Glossary
This glossary defines terms that are used in the documentation for BEA WebLogic Platform. Terms displayed in blue, other than URLs, are defined in this glossary.
Click a letter in the glossary index. Or use the Page Down key, the Page Up key, the arrow keys, or the scroll bar to navigate. Please contact us if you know of a relevant term that is not defined in this glossary.
| A | B | C | D | E | F | G | H | I | J | K | L | M |
| N | O | P | Q | R | S | T | U | V | W | X | Y | Z |
Set of restrictions on the ability of principals (human or software entities) to use software resources. These restrictions are enforced in order to prevent unauthorized use of such resources.
access control information (ACI)
Information about the initiator of a resource access request. The ACI is used to make a decision about enforcing access control.
Data structure used to authorize or prohibit the use of resources, such as network services, by principals. Each entry in an ACL contains a set of permissions associated with a particular principal.
In WebLogic Server 7.x and later, ACLs are deprecated and are replaced by security policies. To continue to protect WebLogic resources with ACLs, use Compatibility security.
In a WebLogic Integration environment, the use of different types of resources is granted to different types of principals:
See authentication, Compatibility security, group, permission, principal, record, security policy, user, and WebLogic resource.
Code that determines whether a subject has permission to perform a given operation on a WebLogic resource. The result of an Access Decision is to permit, deny, or abstain from making a decision. An Access Decision is a component of an Authorization provider.
See Authorization provider, Subject, and WebLogic resource.
Essential characteristics of transaction processing systems:
See transaction.
See access control list (ACL).
The version of the process that at run time will be accessed by external clients through the public URI.
See business process, versioning, and public URI.
Components that use Component Object Model (COM) technologies to provide interoperability with other COM services and components.
See Component Object Model (COM).
Software component that provides an interface between an enterprise information system and an integration server. An application adapter represents a system-level interface to the functionality in the application.
See resource adapter.
Method for resolving inconsistent authorization decisions.
Adjudication provider and Adjudicator
A WebLogic security provider that tallies the results that multiple Access Decisions return, resolves conflicts between the Access Decisions, and determines the final PERMIT or DENY decision. The Adjudicator is a component of the Adjudication provider.
See Access Decision and security provider.
Browser-based interface used by a system administrator to configure and monitor WebLogic Platform.
See WebLogic Integration Administration Console and WebLogic Server Administration Console.
Type of principal that accesses a resource in a WebLogic Server environment without being authenticated.
Third-party XML parser, provided by the Apache Software Foundation, that implements the W3C XML, DOM, and SAX standards.
See application programming interface (API).
Client-side Java program, usually embedded in an HTML page and viewed with a Java-enabled Web browser.
One or more software programs, used collectively by an end user to perform computing tasks. You use WebLogic Workshop to build an application consisting of a set of projects, libraries, and resources.
See application server.
A standards-based integration solution for connecting applications both within and between enterprises. The WebLogic Integration solution provides a means to integrate applications by defining communication endpoints, either in custom code or in a business process defined with WebLogic Workshop.
application programming interface (API)
A server designed to make it easier for developers to isolate the business logic in their projects (usually through components) and develop three-tier applications. Resources include databases, ERP applications, and traditional mainframe applications. Application servers also provide tools for developing user interfaces and for deploying an application to the Web. Many application servers offer additional features such as transaction management, clustering, fail-over, and load balancing. BEA WebLogic Server is a Java Application Server, which complies with the Java 2 Enterprise Edition (J2EE) platform.
Business-level interface to the functionality in an application. An application view is configured for a single business purpose, and contains only services related to that business purpose. Additionally, an application view represents both events and services that support a business purpose, allowing the business user to interact with the application view for all communication with an application.
A key-based cryptography that uses an encryption algorithm in which different keys, private and public, are used to encrypt and decrypt the data. Asymmetric key cryptography is also called public key cryptography.
See private key, public key, and symmetric key cryptography.
Characteristic of events that occur at different times such that the relationship between the times when those events occur is unpredictable.
In distributed application architectures such as Web services, clients invoke methods (or send messages to) servers and servers respond. If a client is blocked from performing other work while waiting for a server to respond, the interaction is described as synchronous because the client is synchronized with the server.
If an interaction is designed such that a client can continue performing other work while the server prepares its response, and the server can notify the client when the response is ready, the interaction is described as asynchronous.
An asynchronous architecture is useful in event-driven scenarios, in which an event can arrive at any time and the receiver can handle it whenever it arrives.
A business process which is invoked by an asynchronous method as the Starting Event. This includes business processes that are invoked via a Client Request node, a Subscription node, or one of several Client Request or Subscription nodes (i. e., an Event Choice node).
See business process.
A method that returns immediately and always returns void. Clients that use asynchronous methods do not have to wait for a meaningful response from the server before they can perform other tasks. See asynchronous web service, synchronous method.
A web service that provides asynchronous functionality, either by using asynchronous methods or by using synchronous methods and callbacks in an asynchronous manner. Interactions in asynchronous web services are designed to allow the client to continue performing other work while the server prepares its response. The server notifies the client when the response is ready. An asynchronous architecture is useful in event-driven scenarios where the receiver handles the event whenever it arrives. See asynchronous method, synchronous web service.
Information that is sent with a business message.
Process whereby information about operating requests and the outcome of those requests is collected, stored, and distributed for the purposes of non-repudiation. Auditing provides an electronic trail of computer activity.
See Auditing provider.
In a WebLogic Server environment, a security provider that provides auditing services.
See auditing and security provider.
Process whereby the identity of users or system processes are proved or verified. Authentication also involves remembering, transporting, and making identity information available to various components of a system when that information is needed. Authentication typically involves username/password combinations, but can also be done using tokens.
See Authentication provider, Identity Assertion, LoginModule, perimeter authentication, and token.
A security provider that enables WebLogic Server to establish trust by validating a user. The WebLogic Security Service architecture supports Authentication providers that perform username/password authentication; certificate-based authentication directly with WebLogic Server; and HTTP certificate-based authentication proxied through an external Web server.
See authentication, digital certificate, security provider, and user.
