Sun Java Enterprise System Glossary



(1) (certificate authority) (n.) See certificate authority.

(2) (connector architecture) (n.) See connector architecture.


(n.) A copy of original data that is stored locally. Cached data does not have to be retrieved from a remote server again when requested.

Cache Control Directive

(n.) A way for Java Enterprise System Application Server to control what information is cached by a proxy server. Using cache control directives, you override the default caching of the proxy to protect sensitive information from being cached and perhaps retrieved later. For these directives to work, the proxy server must comply with HTTP 1.1.

cached rowset

(n.) An object that permits you to retrieve data from a data source and then detach from the data source while you examine and modify the data. A cached row set keeps track both of the original data retrieved and any changes made to the data by your application. If the application attempts to update the original data source, the row set is reconnected to the data source, and only those rows that have changed are merged back into the database.

calendar access protocol

See CAP.

Calendar Express

(n.) A web-based calendar client program that provides access to the Calendar Server for end users.

calendar group

(n.) A collection of several calendars to help a user manage more than one calendar.

calendar ID

(n.) A unique identifier associated with a calendar in the Java Enterprise System Calendar Server database. Also known as calid.

calendar lookup database

See CLD.

Calendar Server application programming interface


calendar user agent

See CUA.

callable statement

(n.) A class that encapsulates a database procedure or function call for databases that support returning result sets from stored procedures.

callback method

(n.) A component method called by the container to notify the component of important events in its life cycle.


(n.) Same as caller principal.

caller principal

(n.) The principal that identifies the invoker of the enterprise bean method.


(calendar access protocol) (n.) A standard Internet protocol for calendaring based on requirements identified by the Internet Engineering Task Force (IETF).


(n.) A string provided to clients that defines the functionality available in a given IMAP service.

cascading deletion

(n.) A deletion that triggers another deletion. A cascading deletion can be specified for an entity bean that has container-managed persistence.

cascading replication

(n.) In a cascading replication scenario, one server, often called the hub supplier, acts both as a consumer and a supplier for a particular replica. The server holds a read-only replica and maintains a change log. The server receives updates from the supplier server that holds the master copy of the data and, in turn, supplies those updates to the consumer.


See index.


See indexing.


(n.) A logical grouping of resources in the Search database. Collectively, a set of categories is sometimes called a taxonomy.


(composite capability and preference profiles) (n.) For Portal Server Mobile Access software, a specification that is used for the User Agent Profile and preconfigured data for client detection. The CCPP specification describes the capabilities of devices and user preferences.


(n.) A predefined XML tag for character data that means "don't interpret these characters," as opposed to parsed character data (PCDATA), in which the normal rules of XML syntax apply. CDATA sections are typically used to show examples of XML syntax. See also PCDATA.

central logger

(n.) A Core component that manages all of the central logs, which are an aggregation of every connector’s audit and error logs. Administrators can monitor the health of an entire Identity Synchronization for Windows installation by monitoring these logs. You can view the central logs directly or from the Identity Synchronization for Windows Console. By default, the central logs are available on the machine where Core was installed under the <install-root\>/logs/central/ subdirectory.


(1) (n.) An electronic document used to identify an Instant Messaging Server and associated with a public key. Java Enterprise System Instant Messaging Server supports the exchange of certificates between Instant Messaging servers. The certificate exchange is transparent to individual users.

(2) (n.) Digital data that specifies the name of an individual, company, or other entity and certifies that the public key included in the certificate belongs to that entity. Both clients and servers can have certificates.

(3) (n.) A certificate strongly associates the public key of a user or CA with the identity, typically a distinguished name, of that user or CA. The certificate is digitally signed by a CA, and can be validated during an SSL connection setup to obtain the public key of the other end of the connection. X.509 certificates are stored within the directory in the caCertificate;binary or userCertificate;binary attributes.

certificate authority

(1) (n.) An internal or third-party trusted organization that issues public key certificates used for encrypted transactions and provides identification to the bearer.

(2) (n.) An authority in a network that issues and manages security credentials and public keys for message encryption and decryption. As part of a PKI, a CA checks with a registration authority to verify information provided by the requestor of a digital certificate. If the registration authority verifies the requestor’s information, the CA can then issue a certificate. See also PKI.

certificate-based authentication

(n.) Identification of a user from a digital certificate submitted by the client. See also password authentication.

certificate database

(n.) A file that contains a server’s digital certificate or certificates. Also called a certificate file.

certificate name

(n.) The name that identifies a certificate and its owner.

certificate revocation list

See CRL.


