholder.
See scenario.
Document that defines valid content for an XML document. A schema definition is more specific than a DTD, and provides much finer-grained control over content.
See Document Type Definition (DTD) and extensible markup language (XML).
A security role that applies to a specific WebLogic resource in a security realm.
See global role, Role Mapping provider, security role, and security realm.
See symmetric key cryptography.
An Internet transport-level technology developed by Netscape to provide data privacy between applications. Generally, Secure Sockets Layer (SSL) provides (1) a mechanism that the applications can use to authenticate each other’s identity and (2) encryption of the data exchanged by the applications. SSL supports the use of public key cryptography for authentication, and secret key cryptography and digital signatures to provide privacy and data integrity.
SSL communications can be configured for one-way or two-way digital certificate authentication. When one-way SSL is used, only the server is required to submit a digital certificate to the client to prove its identity. When two-way SSL is used, both the client and the server are required to submit a digital certificate to prove their identity.
See access control list (ACL), authentication, cipher suite, digital signature, encryption, public key cryptography, Public-Key Cryptography Standards (PKCS-1), RSA, and symmetric key cryptography.
Set of mechanisms available to prevent corruption or theft of data.
See authentication, authorization, and secure sockets layer (SSL).
Security Assertion Markup Language (SAML)
An XML-based framework for exchanging security information. SAML implementations provide an interoperable, XML-based, security solution that allows authentication and authorization information to be exchanged securely. SAML is the key to enabling single sign-on capabilities for Web services. For more information, see http://xml.coverpages.org/saml.html. You can develop custom Identity Assertion providers for WebLogic Server that support different token types, including SAML.
See authentication, authorization, Identity Assertion, perimeter authentication, Cross-Domain Single Sign-on, and user.
Characteristics of a subject (whether a user or other principal) that form the basis of the system policies governing that subject.
See authentication and principal.
In a WebLogic Server environment--An association between a WebLogic resource and a user, group, or security role that protects the WebLogic resource against unauthorized access. A WebLogic resource has no protection until you assign it a security policy. You can assign security policies to an individual WebLogic resource or to components of the WebLogic resource.
See access control lists (ACLs), group, security role, user, and WebLogic resource.
Entity (such as a user or an application) that is known to, and can be authenticated by, the security mechanisms for an application or system.
Software modules that can be "plugged into" a WebLogic Server security realm to provide security services (such as authentication, authorization, auditing, and credential mapping) to applications. A security provider consists of runtime classes and MBeans, which are created from SSPIs and MBean types, respectively. Security providers are WebLogic security providers (provided with WebLogic Server) or custom security providers developed by customer developers or third-party vendors.
See custom security providers, managed bean, MBean type, runtime class, Security Service Provider Interfaces (SSPIs), and WebLogic security provider.
Database that contains the users, groups, security policies, roles, and credentials used by some types of security providers to provide security services. The security provider database can be the embedded LDAP server (as used by the WebLogic security providers), a properties file (as used by the sample security providers), or a production-quality database that you may already be using.
See credential, embedded LDAP server, group,security role, security policy, and WebLogic security provider.
See access control list (ACL), credential, Compatibility realm, Custom security realm, default realm, File realm, Domain Configuration Wizard, group, permission, principal, security provider, user, and WebLogic resource.
A dynamically computed privilege that is granted to users or groups based on specific conditions. The difference between groups and roles is that a group is a static identity that a server administrator assigns, while membership in a role is dynamically calculated based on data such as user name, group membership, or the time of day. Roles are granted to individual users or to groups, and multiple roles can be used to create security policies for a WebLogic resource. Once you create a role, you define an association between the role and a WebLogic resource. This association (called a security policy) specifies who has what access to the WebLogic resource.
See global role, group, role mapping, scoped role, security policy, user, and WebLogic resource.
Security Service Provider Interfaces (SSPIs)
Set of WebLogic packages that allows security providers to be developed and integrated with the WebLogic Server Security Service. Custom security providers can be developed by customer security developers and third-party security vendors.
See security provider and WebLogic Security Framework.
A technology through which your web service's state-related data may be written as a stream of bytes to disk during a conversation. See also conversation, state.
To encode an object into a bytestream so it is ready to be passed from one JVM to another.
See Java virtual machine (JVM).
Application that answers and fulfills a client request. Examples of servers include a DBMS server that provides connectivity to a relational database and an HTTP server that provides HTML pages and services HTTP requests.