Process whereby the interactions between users and resources are limited to ensure integrity, confidentiality, and availability. Authorization controls access to resources based on user identity or other information.
In the WebLogic Server environment, a process whereby a user's access to a WebLogic resource is permitted or denied based on the user's security role and the security policy assigned to the requested WebLogic resource.
See Authorization provider, security policy, user, and WebLogic resource.
In the WebLogic Server environment, a security provider that controls access to WebLogic resources based on the user’s security role and the security policy assigned to the requested WebLogic resource.
See security provider, user, and WebLogic resource.
Practice whereby companies buy and sell to each other directly, that is, business-to-business (B2B), through electronic transactions.
A Java class you can assign to a portal component (such as a book or page) that runs before the component is rendered. For example, a backing file can process a request and a portal component can use the return values in rendering.
See WebLogic Integration.
See WebLogic Portal.
See WebLogic Server.
Transaction in which an Enterprise JavaBean (EJB) controls the transaction boundaries. In a bean-managed transaction, controls can be specified using JTA. The EJB code manages the transaction, which can begin in one method and end in another.
See container-managed transaction, Enterprise JavaBeans (EJB), Java Transaction API (JTA), and transaction.
The use of events to record user behavior in a portal that is stored in a database.
Industry initiative to define the BizTalk Framework, a set of guidelines for publishing XML schemas and using XML messages. Started by Microsoft, it is supported by a wide range of organizations, including technology vendors (such as SAP, CommerceOne, and Ariba) and technology users (such as BASDA). BizTalk is not a standards body, but a community of standards users.
See also http://www.biztalk.org.
A book contains one or more pages, with the currently selected page determined by a control such as a tab set.
See business process management (BPM).
Mechanism that enables you to cause Webflow to direct to different destination nodes, based on the value of the object returned from successful execution of the input processor or pipeline.
See node.
Trading partner that uses a Web browser to communicate with other trading partners.
See business transaction protocol (BTP).
A resource you can add to a method of your web service. A buffer ensures that your method returns to the client immediately, so that the client need not wait for the server to process other requests. Incoming calls to a buffered method are queued so that the server is not overwhelmed with requests.
Practice of adding a buffer to a method of your service to ensure that the service returns to the client immediately. This mechanism eliminates the need for the client to wait for the server to process other requests. Incoming calls to a buffered method are queued so that the server is not overwhelmed with requests.
XML part of the payload of a business message.
Staff member who combines the skills of a Business Analyst and Developer. A BE may:
See developer.
Basic unit of communication between trading partners in a conversation. A multipart MIME message, it consists of business documents, and attachments.
Method of adding user-defined operations in WebLogic Integration by invoking EJBs or calling Java classes.
A set of related business operations, such as order processing, that is automated in whole or in part. When a business process is executed, information is passed to a particular participant at a particular time, according to a set of intelligent business rules that enable computers to perform most of the work, leaving humans to deal only with exceptions.
business process management (BPM)
A set of tools and technologies that enables the integration of diverse applications and human participants, as well as the coordinated exchange of information between trading partners outside of the enterprise. Business processes allow you to orchestrate the execution of business logic and the exchange of business documents among back-end systems, users and trading partners (systems and users) in a loosely coupled fashion.
Set of rules that governs the electronic exchange of business information between enterprises across a network. A business protocol specifies the structure of business messages, the method for processing the messages, and the method for routing them to the appropriate recipients. WebLogic Integration trading partners can use the business protocol to send and receive business messages.
Set of logic plug-ins that implements a business protocol.
Interface to a conversation definition. A trading partner offers a business service to other trading partners who may want to interact with it.
business transaction protocol (BTP)
Standard that provides an open and well-defined method for managing long-running, complex transactions common in B2B e-commerce. BTP is an XML-based vocabulary protocol for representing and seamlessly managing complex, multistep B2B transactions over the Internet. BTP enables trading partners to manage complex XML message exchanges as long-running, loosely coupled conversations.
business-to-business (B2B) e-commerce
See B2B e-commerce.
Compiled format for Java programs that can be run (interpreted) on any computer with a Java virtual machine (JVM).
See Java virtual machine (JVM).
Compressed file used to load classes and other files required to run an applet in a single hypertext transfer protocol (HTTP) request. Can be used only with applets running under Microsoft Internet Explorer, version 4.0 or later.
A WebLogic Server 6.x feature that applies to WebLogic Server 7.x and later only if you use Compatibility security. A Caching realm is a temporary location in memory that contains frequently called ACLs, users, groups, and so on, from the primary realm. In WebLogic Server 6.x, users, groups, and ACL objects are stored in the filerealm.properties file, and reading from a file can be very slow. The Caching realm is a communication layer on top of the primary realm and is used for lookups, by default. If the Caching realm lookup fails, a lookup is performed on the primary realm.
See access control list, Compatibility security, group, and user.
Method defined on the client that your web service can call. Callbacks make it possible to support an asynchronous two-way exchange between a client and a service. For example, if a service performs a time-consuming operation, the service can immediately acknowledge the client's request with a simple return value, then later use the callback to return the full result of the operation. A callback must participate in a conversation.
Method run by your service when it receives a corresponding callback. The callback handler is defined by the control that includes the callback. For example, the timer control provides the onTimeout method as a callback handler. You have the option of adding code that will run when the timer fires.
Principal that is associated with an application component instance during a method invocation. For example, an EJB instance can call the getCallerPrincipal method to get the principal associated with the current security context.
See Enterprise JavaBeans (EJB) and principal.
Named group of scenarios that coordinate multiple Personalization, Commerce, and Campaign services to drive portal usage and achieve business goals.
See scenario.
Reduction in the price charged for product items, orders, or shipping cost conditionally targeted to a subset of the entire user population. WebLogic Workshop allows you to define the discounts that you might later decide to offer to your online customers.
Goal for a campaign that defines its termination. When the goal is satisfied, the campaign can end, even if the goal is fulfilled before the scheduled end date. This goal is specified in the campaign editor in the WebLogic Workshop and can be edited in the WebLogic Administration Portal.
