Sun Java Enterprise System Glossary



(directory access protocol) (n.) The ISO/ITU-T X.500 protocol that was the basis for LDAP.


(n.) The contents of an element in an XML stream, generally used when the element does not contain any subelements. When it does, the term content is generally used. When the only text in an XML structure is contained in simple elements and when elements that have subelements have little or no data mixed in, then that structure is often thought of as XML data, as opposed to an XML document.

data access logic

(n.) Business logic that involves interacting with a data source.


(n.) A generic term for relational database management system (RDBMS). A software package that enables the creation and manipulation of large amounts of related, organized data. See also schema.

database connection

(n.) A communication link with a database or other data source. Components can create and manipulate several database connections simultaneously to access data.

database wire protocol

See data redundancy unit.

data redundancy unit

(DRU) (n.) A set of HADB nodes containing half of the active and spare nodes and one complete copy of the data. The HADB is organized into two DRUs, which mirror each other. To ensure fault tolerance, the computers that support one DRU must be completely self-supported with respect to power, processing units, and storage. See also HADB node, active node, spare node, and mirror node.

data service

(n.) A web service that supports the query and modification of data regarding an end user. An example of a data service is a web service that hosts and exposes the user's profile information, such as name, address, and phone number.

data source

(1) (n.) A handle to a source of data, such as a database. Data sources are registered with the Application Server and then retrieved programmatically in order to establish connections and interact with the data source. A data-source definition specifies how to connect to the source of data.

(2) (n.) A repository accessed by Directory Proxy Server. Repositories include LDAP directories, JDBC-compliant databases, and LDIF flat files.

data source object

(n.) A data source object has a set of properties that identify and describe the real world data source that it represents.

data source pool

(n.) A set of data sources holding equivalent data. Data source pools provide load balancing and failover management for Directory Proxy Server.

data store

(1) (n.) A store that contains directory information, typically for an entire DIT.

(2) (n.) A database where information (durable subscriptions, data about destinations, persistent messages, auditing data) needed by the Message Queue broker is permanently stored.

data view

(n.) Uses DN-based routing to route connections from Directory Proxy Server connection handlers to data source pools.

DC tree

(domain component tree) (n.) A DIT that mirrors the DNS network syntax. An example of a distinguished name in a DC Tree would be cn=billbob,dc=bridge,dc=net,o=internet.


(Document-driven programming) (n.) The use of XML to define applications.


(n.) The very first thing in an XML document, which declares it as XML. The minimal declaration is <?xml version="1.0"?>. The declaration is part of the document prolog.

declarative security

(n.) Declaring security properties in the component’s deployment descriptor and allowing the component’s container (for example, a bean’s container or a servlet engine) to manage security implicitly. This type of security requires no programmatic control. Opposite of programmatic security. See also container-managed persistence.

declarative transaction

See container-managed transaction.


(n.) The process of making encrypted information intelligible. See also encryption.

default calendar

(n.) The calendar a user first sees after logging into Calendar Express. The calendar ID of a default calendar is the usually same as the user’s user ID. For example, would have a default calendar named jdoe.

default index

(n.) A set of indexes that is created for each database instance when Directory Server is installed. When Java Enterprise System Directory Server is installed, a set of default indexes is created for each database instance. For more information, see the Java Enterprise System Directory Server Administration Guide.


(n.) See federation termination.

definition entry

See CoS definition entry.


(n.) The MIME feature that enables a large message that has been broken into small messages or fragments to be reassembled. A Message Partial Content-Type header field that appears in each of the fragments contains information that helps reassemble the fragments into one message. See also fragmentation.

Delegated Administrator

(n.) A set of GUI and CLI interfaces that enable administrators to add users to and modify users and groups of a directory in a hosted domain.

delegated administrator console

(n.) A web browser-based software console that allows domain administrators to add and modify users and groups to a hosted domain. Also allows end users to change their password, set message forwarding rules, set vacation rules, and list mail list subscriptions.

delegated administrator for messaging and collaboration

(n.) A set of interfaces (GUI and utilities) that allow domain administrators to add and modify users and groups on a hosted domain.

delegated administrator server

(n.) A daemon program that handles access control to the directory by hosted domains.