(common gateway interface) (n.) An interface by which external programs communicate with the HTTP server. Programs that are written to use CGI are called CGI programs or CGI scripts. CGI programs handle forms or parse output the server does not normally handle or parse.


(n.) A simplified version of HTML suitable for mobile devices.

change log

(n.) A change log is a record of the modifications that have occurred on a replica. The supplier server then replays these modifications on the replicas stored on consumer servers or on other masters, in the case of multimaster replication. Note that this is not the same as the retro changelog, which is not used for replication.


(1) (n.) The fundamental MTA component that processes a message. A channel represents a connection with another computer system or group of systems. Each channel consists of one or more channel programs and an outgoing message queue for storing messages that are destined to be sent to one or more of the systems associated with the channel. See also channel block, channel host table, channel program.

(2) (n.) In the Java Enterprise System Portal Server Desktop, a channel consists of a provider and configuration. Channels generate content that can consist of markup fragments, a frameset, an HTML page, and so on. Channel content is often aggregated with other channel content to form a Portal Desktop.

channel block

(n.) A single channel definition. See also channel host table.

channel host table

(n.) The collective set of channel definitions. See also channel block

channel program

(n.) Part of a channel that transmits messages to remote systems and deletes messages from the queue after they are sent and accepts messages from remote systems placing them in the appropriate channel queues. See also master channel program, slave channel program.

character type

(n.) An attribute that distinguishes alphabetic characters from numeric or other characters and the mapping of uppercase to lowercase letters.


(n.) Instant Messaging’s version of instant messaging. Chat is a real-time conversation capability. Chat sessions are held either in chat rooms created on an as-needed basis or in pre-established conference rooms.


(n.) A predefined point in the life cycle of a stateful session bean at which the bean's state is saved in a persistent store in case an Application Server instance fails.


(1) (n.) A category that is a subcategory of another category. See also category.

(2) (n.) An element in an XML file that is contained within another element, referred to as the parent. See also parent.


(n.) An additional root directory you can create to limit the server to specific directories. You would use this feature to safeguard an unprotected server.


(n.) A cipher is a cryptographic algorithm (a mathematical function) used for encryption or decryption.


(n.) Encrypted information that cannot be read by anyone without the proper key to decrypt the information.

circle of trust

(n.) See authentication domain.


(compromised key list) (n.) A list of key information about users who have compromised keys. The certificate authority also provides this list. See also CRL.

classic CoS

(n.) Identifies the template entry by its DN and the value of one of the target entry\qs attributes.

classification rules

(n.) A set of rules used to assign resources to a category or to several categories.

class loader

(n.) A JavaTM technology-based component responsible for loading Java classes according to specific rules.

class of service

See CoS.


(Calendar Lookup Database) (n.) A plug-in that determines the physical location of a calendar when the calendar database is distributed over two or more back-end servers. Calendar Server provides the LDAP CLD plug-in and the algorithmic CLD plug-in.


(n.) Unencrypted text.

client-certificate authentication

(n.) An authentication mechanism that uses HTTP over SSL, in which the server and, optionally, the client authenticate each other with a public key certificate that conforms to a standard that is defined by X.509 Public Key Infrastructure. See also authentication, certificate authority.

client contract

(n.) A contract that determines the communication rules between a client and the EJBTM container, establishes a uniform development model for applications that use enterprise beans, and guarantees greater reuse of beans by standardizing the relationship with the client.

client conditional properties

(n.) Properties of Portal Server Mobile Access client types that enable administrators to specify properties for a channel or container channel for a given client.

client database

(n.) For Portal Server Mobile Access, a database that consists of an internal and an external library. The internal library contains all default mobile device data definitions. The external library contains customized client data definitions that override definitions in the internal library.

client detection

(n.) An Access Manager process which determines the capabilities and characteristics of each mobile device that accesses the portal.

Client Editor

(n.) An Access Manager interface that enables you to create a client type and to manage client properties. The Client Editor interface is accessible from the Access Manager console.

client identifier

(n.) An identifier that associates a connection and its objects with a state maintained by the Java Enterprise System message server on behalf of the client.

Client Manager

(n.) An Access Manager interface accessible from the console that enables you to manage client types and properties.

client profile

(n.) An Access Manager profile that identifies each client.