See Web service.
Information needed by a client to connect to a server.
Java code that runs in a server's JVM instead of in a client's JVM. Examples include a Java-Servlet-API (HTTP) servlet, a WebLogic Server startup class, an EJB, and a WebLogic Remote class.
Program that contains objects that provide and manage connectivity to an Enterprise Information System (EIS), establish transaction demarcation, and provide a framework for event listening and request transmission. All J2EE Connector Architecture-compliant adapters must provide an implementation for such interfaces in the javax.resource.spi package.
Server-side Java program that is usually executed in response to an HTTP request and produces its output in a browser. It extends the functionality of a Web server by generating dynamic content and making it possible for users to interact with Web clients using a request-response paradigm.
See server-side code.
See Enterprise JavaBeans (EJB).
The structure and organization of an XML document, including its hierarchy and order of elements.
The top-level container for a portal desktop that provides the sections that comprise the portal, typically a header, footer, and body.
Shopping Cart Management Service
Implementation of business logic and presentation logic in the Commerce services that shows customers the items they have selected for purchase. Customers can start the payment process from the shopping cart.
Simple Object Access Protocol (SOAP)
Set of standard rules for formatting an XML message so that it can be interpreted by different Web services. It provides a means by which applications can communicate with each other over the Internet, independent of platform. Unlike OMG's IIOP, SOAP piggybacks a DOM onto HTTP (port 80) in order to penetrate server firewalls, which are usually configured to accept port 80 and port 21 (FTP) requests. SOAP relies on XML to define the format of the information and then adds the necessary HTTP headers to send it.
See Internet Interoperability Protocol (IIOP) and extensible markup language (XML).
An XML element that can have only text nodes and can't accept attributes.
Ability to require a user to sign on to an application only once and gain access to many different application components, even though these components may have their own authentication schemes. Single sign-on is achieved using identity assertion, LoginModules, and tokens.
See authentication, Cross-Domain Single Sign-on, Identity Assertion, JAAS LoginModule, token, and user.
Server-side representation of a remote object that takes serialized requests from a stub, deserializes and unpacks it, and submits it as a method call to be invoked on the object's implementation. The server-side skeleton is responsible for deserializing and unpacking the request from its companion client-side stub.
See server-side code and implementation.
The JSP files used to render individual portal components, such as desktops, books, pages, headers, footers, and portlets. Skeletons allow the developer to customize the display and behavior of the portal components without modification of the underlying portal framework. A skeleton is combined with a skin to create a look and feel.
See Skins and Look and Feel.
Skins provide the overall colors, graphics, and styles used by all components in a desktop interface. Skins are collections of graphics and cascading style sheets (CSS) that allow changes to be made to the look and feel of a portal without modifying the portal components directly.
References to images and styles are made in the skin rather than being hard coded into the portal definition. The look and feel file provides a path to the skin directory to be used.
See Skeletons and Look and Feel.
See Systems Network Architecture (SNA).
See Simple Object Access Protocol (SOAP).
WebLogic Portal option available in the JSP templates provided with the Commerce services. By using this option, customers can determine whether they want to have individual items they have purchased shipped to them as soon as those items are available (even if multiple shipments are required), or to have shipment of all items postponed until all items are can be shipped together. After a customer confirms a choice between these approaches, a pipeline commits that choice to the database.
See JSP template.
See secure sockets layer (SSL).
A peripheral Secure Sockets Layer (SSL) platform that attaches to a Web switch with the express purpose of improving SSL performance for a client. For example, the Alteon SSL Accelerator can be used with WebLogic Server. This accelerator performs a TCP handshake with the client (in this case, WebLogic Server) through a Web switch and performs all the SSL encryption and decryption for the session.
Tunneling Secure Socket Layer (SSL) over an IP-based protocol. Tunneling means that each SSL record is encapsulated and packaged with the headers needed to send the record over another protocol.
Interfaces used by BEA to generate MBean types for the WebLogic security providers, and from which you generate MBean types for custom security providers. SSPI MBeans may be required (for configuration) or optional (for management).
See custom security provider, MBean type, and WebLogic security provider.
See Security Service Provider Interfaces (SSPIs).
Java exceptions that can be logged for later debugging.
Price reductions that are offered to everyone shopping at a particular Web site, instead of being either restricted to selected customers, based on their behavior, or controlled by campaigns. For example, when a Web site's policy is give everyone 10% off books, that Web site is implementing a stand-alone discount.