(1) (n.) An object-oriented technique for using the composition of objects as an implementation strategy. One object, which is responsible for the result of an operation, delegates the implementation to another object. For example, a classloader often delegates the loading of some classes to its parent. See also class loader.

delete a message

(v.) To mark a message for deletion. The deleted message is not removed from the message store until it is expunged or purged in a separate action by the user. See also purge a message, expunge a message.


See message delivery.

delivery mode

(n.) A mode that indicates the reliability of messaging: messages that are guaranteed to be delivered and successfully consumed once and only once (persistent delivery mode) or are guaranteed to be delivered at most once (non-persistent delivery mode).

delivery model

(n.) A model by which messages are delivered. The model can be either point-to-point or publish/subscribe. In JavaTM Message Service (JMS), separate programming domains exist for each, using specific client runtime objects and specific destination types (queue or topic), as well as a unified programming domain.

delivery policy

(n.) A specification that details how a queue is to route messages when more than one message consumer is registered. The policies are single, failover, and round-robin.

delivery status notification

(n.) A message giving status information about a message that is en route to a recipient, for example, a message indicating that delivery has been delayed because of network outages.

denial of service attack

(n.) A situation where an individual intentionally or inadvertently overwhelms a mail server by flooding it with messages. A server’s throughput could be significantly impacted or the server itself could become overloaded and nonfunctional.

deny filter

(n.) A Java Enterprise System Messaging Server access-control rule that identifies clients that are to be denied access to one or more of the following services: POP, IMAP, or HTTP. See also Allow filter.


(n.) A person who installs J2EE modules and applications into an operational environment.


(1) (n.) The process whereby software is installed into an operational environment.

(2) (n.) A stage of the Java Enterprise System solution life-cycle process in which a deployment scenario is translated into a deployment design, implemented, prototyped, and rolled out in a production environment. The end product of this process is also referred to as a deployment (or deployed solution).

deployment architecture

(n.) A high-level design that depicts the mapping of a logical architecture to a physical computing environment. The physical environment includes the computers in an intranet or Internet environment, the network links between them, and any other physical devices needed to support the software.

deployment descriptor

(n.) An XML file provided with each module and application that describes how the applications should be deployed. The deployment descriptor directs a deployment tool to deploy a module or application with specific container options and describes specific configuration requirements that a deployer must resolve. See also metadata.

deployment scenario

(n.) A logical architecture for a Java Enterprise System solution and the quality-of-service requirements that the solution must satisfy to meet business needs. The quality-of-service requirements include requirement regarding: performance, availability, security, serviceability, and scalability/latent capacity. A deployment scenario is the starting point for deployment design.


(n.) The number of links followed from a site\qs starting point in the Search Engine. When you define a site, you define the number of links the robot can follow away from that point, thereby limiting the depth of the search.

dereference an alias

(v.) To specify in a bind or search operation, that a directory service translate an alias distinguished name to the actual distinguished name of an entry.


See Portal Server Desktop.


(n.) The physical location in a Java Enterprise System message server to which produced messages are delivered for routing and subsequent delivery to consumers. This physical destination, a queue or topic, is identified and encapsulated by an administered object. A client uses the administered object to specify the destination for which the client is producing messages and/or from which the client is consuming messages. See also point-to-point delivery model, publish and subscribe delivery model.

destination resource

(n.) An object that represents Topic or Queue destinations. Used by applications to read and write to Queues or publish and subscribe to Topics. Application code uses the Java Naming and Directory InterfaceTM (JNDI) Service to locate Java Message Service (JMS) resource objects using a JNDI Name.


(n.) A task in the Java Enterprise System solution deployment process, by which the custom components of a deployment architecture are programmed and tested.

device detection

See client detection.

device information

(n.) Device-specific client data for Portal Server Mobile Access.