Set of portal services that enable portal developers to create and track marketing goals. Campaigns are set up and managed using WebLogic Workshop.
Organization that commissions a campaign. Is often the organization that owns and operates the Web site (or a subset of that organization). In WebLogic Workshop, the sponsor can be used as a criterion for campaign searches, as well as for reporting and analysis.
State of a campaign: active or inactive. When a campaign is saved, it is in an active state and is ready to run between the specified start and stop times when the appropriate conditions are met. When you disqualify an active campaign from running, or you stop a running campaign prior to the specified stop date, the campaign is in an inactive state.
In XML, to convert from one type to another.
Single point of access to several product catalog services: Category Manager service, Product Item Manager service, Custom Data Manager service, and Catalog Query Manager service.
See service.
Service that queries the Commerce services product catalog. It defines two types of catalog searches: keyword searches and attribute-based searches. A keyword search is a simple search on a number of keywords, whereas an attribute-based search allows a complex Boolean expression on any of the item attributes to be evaluated.
See service.
Service that manages the hierarchical structure of the Commerce services product catalog. It defines a complex interface for creating and modifying the hierarchy and for mapping items into categories.
See service.
See digital certificate.
Method of providing a confident identification of a client by a server through the use of digital certificates. Certificate authentication is generally preferred over password authentication because it is based on what the user has (a private key), as well as what the user knows (a password that protects the private key).
See authentication, certificate authority, and digital certificate.
Trusted entity that issues public key certificates. A certificate authority attests to a user's real-world identity, much as a notary public does.
See certificate chain, digital certificate, entity, private key, public key, and trusted (root) certificate authority.
An array that contains a private key, the matching public key, and a chain of digital certificates for trusted certificate authorities, each of which is the issuer of the previous digital certificate. The certificate for the server, authority, authority2, and authority3, constitute a chain, where the server certificate is signed by the authority, the authority's certificate is signed by authority2, and authority2's certificate is signed by authority3. If the certificate authority for any of these authorities is recognized by the client, the client authenticates the server.
Process that causes a Webflow to move from one processor node (that is, an input processor or pipeline) to another processor node. This mechanism relieves you of the need to use processor nodes between presentation nodes. In a chaining arrangement, the result state of one successfully executed processor node is another processor node.
See node.
Interactive process whereby a customer confirms items to be purchased, and provides payment and shipping information. The Commerce services then validate the customer information, post the credit card transaction, and log shipping and tax payment requirements. The checkout process invokes the Registering Users and Managing Customer services and the Managing Purchases and Processing Orders services.
See Managing Purchases and Processing Orders services and Registering Customers and Managing Customer services.
In cryptography, a coding system used to create encrypted messages.
See cipher, cipher suite, cipher text, and secure sockets layer (SSL).
Secure sockets layer (SSL) encryption method. Includes three types of algorithms that can be used to protect the integrity of a communication: the key exchange algorithm, the symmetric encryption algorithm, and the secure hash algorithm.
See cipher and secure sockets layer (SSL).
In cryptography, text that is encrypted.
Category of objects used in object-oriented programming. A class defines the implementation of a particular kind of object. A class definition defines instances and class variables and methods, and specifies the interfaces and class implementations and the immediate superclass of the class. If the superclass is not explicitly specified, it is implicitly assumed to be Object.
See object-oriented programming (OOP) and class library.
A set of client programming tools called classes. These tools can be used in a Java or C++ program, or in a Java applet that can be embedded in a Web page.
See class.
List of paths for the file system directories or Java archive files to be searched by a Java Virtual Machine (JVM) at run time, in order to locate the executable class files required at that time. The list may be supplied through an operating system environment variable (CLASSPATH) or a command-line switch (-classpath) sent to the virtual machine. Application server containers, such as servlet engines and EJB containers, may contain additional levels of classpath information.
See class and class library.
Act of clicking an ad. The number of clickthroughs can be used as one criterion to determine whether the goal of a campaign has been met.
Program that performs the following steps:
If a client is located on a machine that belongs to the domain to which the target servers also belong, then the client is called a native client. If the client is located on a machine outside that domain, then the client is called a remote client or a Workstation client.
client (CORBA)
Code that invokes an operation on a distributed object.
Any application that makes a request to a web service to return data. The client can be written in any language and running on any platform, so long as it communicates in the manner that the web service expects. Most web services expect to receive requests over an Internet protocol such as HTTP, and they expect those requests to be XML messages formatted according to the SOAP specification. See simple object access protocol (SOAP).
A business process node which provides a means for a client to make a request to a business process.
See business process.
client request with return node
A node which starts a business process as the result of receiving a synchronous request from a client. Any nodes added between the receive and send nodes inside the Client Request with Return group are executed within the scope of the synchronous operation. This node is only available as the starting event of a business process.
A business process node which provides a way for a business process to send messages to clients.
See business process.
Network in which heterogeneous clients make requests over various protocols for many different services on the network and the requests are fulfilled transparently by a high-performance, intelligent intermediate server or cluster of servers, such as the pure-Java WebLogic Server.
See client/server and Web service.
Network architecture in which computer processing is distributed among clients (desktop PCs) and a server or servers (central computer).
See client/network.
Character Large Objects
Group of WebLogic server instances that work together to provide an application platform that is more powerful and reliable than a single server. A cluster appears to its clients as a single server but it is, in fact, a group of servers acting as one. If properly designed and configured, a cluster can provide both availability and scalability. New processes and machines can be added to a cluster, dynamically, to handle increased load without shutting down the cluster. Individual servers can be removed from the cluster periodically so that maintenance can be done without affecting cluster performance.
In this documentation, the character encoding of the field data.
See applet and package name.
Base URL for locating an applet's classes on the server host. To get the complete URL for an applet, combine the CODEBASE with the applet's CODE name.
See Component Object Model (COM).
Representation of an object that conforms to the Component Object Model (COM) standards, including implementations of all necessary interfaces.
Development kit for an application that services product catalog requests and manages customer orders. It includes database schemas, Java components and libraries, configuration files, and interaction management tie-ins.
See JSP template and Web application (Webapp).