*client runtime

See Java Enterprise System client runtime.

client-server model

(n.) A computing model in which networked computers provide specific services to other client computers. Examples include the name-server and name-resolver paradigm of the DNS and file-server/file-client relationships such as NFS and diskless hosts.

*client type

(n.) An entry in the Access Manager client database.


(n.) A property which refers to a name that provides a unique index for Access Manager client data.


(1) (n.) A group of servers, brokers, or nodes connected by a high-speed network that work together as if they were one server, broker, or node. If a server, broker, or node in the cluster fails, its services can failover to an operational one. See also broker, failover, node, server.


See container-managed persistence.


See container-managed relationship.


See container-managed transaction.


See common name attribute.

CNAME record

(n.) A type of DNS record that maps a domain name alias to a domain name.

collation order

(n.) Language and cultural-specific information about how the characters of a given language are to be sorted. This information might include the sequence of letters in the alphabet or how to compare letters with accents to letters without accents.


(n.) A database that contains information about documents, such as a word list and file properties. Collections are used by the search function to retrieve documents matching specified search criteria.


(n.) The property of being on the same node. This concept is used during cluster configuration to improve performance.


(v.) To position a component in the same memory space as a related component in order to avoid remote procedure calls and improve performance.


(n.) A field in a database table.

(n.) A Directory Server preparation tool that makes an existing Directory Server ready for use by a Messaging Server.


(n.) In an XML document, text that is ignored unless the parser is specifically told to recognize it.

comment character

(n.) A character at the beginning of a line that turns the line into a nonexecutable comment.


(1) (v.) To complete a transaction by sending the required commands to the database or other resource. See also rollback, transaction.

(2) (n.) The point in a transaction when all updates to any resources involved in the transaction are made permanent.

common domain

(n.) In a circle of trust having more than one identity provider, service providers need a way to determine which identity provider a principal uses. Because this function must work across any number of domain name system (DNS) domains, the Liberty approach is to create a domain common to all identity and service providers in the circle. This predetermined domain is known as the common domain. Within the common domain, when a principal has been authenticated to a service provider, the identity provider writes a common domain cookie that stores the principal’s identity provider. Now, when the principal attempts to access another service provider within the circle, the service provider reads the common domain cookie and the request can be forwarded to the correct identity provider.

common log file format

(n.) The format used by the server for entering information into the access logs. The format is the same among all major servers, including the Web Server.

common name attribute

(n.) The cn attribute that identifies the person or object defined by the entry in an LDAP directory.

Communication Services

(n.) A comprehensive messaging solution that enables the delivery of the integrated email, calendar, instant messaging, and presence information to enterprise customers. The Communication Services core solution consists of Messaging Server, Calendar Server and Instant Messaging Server.

Communications Express

(n.) Software that provides an integrated web-based communication and collaboration client that caters to the needs of enterprise users for accessing email, calendar, and address book information.


(n.) A search engine service that provided the search capability for Portal Server 3.0. The search engine has been incorporated into the core of Portal Server 6.0. See Search Engine.

Compass Server

(n.) Server technology used to facilitate user access to network resources typically used with Portal Server 3.0. Portal Server 6.0 contains a tightly integrated search engine which provides the functionality that Compass Server provided with Portal Server 3.0.


(1) (n.) One of the system components included in Java Enterprise System.

(2) (n.) A unit of software logic from which distributed applications are built. An application component is custom developed and usually conforms to a distributed component model (such as CORBA and the J2EE platform) and performs some specific computing function. These components, singly or combined, provide business services and can be encapsulated as web services.

(3) (n.) See J2EE component.

component contract

(n.) The contract between a J2EE component and its container. The contract includes life-cycle management of the component, a context interface that the instance uses to obtain various information and services from its container, and a list of services that every container must provide for its components.

component-managed sign-on

(n.) A mechanism whereby security information needed for signing on to a resource is provided by an application component.

component product descriptor file

(n.) A file containing metadata for a given component product (usually in XML format).

component state

(n.) A set of attributes that describe a calendar event such as a meeting. In WCAP, the compstate parameter allows fetch commands to return events by component state. For example, compstate might be REPLY-DECLINED (attendee has declined a meeting) or REQUEST_NEEDS-ACTION (attendee has not taken action on a meeting yet).

compromised key list

See CKL.

computed attribute

(n.) An attribute that are not stored with the entry itself but are returned to the client application along with normal attributes in operation results.

conference room

(n.) A pre-established chat room configured by an administrator or other user with sysRoomsAdd privilege. The administrator or other user with sysRoomsAdd privilege can determine which users can view and access conference rooms.