The first node in a business process, representing the starting point of the process. A business process can be started as a result of receiving a request from a client, as the result of receiving a message from a Message Broker channel to which the business process is subscribed, or by a choice of one of several events.
See business process.
Any data associated with a component, including user ID, time, date, or order contents, or any other information the web service might need to access. WebLogic Workshop maintains state using conversations. See conversation.
A business process which is compiled into an entity bean and runs within the scope of one or more JTA transactions. Stateful processes are intended to support business scenarios that involve complex, long-running logic and therefore have specific reliability and recovery requirements. A process is made stateful by the addition of stateful nodes or logic that forces transaction boundaries.
See business process and stateless business process.
Object in which application data is stored. Its state may change from one method execution to another. In a clustered environment, both load balancing and failover require stateful objects, because when a server hosting a stateful service fails or balances, the state of the service must accompany the object as it moves to another host.
Java bean that maintains a conversational state on behalf of a specific client. When a conversational state is maintained in a bean, multiple clients can access the bean on separate occasions, and use the information accumulated during the previous occasions, including the last.
Just as you pick up where you left off when continuing a conversation with a coworker from one day to the next, a client and a bean can continue a conversation from one session to the next, when the bean being used is a stateful session bean (that is, when the bean is one that can maintain conversational state).
Therefore a stateful session bean is useful for managing a process through multiple interactions.
A business process which is compiled into a stateless session bean and runs within one JTA transaction. Stateless processes are intended to support business scenarios that involve short-running logic and have high performance requirements. Because it does not persist its state to a database, it is optimized for lower-latency, higher-performance execution.
See business process and stateful business process.
Object that saves no application data; it is idempotent. Each operation on the object is independent of all other operations. (Do not confuse this general concept of stateless with the specific definition used in reference to a session EJB.)
See idempotent.
Java programming language keyword that defines a variable as a class variable. Classes maintain one copy of class variables regardless of how many instances exist of that class. This keyword can also be used to define a method as a class method. Class methods are invoked by the class instead of a specific instance, and can only operate on class variables.
Client-side representation of a remote object that is used to invoke methods on the implementation of the remote object. Defines the interface to the remote object implementation of an object. The stub is responsible for packaging the client request, serializing it, and shipping it to the companion skeleton on the server side.
See implementation and skeleton.
XSLT document that describes data transformations (or mappings) to be performed on an XML document. A stylesheet specifies which nodes of an XML document are to be manipulated (using XPath), and which manipulations are to be performed.
A grouping of related information for a single entity, such as a person, as specified by the Java Authentication and Authorization Service (JAAS). The related information includes the Subject's identities, or Principals, as well as its security-related attributes (for example, passwords and cryptographic keys). A subject can contain any number of Principals. Both users and groups can be used as Principals by application servers such as WebLogic Server. See also authentication, group, Java Authentication and Authorization Service (JAAS), principal, user.
In WebLogic security providers (security providers supplied with the WebLogic Server product), the Subject contains a Principal for the user (WLSUser Principal) and a Principal for each group of which the user is a member (WLSGroups Principals). Custom security providers may store identities differently.
See authentication, custom security providers, group, Java Authentication and Authorization Service (JAAS), Principal, and user.
Any process that is called to from a business process through a process control or a service broker control. Subprocesses can be called synchronously or asynchronously.
See business process.
A node which starts a business process as a result of receiving a message from a Message Broker channel. You create a static subscription to a Message Broker channel on this node. This node also allows you to start your business process via an event through File, JMS, Email, or Timer controls, which facilitate publishing events to Message Broker channels. This node is only available as the starting event of a business process.
See business process.
Graphical user interface (GUI) component kit, part of the Java Foundation Classes (JFC) integrated into the Java 2 platform, Standard Edition (J2SE). Swing simplifies deployment of applications by providing a complete set of user-interface elements written entirely in the Java programming language. Swing components permit a customizable look and feel without relying on a specific windowing system.
A business process node used to select one path of execution based on the evaluation of an expression specified on a condition node. A Switch node contains one condition node, one or more case paths, and one default path. At run time, the expression on the condition node is executed, and the resulting value is compared to the values associated with each case path. Execution continues with activities inside the first case path that contains a matching value (case paths are evaluated left-to-right in the Switch node). When no conditions are met, activities defined on the default path are executed.