See transaction.
Defines a standard client API for application components and enables application components and Enterprise Application Integration (EAI) frameworks to drive EIS using a common client API. The J2EE Connector Architecture defines a CCI for EIS access.
See application programming interface (API), Enterprise Information System (EIS), and J2EE Connector Architecture.
The capability of an application built using one release or service pack to run in another release or service pack, with or without rebuilding the application.
Security realm that is the default (active) security realm if you are using Compatibility security. The Compatibility realm adapts your existing WebLogic Server 6.x Authentication and Authorization providers so that you can use them in WebLogic Server 7.x or later. The only security realm available in Compatibility security is the Compatibility realm.
See Compatibility security, default realm, security provider, security realm, and WebLogic security provider.
The capability to run security configurations from WebLogic Server 6.x in later releases of WebLogic Server. Using Compatibility security in WebLogic Server 7.x or later, you configure 6.x security realms; define users, groups, and ACLs; manage protection of user accounts; and install custom auditing providers. The only security realm available in Compatibility security is the Compatibility realm. The Realm Adapter providers in the Compatibility realm allow backward compatibility to the authentication and authorization services in 6.x security realms.
See access control list, Auditing provider, Compatibility realm, group, Realm Adapter Authentication provider, Realm Adapter Authorization provider, security realm, and user.
An XML element that can contain other elements or attributes. The definition for a complex type appears as <complexType> in an XML schema document. See simple type.
Part of an application.
Collection of services that enables software components to interoperate in a networked environment.
See COM view.
The rules, such as user properties, events, and dates and times, which trigger predefined personalized actions to occur for portal visitors. Conditions are used to define User Segments, Content Selectors, and Campaigns.
Set of hardware, hardware options, software, and software setup on a computer or on a network.
See configuration set and configure.
Name or number used to reference a particular configuration in a configuration partition. Each configuration set describes the services to be used when the configuration is active.
See configuration and configure.
To customize hardware and software for a computer or for a network.
An object that provides connectivity to a resource manager and enables an application client to connect to a resource manager, perform transactions, and access services provided by that resource manager. A connection can be either transactional or nontransactional.
See resource manager.
A programmable filter that WebLogic Server uses to determine whether the server should allow incoming connections from a network client. In addition to security policies that protect WebLogic resources based on user characteristics, you can add another layer of security by filtering based on network connections.
See security policy, user, and WebLogic resource.
In Webflow, a small graphical device on the edge of a node that marks the point at which an event or exception is connected to that node. In some cases, it may be helpful to move the node's connection port.
See node.
See resource adapter.
In a WebLogic Server environment, pseudomethod used to create an object. In Java, constructors are instance methods with the same names as their classes. Java constructors are invoked using the new keyword.
See class, instance, Java, metadata interface, and object.
Part of an application server, such as WebLogic Server, that provides deployment and run-time support for application components. A container allows you to monitor and manage supported components as well as the service(s) that monitor and manage the components. A container can be any of the following:
See Enterprise JavaBeans (EJB), Java Server Pages (JSP), and servlet.
Transaction in which an Enterprise JavaBean container controls the transaction boundaries. In a container-managed transaction, controls are specified in the deployment descriptor. When a bean method is invoked, the container manages the transaction, which begins and ends in the same method. An entity bean must use container-managed transactions.
See bean-managed transaction and transaction.
System that manages a collection of content objects (articles, documents, images, and so forth), including metadata about the content. See metadata.
The content repository stores content as well as meta-data in a database. Multiple content management repositories – including BEA and 3rd party – can be integrated in a single virtual content repository. Developers can query the repository and retrieve and display personalized content in portal applications.
A content selector is one of several mechanisms that WebLogic Portal provides for retrieving documents from a content management system. Use content selector JSP tags and a set of other JSP tags to retrieve and display the content targeted by the content selector.
A ContextHandler is a high-performing WebLogic class that obtains additional context and container-specific information from the resource container, and provides that information to security providers making access or role mapping decisions. The ContextHandler interface provides a way for an internal WebLogic resource container to pass additional information to a WebLogic Security Framework call, so that a security provider can obtain contextual information beyond what is provided by the arguments to a particular method. A ContextHandler is essentially a name/value list, and as such, it requires that a security provider know what names to look for. (In other words, use of a ContextHandler requires close cooperation between the WebLogic resource container and the security provider.)
See security provider, WebLogic container, and WebLogic Security Framework.
Component used in a Web service so that a service can communicate with other kinds of applications and components. For example, a database control enables a Web service to request data from a database. A service control makes it easy for one Web service to call another.
A file that defines a control. Controls with the CTRL extension were created in an earlier version of WebLogic Workshop but continue to be supported. See Java control (JCX).
Someone who builds Java controls to encapsulate reusable functionality. A control author writes a control class, then (as needed) adds nested controls, implements methods and callbacks, and defines properties.
Implements the control interface containing methods exposed by a Java business control. The class name is the same as the control interface name, but ends with “Impl”. A control class file has a .jcs extension.
A Java interface that defines the methods exposed by a Java business control. A control interface always extends the com.bea.control.Control interface or an interface derived from it.
Control receive nodes represent points in business processes at which the process receives asynchronous messages from resources (via controls). A business process waits at a Control Receive node until it receives a message from the specified control. Control nodes are mutable or morphable; you can change them into another type of control by dragging and dropping a control method of a different type.
See business process.
Control send nodes represent points in business processes at which they send asynchronous messages to resources (via controls). Control nodes are mutable or morphable; you can change them into another type of control by dragging and dropping a control method of a different type.
See business process.
Control Send with Return nodes handle synchronous exchange of messages between business processes and resources (via controls). Control nodes are mutable or morphable; you can change them into another type of control by dragging and dropping a control method of a different type.
See business process.
A capability WebLogic Workshop automatically provides to web services to help them keep track of which responses go to which clients in response to requests. For example, when events occur in the web service that must be passed on to clients via callbacks, WebLogic Workshop's correlation capability routes the callback messages automatically.
Security-related attribute of a Subject, which may contain information used to authenticate the Subject to new services. Types of credentials include username/password combinations, Kerberos tickets, and public key certificates.