(n.) A collection of settings for tuning a server or providing metadata for an application. Normally, the configuration for a specific application is kept in the application’s deployment descriptor file. See also admin console, deployment descriptor.

configuration administrator

(n.) The person who has administrative privileges to manage servers and configuration directory data in the entire server software topology. The configuration administrator has unrestricted access to all resources in the entire server software topology. This is the only administrator who can assign server access to other administrators. The configuration administrator initially manages administrative configuration until the administrator’s group and its members are in place.

Configuration Directory Server

(n.) A Java Enterprise System Directory Server that maintains configuration information for a server or set of servers.

configuration file

(n.) A file that contains the configuration parameters for a server, application, or software component.


(n.) A situation that arises when changes are made to the same directory data on different directory servers before replication can synchronize the data between the servers. When the servers do synchronize, they detect that their copies are inconsistent and might resolve the conflict or log an error.

conflict resolution

(n.) Deterministic procedures used to resolve change information. For more information, see the Java Enterprise System Directory Server Administration Guide.

congestion thresholds

(n.) A disk space limit set by the system administrator that prevents the database from becoming overloaded by restricting new operations when system resources are insufficient.


(1) (n.) For a resource manager, an object that represents a session with a resource manager.

(2) (n.)An active connection to a Java Enterprise System message server. The connection can be a queue connection or a topic connection.

connection factory

(1) (n.) For a resource manager, an object used for creating a resource manager connection.

(2) (n.) An object used to create Java Message Service (JMS) connections (TopicConnection or QueueConnection) which allow application code to make use of the provided JMS implementation. Application code uses the Java Naming and Directory InterfaceTM (JNDI) service to locate connection factory objects using a JNDI name.

connection handler

(n.) Used by Directory Proxy Server to distribute incoming client requests to data views. Connections are assigned to connection handlers according to criteria such as incoming IP address or domain name. When processing connections, connection handlers refer to connection policies.

connection policy

(n.) A policy rule for making decisions about how to process an operation routed by a Directory Proxy Server connection handler. Resource limits policies limit the resources allocated to connections, requests, and referrals. Request filtering policies provide access control for data.

connection pool

(n.)A group of connections. Allows highly efficient access to a database by caching and reusing physical connections, thus avoiding connection overhead and allowing a small number of connections to be shared between a large number of threads. See also JDBCTM connection pool.


(n.) A standard extension mechanism for containers to provide connectivity to an EIS. A connector is specific to an EIS and consists of a resource adapter and application development tools for EIS connectivity. The resource adapter is plugged in to a container through its support for system-level contracts defined in the connector architecture. See also resource adapter.

connector architecture

(n.) An architecture for the integration of J2EETM applications with an EIS. There are two parts to this architecture: an EIS vendor-provided resource adapter and a J2EE server that allows this resource adapter to plug in. This architecture defines a set of contracts that a resource adapter has to support to plug in to a J2EE server, for example, transactions, security and resource management.

Connector for Microsoft Outlook

(n.) A plug-in that enables Microsoft Outlook to be used as a desktop client with Sun Java Enterprise System.


See admin console.


(v.) To receive a message taken from a destination by a message consumer.


(1) (n.) A server containing replicated directory trees or subtrees from a supplier server.

(2) (n.) An object (MessageConsumer) created by a session that is used for receiving messages from a destination. In the point-to-point delivery model, the consumer is a receiver or browser (QueueReceiver or QueueBrowser). In the publish/subscribe delivery model, the consumer is a subscriber (TopicSubscriber).

consumer directory server

(1) (n.) A read-only directory server that refers all add, modify, and delete operations to master directory servers.

(2) (n.) Any directory server that receives changes from another directory server. See supplier directory server.


(n.) The userID (name) of a user or LDAP group with whom you send and receive instant messages. You add contacts to your personalized contact groups so that you can monitor their online status. Also known as buddy in other instant messaging environments.

contact group

(n.) A list of contacts that a user maintains. The actual list is stored on the Instant Messaging Server. You can create contact groups to keep track of people in a logical way.

contact list

(n.) In Java Enterprise System Instant Messaging, the list of all of your contact groups.


(1) (n.) Provides life-cycle management, security, deployment, and runtime services to a specific type of J2EE component. The Application Server provides containers for all types of J2EE components. See also component.