See business process.
A key-based cryptography that uses an encryption algorithm in which the same key is used both to encrypt and decrypt the data. Symmetric key cryptography is also called secret key cryptography.
See asymmetric key cryptography.
Attribute of a method that returns a value. The term is derived from the fact that a caller to a synchronous method must wait for the called method to return: the caller is synchronized with the method.
See asynchronous.
A business process which is invoked by a Client Request with Return node as the Starting Event. A synchronous business process may contain asynchronous operations, but they must be added later on in the flow, after the synchronous operation has completed. You can not put stateful logic inside a synchronous operation.
See business process.
A method that returns a value. A caller to a synchronous method must wait for the called method to return, so it is blocked from performing other work while it waits for the server to respond. The caller is synchronized with the method. See synchronous web service, asynchronous method.
An architecture in which the client is synchronized with the server. A synchronous web service must wait for each operation to complete before beginning the next. See synchronous method, asynchronous web service.
Mechanism by which connection requests are passed between entities. To achieve a standard system-level plugability between application servers, such as WebLogic Server and enterprise information systems (EIS), the Connector Architecture defines a standard set of system-level contracts between an application server and an EIS. The EIS side of these system-level contracts is implemented in a resource adapter.
Systems Network Architecture (SNA)
IBM network protocol used to connect peer-to-peer networks, workstations, and mainframes.
Collection of custom tags available to a JSP author.
Model used for performing lookups with the goal of getting a stub for a singular, stateful object, such as a file system that is represented in the cluster-wide JNDI tree. Such a stub cannot do failover or load balancing because the service itself is unique.
A WebLogic Integration control that creates a single Task instance, manages its state and data, and provides callback methods to report status when the Task status changes or the Task is overdue. Each Task control operates on a single active Task instance.
See task instance.
A piece of work that requires completion within a certain time, represented by a unique Task ID and other properties and behaviors, within WebLogic Integration.
See Task control.
A WebLogic Integration control that assumes ownership of Task instances, works on them, completes them, and provides administrative privileges; starting, stopping, deleting, and assigning, among other functions. Task Worker controls allow operations upon several Task instances; the relationship between a Task Worker control and Task instance can be one to many.
See task instance.
A subset of a portal that has a distinct look and feel. For example, a desktop can use an overall look and feel and a particular portlet may use a theme to provide a different appearance.
Part of a program that can execute independently of other parts of the program.
See multithreading.
A Business Process Start Node property that describes how to invoke subprocesses when different versions of the parent process exists. For tightly-coupled processes, the subprocess version is set at the time that the parent process is invoked. In other words, if an instance of your business process is currently running but has not yet reached the state of invoking the subprocess for which you have created a new version, the old version of the subprocess is used when invoking the subprocess. The next time the main process is invoked, it will use the new version when invoking the subprocess.
See loosely coupled.
Length of time an item is cached.
The definition of how timeouts are handled within a business process or a portion of a business process. A timeout path is used to interrupt an executing process after a certain amount of time has lapsed. Timeout paths can be associated with individual nodes, a group of nodes, or with the entire process (global). If you add a Timeout path to a start node, the timer starts when the process begins. If you add a Timeout path to any other node, or group of nodes, the timer starts when the process reaches that point of execution.
See business process.
Artifact generated as part of the authentication process of users or system processes. When using Identify Assertion in a WebLogic security realm, a token is presented to show that the user has been authenticated. Tokens come in many different types, including Kerberos and Security Assertion Markup Language (SAML).
See authentication, Identity Assertion, Secure Sockets Layer (SSL), Security Assertion Markup Language (SAML) , SSL tunneling, and user.
See Trading Partner Management (TPM).
A repository used to store trading partner and service information for read-only access by business processes and web services.
Trading Partner Management (TPM)
The capabilities of WebLogic Integration which simplify the implementation and development of business-to-business trading networks and the integration of internal business processes with inter-enterprise business message exchange using XML.
In a WebLogic Server environment:
See ACID properties.
Part of a global transaction performed by a single resource manager. Each transaction identifier that the transaction manager provides to a resource manager identifies both a global transaction and a specific branch.
See distributed transaction, resource manager, and transaction manager.