See credential mapping, Credential Mapping provider, digital certificate, Kerberos ticket, public key, and Subject.
The process whereby a legacy system's database is used to obtain an appropriate set of credentials to authenticate users to a target resource. WebLogic Server uses credential mapping to map credentials used by WebLogic Server users to credentials used in a legacy (or any remote) system. WebLogic Server then uses the credential maps to log in to a remote system on behalf of a subject that has already been authenticated.
See credential, Credential Mapping provider, and resource.
A security provider that is used to provide credential mapping services and bring new types of credentials into the WebLogic Server environment.
See credential, credential mapping, and security provider.
WebLogic Server security feature that allows users to authenticate once but access multiple applications, even if these applications reside in different DNS domains. You can use this feature to construct a network of affiliates or partners that participate in a Single Sign-On domain. See also single sign-on. NOTE: Cross-domain single sign-on is only supported for Java clients, that is, clients that are running a Java Virtual Machine (JVM); Cross-domain single sign-on is not supported with Web browser clients.
A protocol that is based on IIOP (GIOP 1.2) and the CORBA Common Secure Interoperability version 2 (CSIv2) CORBA specification. The secure interoperability requirements for EJB2.0 and other J2EE1.4.1 containers correspond to Conformance Level 0 of the CSIv2 specification. The CORBA Security Attribute Service (SAS) is the protocol that is used in CSIv2. For more information, see http://www.omg.org/technology/documents/formal/omg_security.htm.
See control (CTRL) file.
Service that defines an interface for giving persistence to custom attributes of product items. (Custom attributes are attributes not defined in the ProductItem interface.)
See service.
Security providers written by third-party security vendors or customer security developers that can be integrated into the WebLogic Security Service. Custom security providers are implementations of the Security Service Provider Interfaces (SSPIs) and are not supplied with the WebLogic Server product.
See Security Service Provider Interfaces (SSPIs), security provider, security realm, WebLogic security provider, and WebLogic Security Service.
In WebLogic Server 7.x and later, supported only in Compatibility security. In WebLogic Sever 6.x, you customize authentication by creating your own security realm and integrating it into the WebLogic Server environment.
A control that makes it easy to access a relational database from your Java code using SQL commands.
Intermediary class that mediates initialization calls between a security provider and the security provider's database.
See security provider database.
A business process node that allows you to incorporate true or false decisions into a process. A Decision node consists of one condition, a path below the condition, which represents the path of execution followed when the decision evaluates to true, and a path to the right of the condition, which represents the path of execution followed when the condition evaluates to false (the default path). A Decision node can contain additional conditions, in which case if the first condition evaluates to false, the second condition is evaluated. If the second condition evaluates to false, the next condition is evaluated, and so on. The default path is executed if no conditions are met.
See business process.
Security that is defined, or declared, using the application deployment descriptors. For Web applications, you define the deployment descriptors in the web.xml and weblogic.xml files. For EJBs, you define the deployment descriptors in the ejb-jar.xml and weblogic-ejb-jar.xml files.
Component that processes the protocol-specific message headers, identifies the sending trading partner, enlists the sending trading partner in a conversation, prepares a reply for the sender, and forwards the message to the scheduling service.
Process of taking cipher text (encrypted data) and a cryptographic key and producing plain text (the original unencrypted data).
See encryption.
The active security realm. In WebLogic Server 7.x and later, you can configure multiple security realms in a WebLogic Server domain; however, only one can be the default (active) security realm.
See Custom security realm, security realm, and WebLogic Server domain.
A definition is the source for a portal object, and resides in the library.
Hierarchy-based administration that allows administrators to delegate administrative sub-tasks to others
Authorization, by principal A, for principal B to use principal A's identity or privilege, sometimes with restrictions.
Sequence of bytes that denotes the end of a field or group of data.
Denial of Service (DoS) attack
Security attack in which an user or organization is deprived of the services of a resource they would normally expect to have. For example, an enterprise Web site may be forced to cease operation, thus forcing the enterprise to spend a lot of time and money.
XML file that supplies an application server with the information it requires to configure deployment properties for standard J2EE components, such as EJBs, Web Applications, Resource Adapters, and Enterprise Applications. It also enables a system administrator to define permissions on a J2EE component and to configure resources used by a component. Deployment descriptors conform to a Document Type Definition (DTD) provided by Sun Microsystems, Inc. JavaSoft.
See Document Type Definition (DTD), Enterprise JavaBeans (EJB), and XML.
A desktop contains all the portlets, content, and look and feel elements necessary to create individual user views of a portal. All users access the default before they define their own desktops. A portal contains one or more desktops.
Generic name for the role played by any technical expert in an organization who creates and/or maintains Web applications by writing code. In the Java 2 Platform Enterprise Edition (J2EE) Specification, developers are referred to as Application Component Providers.
Developers have special access privileges that may not be shared by individuals in other organizational roles.
Numerous areas of expertise divide developers into various categories: Java/EJB developers, HTML/JSP developers, application assembler/deployers, and system administrators.
An instance of WebLogic Server that is configured for use in a development environment. See also production server.
Digital equivalent of an ID card that is used by WebLogic Integration, with a public key encryption system, to authenticate trading partners. A digital certificate is a digital statement that associates a particular public key with a name or other attributes that are used to identify the certificate's owner. The statement is digitally signed by a certificate authority. Therefore, by trusting the certificate authority to sign only true statements, you can trust that the public key belongs to the entity (typically, a person, a corporation, or an agency) named in the certificate.
See certificate authority, digital signature, public key, and trusted (root) certificate authority.
String of bits used to protect the security of data being exchanged by two entities by verifying the identities of those entities. Specifically, this string is used to verify that the data came from the sending entity of record and was not modified in transit. A digital signature is computed from an entity's signed data and private key. It can be trusted only to the extent that the public key used to verify it can be trusted.
See entity, private key, and public key.
Application that is divided into two or more parts (such as a client and a server), residing on different computers that communicate through a network. Web applications are, by nature, distributed applications.