(dynamic host configuration protocol) (n.) An Internet proposed standard protocol that allows a system to dynamically assign an IP address to individual computers on a network. See also IP address.

digest authentication

(n.) A type of authentication which allows the user to authenticate without sending the username and password as cleartext. A web application authenticates itself to a web server by sending the server a message digest along with its HTTP request message. The digest is computed by employing a one-way hash algorithm (called MD5) to a concatenation of the HTTP request message and the client's password. The digest is typically much smaller than the HTTP request and doesn't contain the password. The server uses the Digest Authentication plug-in to compare the digest value provided by the client.


(n.) A lightweight standards track authentication mechanism that is more secure then CRAM-MD5. Documented in RFC 2831 which also provides an option to protect the entire connection without the setup overhead of TLS (SSL).

digital signature

(n.) An electronic security mechanism used to authenticate both a message and the signer.


(n.) A Search Engine statement that uses a particular format to invoke a function (such as a robot application function) and passes parameters to the function in a parameter block. For example, the following directive invokes the enumerate-urls function and passes parameters for max and type:

Enumerate fn=enumerate-urls max=1024 type=text/html


(n.) A special kind of database optimized for reading data rather than writing data. Most directories are based on LDAP (Lightweight Directory Access Protocol), an industry-standard protocol.

directory access protocol

See DAP.

directory context

(n.) The point in the directory tree information at which a search begins for entries used to authenticate a user and password for message store access. See also base DN.

directory deployment

(n.) In the Application Server, the deployment of an unpackaged J2EE application or module in the form of an exploded directory instead of an archive file.

directory entry

(n.) A set of directory attributes and their values identified by a distinguished name. Each entry contains an object class attribute that specifies the kind of object the entry describes and defines the set of attributes it contains.

directory information tree

See DIT.

directory lookup

(n.) The process of searching the directory for information on a given user or resource based on that user or resource’s name or other characteristic.

Directory Manager

(1) (n.) A user who has administrative privileges to the directory server database. Access control does not apply to this user (think of the directory manager as the directory\qs superuser).

(2) (n.) The privileged database administrator who is comparable to the root user on UNIX systems. Access control does not apply to the directory manager.

directory schema

(n.) The set of rules that defines the data that can be stored in the directory.

Directory Server

(n.) The Java Enterprise System version of Lightweight Directory Access Protocol. Every instance of Application Server uses Directory Server to store shared server information, including information about users and groups.

Directory Server Access Management Edition

(n.) A set of interfaces that provide user and service management, authentication and single sign-on services, policy management, logging services, debug utility, and client support for Portal Server.

directory server

(1) (n.) A server that serves information about people and resources within an organization from a logically centralized repository. See also LDAP and Directory Server Access Management Edition

(2) (n.) The Java Enterprise System directory service based on LDAP.

directory service

(n.) A database application designed to manage descriptive, attribute-based information about people and resources within an organization.

Directory Service Control Center

(n.) A browser-based GUI for administering Directory Server and Directory Proxy Server.

Directory Service Manager

(n.) An LDAP superuser that manages server configuration and data on multiple Directory Servers and Directory Proxy Servers through Directory Service Control Center.

directory synchronization

(n.) The process of synchronizing the MTA directory cache with the current directory information stored in the directory service. See also MTA directory cache.

disconnected state

(n.) The state in which a mail client connects to the server, makes a cache copy of selected messages, then disconnects from the server.


(n.) The MTA component that handles connection requests for defined TCP ports. The Dispatcher is a multithreaded connection dispatching agent that permits multiple multithreaded servers to share responsibility for a given service. When using the Dispatcher, you can have several multithreaded SMTP server processes running concurrently.

display profile

(n.) A set of XML documents used to define and configure providers and channels in Java Enterprise System Portal Server.

distinguished name

See DN.

distributable session

(n.) A user session that is distributable among all servers in a cluster.