Server software component that manages global transactions on behalf of application programs. A transaction manager coordinates commands from application programs to start and complete global transactions by communicating with all resource managers that participate in those transactions. The transaction manager tells all participating resources to prepare the transaction and then determines the second phase of a transaction (commit or rollback) based on the reply it receives from resource managers after the prepare phase.
See resource manager and two-phase commit
Object that exists only for the lifetime of the process within which it is created.
See persistent object.
Transport Layer Security (TLS)
Protocol based on SSL which is used as an Internet standard for providing encrypted and authenticated communications.
Combination of authentication, authorization, and auditing services in a product.
An interface that enables you to override validation errors in a peer's digital certificate and continue the SSL handshake. You can also use the interface to discontinue an SSL handshake by performing additional validation on a server's digital certificate chain.
Description of which components of a system and which entities outside it must be trusted, and the purposes for which they must be trusted, if the system is to remain secure.
trusted (root) certificate authority
A well-known and trusted third-party organization or company that issues digital certificates used to create digital signatures and public-private key pairs. The function of the trusted certificate authority is similar to that of a notary public: to guarantee the identify of the individual or organization presenting the certificate. Trusted certificate authorities issue certificates that are used to sign other certificates. Certificate authorities are referred to as root certificate authorities because their authority is recognized and thus they do not need anyone to validate their identity. Trusted (root) certificate authority (CA) certificates are installed into applications that authenticate certificates. For example, Web browsers are usually distributed with several trusted (root) CA certificates pre-installed. If the server certificate is not signed by a well-known certificate authority and you want to ensure that the server’s certificate will be authenticated by the client, it is good practice for the server to issue a certificate chain that terminates with a certificate that is signed by a well-known certificate authority.
See certificate chain, private key, and public key.
Portion of a system that must function correctly in order for the system to remain secure. The TCB should be tamper-proof and its enforcement of policy should not be vulnerable to being circumvented.
See time to live (TTL).
Method for transmitting data from one network through another network's connections.
Method of coordinating a single transaction across more than one resource manager. Work performed as part of the transaction is committed or rolled back as a single unit on all resources.
Client/server relationship in which the user interface runs on the client and the database is stored on the server. The actual application logic can run on either the client or the server.
See client/server.
Authentication that requires both the client and server to present a certificate before the connection thread is enabled between the two. With two-way SSL authentication, WebLogic Server not only authenticates itself to the client (which is the minimum requirement for certificate authentication), it also requires authentication from the requesting client. Clients are required to submit digital certificates issued by a trusted certificate authority. This type of authentication is useful when you must restrict access to trusted clients only. Two-way SSL authentication is a form of mutual authentication.
See authentication, digital certificate, mutual authentication, Secure Sockets Layer (SSL), and trusted (root) certificate authority.
See Universal Description, Discovery and Integration (UDDI).
16-bit character encoding scheme used to display, process, and exchange text written in most of the world's languages. In Java, Strings use Unicode by default.
See also Unicode Consortium.
Extension of the base user object that provides explicit assess to data that is not stored in the WebLogic Personalization Server database.
Aggregation of user properties collected by the User Management services from the WebLogic Portal database tables and other data sources. For example, User Management services can combine user properties from the WebLogic Portal database with user properties from an LDAP server into a unified user profile.
Developers and system users can ignore the different underlying data sources because the unified user profile provides a single location from which to find user information.
See LDAP.
uniform resource locator (URL)
Character string used to identify and locate resources over the Internet. The current URL guidelines are available from the W3C.
Universal Description, Discovery and Integration (UDDI)
A standard interoperable platform that allows applications to find and use web services over the internet. For more information, see www.uddi.org.
A WebLogic Server 6.x security realm. The UNIX security realm executes a small native program, wlauth, to look up Users and Groups and to authenticate users on the basis of their UNIX login names and passwords. The wlauth program uses PAM (Pluggable Authentication Modules), which allows you to configure authentication services in the operating system without altering applications that use the service. In WebLogic Server 7.0 and later, you can only use the UNIX security realm when using Compatibility security.
See authentication, authorization, Compatibility security, group, and security realm.
To update BEA platform (and components) from a previous release or service pack to a more recent release or service pack. This may include updating an existing application or domain configuration to run in a more recent version.
See uniform resource locator (URL).
An entity that can be authenticated. A user can be a person or a software entity, such as a Java client. Each user is given a unique identity within a security realm. For more efficient security management, BEA recommends adding users to groups. A group is a collection of users who usually have something in common, such as working in the same department in a company. Users can be placed into groups that are associated with security roles, or be directly associated with security roles.