Application design and implementation strategy that divides an application into units that are executed on different computers and communicate through a network. For example, an application can be divided into three distributed units: a user interface unit, a processing unit, and a storage unit.
Object that can be located anywhere on a network. Distributed objects are packaged as independent pieces of code that can be accessed by remote clients through method invocations. The language and compiler used to create distributed objects are totally transparent to the clients. Clients do not need to know the location in which the distributed object resides or the operating system on which it runs.
distributed object model (DOM)
Abstraction that describes the way applications are partitioned, that is, how the logic is divided between the tiers (multitier or two-tier) that support it.
Global transaction involving multiple servers and one or more resources. In a distributed transaction environment, a client application may send requests to several servers resulting in resource updates at multiple resource managers. To complete a transaction, the transaction manager for each participant (client, servers, and resource managers) must be polled to coordinate the commit process for each participant within its domain.
See transaction, transaction manager, and resource manager.
A business process node which provides Do While loop capabilities in a process. For Do While groups, business process activities are added before the condition in the loop. At run time, the activities defined in a Do While loop are performed; then the condition is evaluated. Therefore, the activities inside a Do While group are performed one or many times, depending on the results of the evaluation of the condition.
See business process.
Schema, such as a Document Type Definition (DTD), that specifies the prerequisites for a valid document. WebLogic Integration document definitions are provided in XML DTDs. Each document definition includes two attributes: System ID (a DTD system identifier); and URL, which specifies the location of the document definition.
Definition of the method through which a document is exchanged. A document exchange defines a business protocol and some run-time parameters.
Document Type Definition (DTD)
File that defines the format (grammar and syntax) to be used for associated messages or files written in either XML or SGML. Specifically, a DTD file defines how the markup tags in an XML or SGML document should be interpreted by the application that is presenting that document, so that the document is displayed or printed as intended. The definition conforms to the rules of the Standard Generalized Markup Language (SGML). DTDs are part of the W3C XML specification.
See schema.
See distributed object model (DOM).
An interactive, graphical user interface (GUI) that facilitates the creation of a new WebLogic Server domain. The wizard can create WebLogic Server domain configurations for stand-alone servers, Administration Servers with Node Managers and Managed Servers, and clustered servers. You can use it to create the appropriate directory structure for your WebLogic Server domain, a basic config.xml file, and scripts that you can use to start the servers in your domain.
See Document Type Definition (DTD).
Datatype for which the memory size is not known when the code is compiled; a the memory size of a dynamic datatype is known only when the code is executed.
See enterprise application archive (EAR).
See electronic business XML (ebXML).
The standardized, combined form of the JavaScript and JScript languages. JavaScript was developed by Netscape Communications and JScript was developed by Microsoft Corporation. The European Computer Manufacturers Association (ECMA) acted as the standards body for ECMAScript.
Standardized language that combines JavaScript and JScript. JavaScript was developed by Netscape Communications; JScript, by Microsoft Corporation. ECMAScript was created by a standards body called the European Computer Manufacturers Association (ECMA).
See Electronic Data Interchange (EDI).
See Enterprise Information System (EIS).
See Enterprise JavaBeans (EJB).
electronic business XML (ebXML)
Set of specifications for a modular framework supporting the electronic exchange of business data. Developed for global usage through a joint initiative of the United Nations (UN/CEFACT) and OASIS.
Electronic Data Interchange (EDI)
Industry standard for the format of business messages used in e-commerce, and for the legal terms governing the use of such messages.
A unit of XML data. An element can enclose other elements.
A server that contains user, group, security role, security policy and credential information. The WebLogic Authentication, Authorization, Role Mapping, and Credential Mapping providers use the embedded LDAP server as their security provider databases.
See credential, group, security policy, and security role.
Component that transforms a message, as necessary, to support the required business protocol, and then forwards the message to the transport service.
Process of algorithmically scrambling data to prevent (or hinder) unauthorized disclosure, while still preserving access to the original data by authorized users. To read an encrypted file, a recipient must have access to a secret key or password that enables the recipient to decrypt it. Unencrypted data is called plaintext; encrypted data is referred to as ciphertext.
Encryption key pair consists of the public key used to encrypt information and a private key used to decipher the information.
enterprise application archive (EAR)
A single-file archive that consists of Web application components, EJB components, and resource adapters. The META-INF\application.xml deployment descriptor contains an element for each Web application, EJB, and connector component, as well as additional elements to describe security roles and application resources such as databases. WebLogic Workshop applications are exploded EAR files that can be deployed to a WebLogic Server instance running in production mode.
Enterprise Information System (EIS)
Software system that provides the information infrastructure for an enterprise. An EIS offers a set of services to its clients. These services are made available to clients via local and/or remote interfaces. Examples of an EIS include:
Enterprise Information System (EIS) resource
Provides EIS-specific functionality to its clients. Examples of an EIS resource include:
Java API that defines a component architecture for multitier client/server systems. Specifically, the EJB specifies an architecture for the development and deployment of object-oriented, distributed, enterprise-level applications. Applications written using the EJB architecture are scalable, transactional, and secure.
See Java 2 Enterprise Edition (J2EE).
Visitor Entitlements are a mechanism for determining who may access the resources in an application and what they may do with those resources. This access is based on the role that a visitor to an application is in, allowing for flexible management of the resources.
Something that exists independently as a particular and discrete unit. Persons, corporations, and objects are examples of entities.
Enterprise JavaBean that represents a database record and includes methods that can be invoked on data in that record.
Stateless session bean that handles the persistence of properties.
A string that represents some aspect of the current operating context. Usually, an environment variable encapsulates information that is useful to all programs that run within a given context. The value that the variable represents can be different in different contexts. For example, CLASSPATH is a standard environment variable that all Java programs use to find Java classes. The value of the CLASSPATH variable differs depending on which Java classes are installed on a computer and the location in which they are installed.
Standard events are generated at important points in an e-commerce site. The components that enable events include Java APIs, JSP tags, JSP scriptlets, Webflow input processors, Pipeline components, content selectors, and classification advislets.