Distributed Authentication UI Server

(n.) An Access Manager subcomponent that provides for secure, distributed authentication across two firewalls in an Access Manager deployment. You install the Distributed Authentication UI subcomponent on one or more servers within the non-secure (DMZ) layer of an Access Manager deployment. This subcomponent acts as an authentication interface between end users and the Access Manager instances behind the second firewall, thus eliminating the exposure of the Access Manager service URLs to the end users.

distributed enterprise application

(n.) An application whose logic spans a network or Internet environment (the distributed aspect) and whose scope and scale meet the needs of a production environment or service provider (the enterprise aspect). The application's components run in separate runtime environments, usually on different platforms. Typical distributed applications are two-tier (client-server), three-tier (client-middleware-server), and multi-tier (client-multiple middleware-multiple servers).

distributed indexing

(n.) The process of assigning different robots in the Search Engine to index different parts of the network. Distributed indexing reduces the load on each robot. A single Search Engine can then gather all the resource descriptions from all the different robots by importing resource descriptions from each.

distributed transaction

(n.) A single transaction that can apply to multiple heterogeneous databases that might reside on separate servers.

distribution list

See mail list.

distribution list owner

See mail list owner.


(directory information tree) (n.) The logical representation of the information stored in the directory. The DIT mirrors the tree model used by most file systems, with the tree\qs root point appearing at the top of the hierarchy.


(distinguished name) (n.) String representation of an entry\qs name and location in the directory.

DN attribute

(n.) A text string that contains identifying information for an associated user, group, or object.


(domain name system) (n.) The system used by machines on a network to associate IP addresses (such as with host names (such as Clients usually use DNS to find the IP addresses of servers they wish to contact. The data in DNS is often augmented in local tables, such as from NIS or the /etc/hosts file on UNIX systems. See also IP address.

DNS alias

(n.) A host name that the DNS server knows points to a different host. The DNS alias is implemented as a DNS CNAME record. Machines always have one real name, but they can have one or more aliases. For example, an alias such as might point to a real machine called where the server currently exists.

DNS database

(n.) A database of domain names (host names) and their corresponding IP addresses.

DNS domain

(n.) A group of computers whose host names share a common suffix, the domain name. Syntactically, an Internet domain name consists of a sequence of names (labels) separated by periods (dots), for example, See also domain.

DNS spoofing

(n.) A form of network attack in which a DNS server has been subverted to provide false information.


(1) (n.) A file on the network, most often a web page or word processing document, but also possibly text files, spreadsheets, and so on. A generic term for a resource indexed by the Search Engine.

(2) (n.) An XML structure in which one or more elements contains text intermixed with subelements. See also data.

Document Object Model (DOM)

(n.) An API for accessing and manipulating XML documents as tree structures. DOM provides platform-neutral, language-neutral interfaces that enables programs and scripts to dynamically access and modify content and structure in XML documents.

document root

(1) (n.) A directory on the server machine that contains files, images, and data that will be displayed to users accessing Java Enterprise System Web Server.

(2) (n.) A directory on the server machine that contains the files, images, and data you want to present to users accessing the server.

(3) (n.) The document root (sometimes called the primary document directory) is the central directory that contains all the virtual server’s files you want to make available to remote clients.

document type definition

See DTD.


(1) (n.) The last part of a fully qualified domain name that identifies the company or organization that owns the domain name (for example,,

(2) (n.) Resources under the administrative control of a single computer system.

(3) (n.) A set of objects used by Java Message Service (JMS) clients to program JMS messaging operations. Two programming domains exist: one for the point-to-point delivery model and one for the publish/subscribe delivery model.

(4) (n.) A feature within the Sun Java System Application Server that allows different administrative users to create and manage their own domains. A domain is a set of instances created using a common set of installed binaries in a single system.

Domain Administration Server

(n.) The Domain Administration Server is a specially designated Application Server instance that handles all administrative tasks for the Application Server. It maintains and updates the central repository for Application Server configuration information. If the Domain Application Server isn't running, administrative tasks are unavailable.

domain administrator

(n.) A user who has administrative privileges to create, modify, and delete mail users, mail lists, and family accounts in a hosted domain by using the Delegated Administrator for Messaging and Collaboration GUI or CLIs. By default, this user can act as a message store administrator for all messaging servers in the topology.

domain alias

(n.) A domain entry that points to another domain. By using aliases, hosted domains can have several domain names.

domain directory

(n.) The directory for an Application Server domain, which contains at least one instance directory. This is what the server root is called in the Application Server.

domain hosting

(n.) The process of hosting a domain. The ability to host one or more domains on a shared messaging server. For example, the domains and might both be hosted on the mail server. Users send mail to and receive mail from the hosted domain. The name of the mail server does not appear in the email address.

domain name

(1) (n.) A host name used in an email address.