See entity, group, security role, and WebLogic resource.
Set of JSP tags, EJBs, and tools that facilitate the creation and persistence of user and group profile properties. It provides access to user profile information within WebLogic Portal. The User Manager component also provides user authentication mechanisms and user-to-group associations.
Set of name/value attribute pairs that are associated with a user or a group.
A dynamic classification of users based on characteristics such as the user profile, session properties, and request parameters. Examples include product preferences, age, gender, and locale.
See user profile.
See unified user profile (UUP).
Native layer that translates function calls issued by a client into the protocol used by the database. Type 2 JDBC drivers require a native client library to connect to a database.
The name of the versioned file and also the URI (Uniform Resource Identifier) by which this version of the business process can be accessed in the WebLogic Workshop.
See business process, versioning, and public URI.
The process of creating multiple versions of a business process, allowing you to make changes to a business process without interrupting any currently running instances of the process. When you version a business process, you create a child version of a business process that shares the same public URI (interface) as its parent. At run time, the version of the process that is marked as active is the process that will be accessed by external clients through the public URI.
See business process.
Self-contained operating environment that behaves as though it were a separate computer. Usually refers to the Java Virtual Machine (JVM).
See Java virtual machine (JVM).
See World Wide Web Consortium (W3C).
See Wireless Application Protocol (WAP).
Bridge between a mobile network containing mobile clients and a computer network containing application servers. A WAP gateway typically includes a protocol gateway that translates requests from the WAP protocol stack to the World Wide Web protocol stack (HTTP and TCP/IP), and content encoders and decoders that translate Web content into compact encoded formats.
See Wireless Application Protocol (WAP).
See web archive (WAR) file.
Groups of server-side Web resources that make up an interactive online application. The Web resources include Java servlets, JavaServer Pages (JSP), static documents (such as HTML documents), and applets that can be deployed in a client Web browser. Web applications must run in the context of a Web application server. WebLogic Portal is packaged as a Web application.
See applet, Java servlet, application programming interface (API), and Web application server.
Software that enables Web-based applications to exchange data with the back-end systems and databases used by e-businesses. BEA's Web application server is WebLogic Server.
See Web application (Webapp) and Web service.
A file used for deploying J2EE applications that packages web-related files such as HTML, Java server pages (JSPs), and Servlets. WAR files require an XML deployment descriptor (WEB-INF/web.xml) file to deploy.
A language-independent, platform-independent, self-describing code module that applications can access via a network or the Internet. The application can have the service's location hard-coded or can locate it using UDDI (Universal Description, Discovery, and Integration). Because the service is self-describing, the application can determine which functions are available and how to call them. See Universal Description, Discovery, and Integration (UDDI).
A control that makes it easy to communicate with another web service from within your web service. You can create a Web Service control from any target service's WSDL. See Java control (JCX), Web Services Description Language (WSDL).
Web Services Description Language (WSDL)
An XML-based specification markup language used to describe a Web service so that the service can be called by diverse clients. A WSDL is necessary if two different online systems need to communicate without human intervention.
WebLogic Server implements J2EE component technologies, which include servlets, JSP Pages, and Enterprise JavaBeans. To build a WebLogic Server application, you must create and assemble components, using the service APIs when necessary. Components are executed in the WebLogic Server Web container or EJB container. Web components provide the presentation logic for browser-based J2EE applications. EJB components encapsulate business objects and processes.
See WebLogic container and Windows NT security realm.
To promote fast development and portability, J2EE identifies common services needed by components and implements them in the container that hosts the component. Containers provide the life cycle support and services defined by the J2EE specifications so that the components you build do not have to handle underlying details. A component has only the code necessary to describe the object or process that it models. It has no code to access its execution environment or services such as transaction management, access control, network communications, or persistence mechanisms. These services are provided by the container, which is implemented in WebLogic Server. Additionally, WebLogic containers give applications access to the J2EE application programming interfaces (APIs). WebLogic containers are available for use once the server is started. This component/container abstraction allows developers to work within their fields of expertise. WebLogic Server provides two types of containers: the Web container and the EJB container.
See WebLogic component and Windows NT security realm.