You can add or customize generators for each of the following events:
Each event is generated by JSP tags. You can use the JSP tags that initiate these events to specify which products and what content generate these events. For example, in the wlcsApp E-Commerce Application, the JSP tag for the DisplayProductEvent is located in the details.jsp.
An Event Choice node group represents a point in a business process at which the business process waits to receive one of a possible number of events. Once it receives one of the possible events, the flow of the business process continues. You design other nodes within an Event Choice node group to handle the incoming events. The first node on each branch of an Event Choice node group handles the receipt of one event. The flow of execution proceeds along one branch in an Event Choice node; the branch containing the event that happens first.
The Event Service captures a rich set of portal usage data to enable real-time personalization via Campaigns and reporting (see Behavior Tracking). WebLogic Portal ships with a set of predefined events, including Login, Registration and Commerce events. Customers can augment the OOTB event with custom events.
Condition, often an error, that causes a program or microprocessor to branch to a different routine to handle the error. Java method for handling run-time errors.
The definition of how exceptions are handled within a business process or a portion of a business process. Exception paths can be associated with individual nodes, a group of nodes, or with the entire business process (global). When an exception is thrown, an exception handler associated with the node on which the exception occurs is executed first. If no exception path exists for the node, or if the exception path for the node throws an exception, the exception is caught by an exception handler on a group in which the node is contained. If an exception path on a group does not catch or handle the exception, it is caught by the global exception handler. An exception path associated with a Start node defines the global exception handler for a process.
Transactions within a business process whose boundaries are declared. You create explicit transaction boundaries by selecting contiguous nodes and declaring them to be in a transaction separate from those created implicitly by the application. Resources accessed with a process may also be part of the transaction depending on the nature of the resource and the control that provides access.
See business process and implicit transaction.
extensible markup language (XML)
Metalanguage (a language for describing languages) that you can use to define customized markup languages. It is composed of a subset of standardized general markup language (SGML).
XML facilitates the development of user-defined document types and the creation of programs that can use data from documents of such types. It is rapidly becoming a universal standard for defining, validating, and sharing data formats and documents.
Because XML is text-based (that is, it is not written in binary format), and it uses syntax rather than binary markers to organize data, it can be deployed across heterogeneous and potentially incompatible systems and platforms.
eXtensible Stylesheet Language (XSL)
Language for specifying the format of an XML document.
eXtensible Stylesheet Language Transformations (XSLT)
XML language designed for transforming one XML document into another. An XSLT document, or stylesheet, describes data transformations that are to be performed on nodes of an XML document. Using XSLT, an XML document can be transformed into a variety of text formats, such as XML, HTML, and PDF.
Capability of a system to respond to the failure of a service invocation by redirecting the request for the service to an alternate provider, without requiring user intervention. In other words, the ability of a system to transfer control to a backup component when a fault occurs.
The types of services that can be invoked, through the failover capability, in spite of an initial invocation failure, include the service that performs lookups of service providers, the ability to recover in the event of a server failure, and the ability to find another instance of a service on a reachable server.
In WebLogic Server 6.x, a realm that stores users, groups, encrypted passwords, and ACLs in a file. In WebLogic Server 7.0 and later you use a File realm only with Compatibility security.
When you create a business process, it contains by default a Start node and a Finish node. You can specify additional (optional) endpoints of your business process by adding Finish nodes to those locations where you want the business process to cease execution. A Finish node is always the last node in a business process. You can place a Finish node at the end of the main flow or on any branch of a business process.
See business process.
Software that monitors traffic between an internal network and the Internet, and that regulates the type of network traffic that can enter and leave the internal network. A firewall can be connected to the Internet or set up within a company’s network to prevent unauthorized access to the network. Firewalls protect information on computers and information that is being carried over the network. Firewalls use various types of filters to prevent access, including limiting the types of protocols allowed and restricting access from network nodes by IP addresses and DNS node names.
A region of a portal desktop that is outside the desktop's main body, usually positioned below the main body.
A business process node which provides For Each loop capabilities in a process. For Each nodes represent points in a business process at which a set of activities is performed repeatedly, once for each item in a list. For Each nodes includes an iterator node (on which a list of items is specified) and a loop (in which the activities to be performed for each item in the list are defined). An XML document (or a section of an XML document) is passed into the For Each loop in a business process variable. An iteration variable holds the current element being processed in the For Each loop, for the life of the loop.
See business process.
A Business Process Start Node property which describes error handling behavior. When a business process fails and there is no exception handler configured to handle the exception thrown, the business process is placed into an aborted state and no recovery is possible. However, if the business process is configured to freeze on failure, the business process rolls back to the last commit point and the state is persisted if it fails. The process can then be restarted from the WebLogic Integration Administration Console.
See on sync failure.
Function that reclaims memory from unused objects and variables while a Java program is being run. This function is usually executed automatically in the background, but it can also be requested at specified times by the programmer.
An element that can be referenced from anywhere else in the schema.
A security role that applies to all WebLogic resources within a security realm. For example, if the WebLogic Role Mapping provider is being used in the default security realm, global roles can be defined in terms of user, group, and hours of access.
See Role Mapping provider, scoped role, security realm, security role, and WebLogic resource.
Transaction managed by an external transaction manager (such as WebLogic Server) that can include multiple servers or multiple resources as participants. The transaction is coordinated as an atomic unit of work: All participants either commit or rollback the entire transaction.
See distributed transaction and ACID properties.
In a WebLogic Server environment, set of users that share some characteristics. Groups are a static identity that a server administrator assigns. Groups are associated with security roles. Giving permission to a group is the same as giving the permission to each user who is a member of the group.
See permission and user.
A logical collection of nodes in a business process. You can create a group from one or more nodes or other groups. Groups allow you to simplify the display of your business process and provide an extra level of exception handling logic.
See business process.
In releases of WebLogic Portal prior to 8.1, Group Portals provided a particular view of a portal for users within a specific group. With WebLogic Portal 8.1, these are superceded by role-based Desktops, in which the role of the user determines which Desktops may be accessed. Entitlement roles may be based on user groups, allowing for a similar access hierarchy.