(2) (n.) A unique name that defines an administrative organization. Domains can contain other domains. Domain names are interpreted from right to left. For example, is both the domain name of the Example Company and a subdomain of the top-level com domain. The domain can be further divided into subdomains such as, and so on. See also host name, fully qualified domain name.

domain name system

See DNS.

domain organization

(n.) A subdomain below a hosted domain in the organization tree. Domain organizations are useful for companies that wish to organize their user and group entries along departmental lines.

domain part

(n.) The part of an email address to the right of the “at” sign (@). For example, is the domain part of the email address

domain quota

(n.) The amount of space allocated to a domain for email messages. The amount of space is configured by the system administrator.

domain registry

(n.) A single data structure that contains domain-specific information for all the domains created and configured on an installation of a server, such as domain name, domain location, domain port, domain host.

domain rewrite rules

See rewrite rule.

domain template

(n.) The part of a rewrite rule that defines how the host and domain portion of an address is rewritten. The template can include a full static host and domain address or a single field substitution string, or both.

double failure

(n.) Simultaneous failure of one or more mirror node pairs in the HADB. See HADB, HADB node, active node, spare node, mirror node, and data redundancy unit

drop word

See stop word.


See data redundancy unit.


(directory system agent) (n.) An X.500 term for a Directory Server.


See Directory Service Control Center.


(directory server entry) (n.) An entry, or DSA-specific entry, that has additional server-specific information associated with it. A DSE such as the Root DSE or schema DSE has different attributes on each server.


(digital signal processing) (n.) The conversion of signals from analog to digital. A DSP cvard is required to access Portal Server software using a phone for voice access.


(directory services markup language) (n.) A family of document formats for representing XML markup language that enable you to represent directory services in XML. Java Enterprise System Directory Server 5.2 conforms to version 2 of the DSML standard (DSMLv2).


(n.) See delivery status notification.


(n.) A daemon that accesses the database files that hold the directory information and communicates with directory clients using the LDAP protocol.


(n.) A Java Enterprise System Directory Server preparation tool that makes an existing Directory Server ready for use by a Java Enterprise System Messaging Server.


(document type definition) (n.) An optional part of the XML document prolog, as specified by the XML standard. The DTD specifies constraints on the valid tags and tag sequences that can be in the document. The DTD has a number of shortcomings, however, and this has led to various schema proposals. For example, the DTD entry <!ELEMENT username (#PCDATA)> says that the XML element called username contains parsed character data-that is, text alone, with no other structural elements under it. The DTD includes both the local subset, defined in the current file, and the external subset, which consists of the definitions contained in external DTD files that are referenced in the local subset using a parameter entity.

durable subscription

(n.) In the JMS publish and subscribe delivery model, a subscription that continues to exist whether or not there is a current active subscriber object. If there is no active subscriber, the JMS provider retains the subscription's messages until they are received by the subscription or until they expire.


(database wire protocol) (n.) A Calendar Server proprietary protocol that allows multiple servers to be linked together within the same Calendar Server system to form a distributed calendar store. The Calendar Servers uses DWP to retrieve remote data stored in the calendar database.

dynamic deployment

(n.) In the Application Server, deployment or redeployment of an J2EE application or module is dynamic; that is, no server restart is required. See also dynamic reloading.

dynamic group

(n.) A mail group defined by an LDAP search URL. Users usually join the group by setting an LDAP attribute in their directory entry.

dynamic reloading

(n.) The process of modifying and reloading a previously deployed component without going through the full deployment process and without restarting the server. By default, servlets, pages created with JavaServer PagesTM technology (JSP technology), and enterprise bean components can be dynamically reloaded. See also dynamic deployment.

dynamic web application

(n.) Refers to servlets, JSPTM pages, content providers, or anything else that needs to be processed by the Java web container that is accessed by the user’s browser. For Java Enterprise System Portal Server, the application gets installed in the web server.