(2) (n.) In Java Enterprise System Portal Server 6.0, a container is a channel that primarily generates its content by aggregating the content of its child channels. In Java Enterprise System Directory Server Access Management Edition, a container defines a type of organizational object that can contain other Directory Server Access Management Edition objects.

container entry

(n.) An entry that represents the top of a subtree in the directory.

container-managed persistence

(n.) The mechanism whereby data transfer between an entity bean's variables and a resource manager is managed by the entity bean's container. See also bean-managed persistence.

container-managed relationship

(n.) A relationship between fields in a pair of classes where operations on one side of the relationship affect the other side.

container-managed sign-on

(n.) A mechanism whereby security information needed for signing on to a resource is supplied by the container.

container-managed transaction

(n.) The mechanism whereby transaction demarcation for an enterprise bean is specified declaratively and automatically controlled by the EJB container. An entity bean must use container-managed transactions. See also bean-managed transaction.


(n.) In an XML document, the part that occurs after the prolog, including the root element and everything it contains.

context attribute

(n.) An object bound into the context associated with a servlet.

context root

(n.) A name that gets mapped to the document root of a web application.

control descriptor

(n.) A set of enterprise bean configuration entries that enable you to specify optional individual property overrides for bean methods, plus enterprise bean transaction and security properties.


(n.) An Identity Synchronization for Windows connector component interfaces with the agent and accessor components. The controller performs key synchronization-related tasks such as determining a user's membership in a Synchronization User List, searching for and linking equivalent user entries, and detecting changes to users by comparing current user entries with the previous versions stored in the object cache. The controller is often referenced in log messages about an action.

conversational state

(1) (n.) Where the state of an object changes as the result of repeated interactions with the same client. See also persistent state.

(2) (n.) The field values of a session bean plus the transitive closure of the objects reachable from the bean's fields. The transitive closure of a bean is defined in terms of the serialization protocol for the Java programming language, that is, the fields that would be stored by serializing the bean instance.


(n.) A small collection of information that can be transmitted to a calling web browser, then retrieved on each subsequent call from that browser so the server can recognize calls from the same client. Cookies are domain-specific and can take advantage of the same web server security features as other data interchange between your application and the server. Accepting the cookies allows the web page to load more quickly and is not a threat to the security of your machine.

cooperating server

(n.) A server that wants to communicate with your server and a server with which your server wants to communicate. Also known as a coserver. Each cooperating server is given a symbolic name, which is a string consisting of letters and digits, for example, coservern, where n is a number.


(common object request broker architecture) (n.) A standard, language-independent architecture definition for object-oriented distributed computing specified by the OMG.

core service

(n.) One or more key services that define the basic functionality provided by a Java Enterprise System server, as opposed to support services or adjunct services.


(class of service) (n.) A method for sharing attributes between entries.

CoS definition entry

(n.) An entry identifies the type of CoS you are using. The entry is stored as an LDAP subentry below the branch it affects.


See cooperating server.

CoSNaming provider

(n.) To support a global JNDI name space (accessible to IIOP application clients), Java Enterprise System Application Server includes J2EE based CosNaming provider which supports binding of CORBA references (remote EJB references).

CoSNaming Service

(n.) An an IIOP-based naming service.

CoS template entry

(n.) An entry which contains a list of the shared attribute values.


(n.) A lightweight standards track authentication mechanism documented in RFC 2195. It provides a fast (albeit somewhat weaker) alternative to TLS (SSL) when only the user’s login password needs to be protected from network eavesdroppers.


See robot.

create method

(n.) A method defined in the home interface and invoked by a client to create an enterprise bean.


(certificate revocation list) (n.) A list published by a certificate authority that indicates any certificates that either client users or server users should no longer trust. In this case, the certificate has been revoked. See also CKL.


(n.) (UNIX only) A task that is executed automatically by the cron daemon at a configured time.


(Calendar Server application programming interface) (n.) A programmatic interface that provides the capability to modify or enhance the feature set of the Calendar Server. CSAPI modules are plug-ins that are loaded from the cal/bin/plugins directory when the Calendar Server is started.


(1) (Cascading style sheet) (n.) A stylesheet used with HTML and XML documents to add a style to all elements marked with a particular tag, for the direction of browsers or other presentation mechanisms.


(Compatibility test suite) (n.) A suite of compatibility tests for verifying that a J2EE product complies with the J2EE platform specification.


(Calendar user agent) (n.) An application that a calendar client uses to access the Calendar Server.