A group profile contains a set of attributes. If a successor is specified when accessing a user profile, that group’s properties will be used if one is not explicitly set for the user. It is effectively a form of inheritance, with added flexibility in that more than one group may be specified as the successor.
See User Management component and user profile.
A region of a portal desktop that is outside the desktop's main body, usually positioned above the main body.
Heuristic completion such that all updates related to the transaction are committed.
See heuristic completion.
Unilateral decision by a resource, during the completion stage of a distributed transaction, to commit or roll back updates. This type of decision can leave distributed data in an indeterminate state. Network failures or transaction timeouts are possible causes for heuristic completion. Also referred to as heuristic decision.
See commit, distributed transaction, and rollback.
See heuristic completion.
Result of a heuristic completion such that the resource manager does not know whether at least one of the updates related to the transaction was rolled back or committed.
See heuristic completion.
Result of a heuristic completion such that some updates related to the transaction were rolled back and other updates were committed.
See heuristic completion.
Result of a heuristic completion such that all updates related to the transaction were rolled back.
See heuristic completion.
One of two interfaces for an enterprise bean, the home interface and the remote interface. The home interface defines zero or more methods for creating and removing an enterprise bean. For session beans, the home interface defines create and remove methods, while for entity beans, the home interface defines create, finder, and remove methods.
See remote interface.
The process of verifying that the name of the host to which an SSL connection is made is the intended or authorized party.
See Host Name Verifier and Secure Sockets Layer (SSL).
Code that validates that the host to which an SSL connection is made is the intended or authorized party. A Host Name Verifier is useful when a WebLogic Server client or a WebLogic Server instance acts as an SSL client to another application server. It helps prevent man-in-the-middle attacks. By default, WebLogic Server, as a function of the SSL handshake, compares the common name in the subject distinguished name (DN) of the SSL server's digital certificate with the host name of the SSL server used to initiate the SSL connection. If the subject DN and the host name do not match, the SSL connection is dropped.
See digital certificate, host name verification, Secure Sockets Layer (SSL), and Subject.
Intermediary that represents the Internet for outgoing HTTP requests and represents many IP destinations for incoming requests.
See internationalization (I18N).
See integrated development environment (IDE).
A function, f, is considered idempotent if f(f(x)) = x. Computer science defines a procedure as idempotent if it produces the same result every time it is performed with the same arguments.
This property is especially useful when dealing with a retry of a replicated object. When a communication failure occurs during an attempt to invoke a remote method, it is not always possible to know whether the failure occurred before or after the method invoked was completed on the server. If the failure occurred after the method completed on the server, a retry results in the same method being called twice (even if it is called on two servers).
Such behavior can produce incorrect results unless the method being invoked is idempotent. If a method is idempotent, then the process of invoking it multiple times with the same arguments is equivalent to invoking it only once.
Set of unique security attributes assigned to a principal. No two identities of principals may be identical. Principals may have several different kinds of identities, each of which must be unique.
Special type of authentication whereby a client’s identity is established through the use of client-supplied tokens that are generated from an outside source. Identity is asserted when these tokens are mapped to usernames. For example, the client’s identity can be established by using a digital certificate, and that certificate can be passed around the system so that users are not asked to sign on more than once. Thus, identity assertion can be used to enable single sign-on.
See authentication, digital certificate, Identity Assertion provider, single sign-on, SSL tunneling, and token.
A security provider that performs perimeter authentication—a special type of authentication using tokens. Identity Assertion providers also allow WebLogic Server to establish trust by validating a user. Thus, the function of an Identity Assertion provider is to validate and map a token to a username.
See perimeter authentication, security provider, token, and user.
See Internet Interoperability Protocol (IIOP).
See implementation.
Named object or class that defines the behavior for all operations and attributes of a supported interface. For example, my_object implements my_impl. Used with RMI to invoke a remote interface.
Properties stored in the WebLogic Personalization Server property tables that do not correspond to getter and setter methods.
Transactions whose behavior is automatically determined (or implied) by business process logic and which are not explicitly visible in a process diagram. When you build a business process, implicit transaction boundaries are formed based on where in the process you place blocking elements. The transaction boundaries within a business process change as you add process nodes to the business process.
See business process and explicit transaction.
Transactions whose behavior is automatically determined (or implied) by business process logic and which are not explicitly visible in a process diagram. When you build a business process, implicit transaction boundaries are formed based on where in the process you place blocking elements. The transaction boundaries within a business process change as you add process nodes to the business process.
See business process and explicit transaction.
Set of components (fundamental services) that support a higher-level set of components in a given computer system. The higher-level components are typically provide the function for which the whole system is used.
Security principal representing the end-user that interacts directly with an application. An end-user can authenticate the use of either a Web client or an application client.
See principal.
A software component in an active state. For example, a Java object is an
instance of a Java class. Similarly, a WebLogic Server instance is the
active state of a WebLogic Server configuration.
A variable in a Java class that can represent a different value for each
instance (object) of the class.
To transition a software component to an active state.
integrated development environment (IDE)
A software environment that supports the task of programming in the context of an existing application.
Ability of applications to share information or to process independently by requesting services and satisfying service requests. In a well-integrated system, each part has a purpose, and the parts combine effectively to achieve the purpose of the overall system.
Component used in a business process so that the process can communicate with other kinds of applications and components. Integration controls are available in WebLogic Workshop only if you are licensed to use WebLogic Integration.
The overarching term for portal personalization, campaigns, and events and behavior tracking. See Behavior Tracking and Personalization.
Static XML document that contains secondary metadata about a service. For a DBMS service adapter, for example, the interaction specification contains the SQL statement used to invoke a process on the database.
Preparation of software for proper behavior in multiple locales. Localization (L10N) is the presentation of text in a specific locale. It covers not only language, but collation, date and time formats, monetary formats, and character encoding.
The term I18N refers to the 18 letters between the i and the n in the word internationalization.)
Internet Interoperability Protocol (IIOP)
Protocol used by CORBA clients to communicate with ORBs over the World Wide Web.
One of several protocols in the TCP family. IP specifies the format of a packet (a piece of a message transmitted over a packet-switching network) and the addressin