Cost-effective entry point to the WebLogic Product Family, with the same code base as WebLogic Server. WebLogic Express can be used either as a standalone Java Servlet engine, or as part of a larger N-tiered architecture. The product is a good fit for projects that employ JavaServer Pages (JSP), Java Servlets, Java Management Extensions, Java classes, RMI, and JDBC for basic Web application development, but that do not yet employ advanced Java technologies such as Enterprise JavaBeans, Java Message Service, and the J2EE Connector Architecture. WebLogic Express also enables developers to implement presentation-level Web Services with support for the latest XML, SOAP, and JAX-RPC standards.
See WebLogic Server, WebLogic Server jDriver, and JDBC.
WebLogic Integration Administration Console
HTML-based graphical user interface used by an administrator to configure, manage, and monitor the entities and resources required for your WebLogic Integration applications. These entities and resources include processes, Message Broker channels, event generators, worklists, application views, adapters, trading partner profiles and services, users, and business calendars.
WebLogic Server implements J2EE services, which include access to standard network protocols, database systems, and messaging systems. To build a WebLogic Server application, you must create and assemble components, using the service APIs when necessary. Web applications and EJBs are built on J2EE application services, such as JDBC, Java Messaging Service (JMS), and Java Transaction API (JTA).
See WebLogic component.
Pure Java, multitier implementation of the JDBC specification that is included in both the WebLogic Express and the WebLogic Server product packages.
See Java database connectivity (JDBC).
An enterprise portal platform that simplifies the development of custom-fit portals. A unified portal framework is provided to enable the creation of managed network portals.
Tools for the developer and administrator help in the management of the portal lifecycle. Applications are enhanced with the portal business services, including content management, personalization, commerce, and collaboration.
Entities that are accessible from WebLogic Server, such as events, servlets, JDBC connection pools, JMS destinations, JNDI contexts, connections, sockets, files, and enterprise applications and resources, such as databases.
See entity.
Interfaces in the weblogic.security.service package that unify security enforcement and present security as a service to other WebLogic Server components. Security providers call into the WebLogic Security Framework on behalf of applications requiring security services.
See security provider.
Any of the security providers that are supplied by BEA as part of the WebLogic Server product. These providers were developed using the Security Service Provider Interfaces (SSPIs) for WebLogic Server.
See custom security providers, security provider, and Security Service Provider Interfaces (SSPIs).
The WebLogic Server subsystem that implements the security architecture. This subsystem comprises three major components: the WebLogic Security Framework, the Security Service Provider Interfaces (SSPIs), and the WebLogic security providers.
BEA's Web application server that provides services for building and running e-commerce applications using the Java language and the J2EE platform (from Sun Microsystems, Inc.).
Standards-based and written in pure Java, WebLogic Server enables you to assemble, deploy, and manage distributed Java applications. It manages application components and DBMS connections to ensure security, scalability, performance, and transaction integrity. It also provides support for distributed component services and enterprise database access, including Enterprise JavaBeans (EJB), RMI, distributed JavaBeans, and JDBC.
All the components of BEA WebLogic Platform--WebLogic Integration, WebLogic Portal, and WebLogic Workshop--run on WebLogic Server.
See Web application server, Java Enterprise API, remote method invocation (RMI), and Java database connectivity (JDBC).
WebLogic Server Administration Console
HTML-based graphical user interface used by an administrator to configure and monitor WebLogic Server from a browser.
See cluster.
WebLogic Server bridge for accessing Microsoft COM objects from within WebLogic Server RMI.
See WebLogic Server RMI and Component Object Model (COM).
A logically related group of WebLogic Server resources that you manage as a unit. A domain always includes at least one WebLogic Server instance called the Administration Server. The Administration Server serves as a central point of contact for server instances and system administration tools. A domain may also include additional WebLogic Server instances called Managed Servers.
See WebLogic resource.
Component architecture for building distributed, object-oriented business applications in Java. The EJB architecture addresses the development, deployment, and run-time aspects of an enterprise application's life cycle.
An Enterprise JavaBean (EJB) encapsulates business logic inside a component framework that manages the details of security, transaction, and state management.
WebLogic Server EJB is an implementation of the JavaSoft specification for transactional components.
See Java Enterprise API and Enterprise JavaBeans (EJB).
Feature delivered with WebLogic Server that provides support for HTTP servlets that conform to the JavaSoft Java Servlet API. It is included with the built-in Web server provided with WebLogic Server.
See servlet.
