JNDI

Java Naming and directory interface(JNDI)
JNDI provides a common-denominator interface to many existing naming services.
Existing naming services are
1)DNS 2)LDAP 3)NIS

JNDI is an API specified in java technology that provides naming and directory functionality to applications written in the java programming language.It is designed especially for the java platform using java's object model.Using JNDI,applications based on java technology can store and retrieve named java objects of any type.In addition,JNDI provides methods for performing standard directory operations,such as associating atttributes with objects and searching for objects using their attributes.

Common Terms

Domain: The basic organizational unit in which the deployed resources are administered.It consists of one or more Weblogic server instances, and logically related resources and services that are managed,collectively,as one unit.

Machine: hosts the weblogic software,which is installed on the machine and on which weblogic server instances run,applications,database and RDBMS,and other software used in the environment.

Administration Server: one instance of weblogic server in each domain acts as an administration server,providing a central point for managing all server instances.


Managed server: hosts application components and resources in a domain,a machine may host multiple managed servers.

Node manager: a java program provided with weblogic server that enables you to start , stop, and monitor remote weblogic server instances.to enable these capabilities,you run an instance of node managemer on each physical machine in your domain. 

cluster: consists of multiple server instances running simultaneously and working together to provide increased scalability and reliability.A cluster appears to clients as a single weblogic server instance.The server instances that constitute a cluster can run on the same machine,or be located on different machines.

note: the administration server can never be a member of a cluster.


Database: Hosts application and system data.Weblogic platform supports common RDBMS systems for databases,such as PointBase,Oracle,Microsoft SQL Server,DB2 and Sybase.Interaction with an RDBMS is enabled via weblogic JDBC.


Load Balancer/Proxy : Distributes client connection requets,provides load balancing and failover across the cluster, and provides security by concealing the local area network addresses from external users.

SSL notes

the secure socket layer protocol was created by netscape to ensure secure transactions b/w webservers and browsers.The protocol uses 3rd party,a certificate authority(CA),to identify one end or both ends of the transactions.

how it works?
steps:
1. a browser requests a secure page.
2. the webserver sends its public key with its certificate.
3. the browser checks the certificate was issued by a trusted party(usually a trusted root CA),that the certificate is still valid and that the certificate is related to the site contacted.
4. the browser then uses the public key,to encrypt a random symmetric encryption key and sends it to the server with the encrypted url required as well as other encrypted http data.
5. the web server decrypts the symmetric encryption key using its privete key and uses the symmetric key to decrypt the url and http data.
6. the web server sends back the requested html document and http data encrypted with the symmetric key.
7. the browser decrypts the http data and html document using the symmetric key and displays the information.

the encryption using a private key/public key pair ensures the data can be encrypted by one key but can only be decrypted by the other key pair.The keys are similar in nature and can be used alternatively;what one key encrypts,the other key pair can decrypt.The key pair is based on prime numbers and their length in terms of bits ensures the difficulty of being able to decrypt the message without the key pairs.The trick in a key pair is to keep one key secret (private key) and to distribute other key (public key) to every body.

A certificate, contains information about the owner of the certificate,like e-mail address,owner's name,certificate usage,duration of validity,resource location or Distinguished Name(DN)which includes the Common Name(CN)(web site address or e-mail address depending of the usage)and the certificate ID of the person who certifies this information.It contains also the pyblic key and finally a hash to ensure that the certificate has not been tampered with.

A certificate authority is an entity which issues digital certificates to organizations or people after validating them.Certification authorities have to keep detailed records of what has been issued and the information used to issue it, and are audited regularly to make sure that they are following defined procedures.Every certification authority provides a Certification Practice Statement(CPS) that defiles the procedures taht will be issued to verify applications .there are many commercial CAs that charge for their services,Institutuions and governments may have their own CAs,and there are also free certificate authorities.