JDBC drivers from BEA used to create database connections in a connection pool in WebLogic Server. Drivers include a Type 2 WebLogic jDriver for Oracle and the all-Java Type 4 WebLogic jDriver for Microsoft SQL Server.
See Java database connectivity (JDBC).
Service that implements the JavaSoft JNDI standard, providing transparent bind and lookup of objects in a WebLogic Server or Cluster.
See Java Naming and Directory Interface (JNDI).
BEA's implementation of the JavaSoft RMI specification that provides standards-based distributed object computing within the WebLogic Server framework.
See remote method invocation (RMI).
WebLogic Server security providers
Security providers that are supplied by BEA as part of the WebLogic Server product. These providers were developed using the Security Service Provider Interfaces (SSPIs) for WebLogic Server. The WebLogic Server security providers implement the following security functions in the WebLogic Server security realm: adjudication, auditing, authentication, authorization, credential mapping, keystore, and role mapping.
WebLogic Server service advertisement protocol (WSAP)
Protocol for binding and unbinding objects in a replicated, cluster-wide JNDI tree. WSAP allows WebLogic Server instances to join and leave a cluster dynamically. It also tracks which services are available in the cluster, and it mediates conflicts for services offered at the same node in the cluster-wide JNDI tree.
XML file that adds deployment information specific to WebLogic Server to the ra.xml file.
A quality of an XML document that conforms to XML syntax rules. For a document in use, syntax rules are typically enforced by an XML parser.
A business process node which provide While Do loop capabilities in a process. At run time, the condition on a While Do group is evaluated before the activities in the loop are performed. Therefore, the activities inside While Do groups are performed zero or many times, depending on the results of the evaluation of the condition.
See business process.
A WebLogic Server 6.x security realm. The Windows NT Security realm uses account information defined for a Windows NT domain to authenticate Users and Groups. In WebLogic Server 7.0 and later, you can only use the Windows NT security realm when using Compatibility security.
See authentication, authorization, Compatibility security, group, security realm, and user.
Wireless Application Environment (WAE)
Framework for developing network-neutral, wireless applications for narrow-band devices.
See Wireless Markup Language (WML).
Wireless Application Protocol (WAP)
Set of protocols developed by the WAP Forum that support the development of Internet and Web-based services for mobile phones and other mobile devices.
Wireless Markup Language (WML)
XML-based language designed to interface with microbrowsers used in WAP-enabled devices. The structure and tags of a WML document are defined in the Wireless Markup Language Specification.
See Wireless Application Protocol (WAP) and extensible markup language (XML).
See WebLogic Server.
A way of managing the units of work someone or something must complete. Electronic versions of worklist systems can include customer relationship management (CRM) or supply chain management (SCM) implementations.
World Wide Web Consortium (W3C)
International organization that establishes standards for client and server protocols in order to facilitate Internet-based communications and commerce.
See Web Services Description Language (WSDL).
Standard that specifies the format of certificates; widely used specification for digital certificates. By using a standard format you can securely associate a name with a public key, and thus obtain strong authentication.
See certificate.
Bidirectional interface between a transaction manager and resource managers. It is defined by the Java Transaction API (JTA). This interface enables a transaction manager to control transaction boundaries for operations performed by multiple resource managers using the two-phase commit XA protocol.
See Java Transaction API (JTA) and transaction manager.
See extensible markup language (XML).
Correlates the data in an XML message to the parameters and return values of a Java method in your web service. XML maps allow you to handle different message shapes without having to change your Java code. See shape (of XML).
File that specifies the structure, content, and semantics of XML documents. Replaces the XML DTD.
See schema.
One of several Apache XML services provided for WebLogic Integration. These services include the Apache XML Parser, DOM implementation, and the XSLT style sheet processor.
Structure and organization of an XML document, including its hierarchy and order of elements.
Set of XML tags that define the elements that may be included in a DTD. An XML vocabulary can be developed for a particular industry or business function.
XML path language. XPath models a message-context XML document as a tree of nodes and then addresses the nodes of the XML document. The XPath language includes a standalone subset that can be used to test whether a node matches a pattern.
See interaction specification and business service.
See eXtensible Stylesheet Language (XSL).
Specification, from the World Wide Web Consortium (W3C), for transforming XML documents from one document definition format to another. Available at http://www.w3c.org.
See eXtensible Stylesheet Language Transformations (XSLT).
(No terms begin with the letter “Y.”)
(No terms begin with the letter “Z.”)