2
Oracle Internet Application Server Services

To deliver application hosting, Web content, security, and integration, Oracle Internet Application Server includes services that support the Oracle Internet Platform. This chapter provides an overview of each service in Oracle Internet Application Server.

Contents

The services described in this chapter are:

• Communication Services

• Presentation Services

• Business Logic Services

• Data Management Services

• Developer's Kits

• System Services

Communication Services

These services handle all incoming requests received by Oracle Internet Application Server. Some of these requests are processed by Oracle HTTP Server and some requests are routed to other areas of Oracle Internet Application Server for processing. The major elements that support these services are described in the following sections and shown in Figure 2-1.

Figure 2-1 Communication Services in Oracle Internet Application Server

Oracle HTTP Server powered by Apache

Oracle Internet Application Server uses Oracle HTTP Server, which is powered by Apache Web server technology. Using the Apache server technology offers the following:

• Scalability: Because the Apache server is designed to be very scalable, it can be replicated across many middle-tier nodes.

• Stability: The Apache server is the defacto standard for Web listeners. Apache, an open source technology, has been continuously improved by a large community of developers since its first release. Consequently, Apache Web server technology is very stable.

• Speed: The compact design of the Apache server makes it very fast when it responds to requests, and it is possible to rapidly reconfigure Apache using graceful restart, which reloads the configuration files in seconds.

• Extensibility: The Apache server delegates the handling of HTTP requests to its modules (mods), which add functionality not included in the server by default. Using the Apache APIs, it is easy to extend Apache functionality. A large number of mods have already been created and are included on your CD-ROM. Although the default Apache HTTP server supports only stateless transactions, you can configure it to support stateful transactions by leveraging the functionality supplied by Apache JServ. (See Apache JServ.)

For detailed information about Oracle HTTP Server, refer to the Oracle HTTP Server documentation on your Documentation Library CD-ROM.

Oracle HTTP Server Modules (mods)

In addition to the compiled Apache mods provided with Oracle HTTP server, Oracle has enhanced several of the standard mods and has added Oracle-specific mods, which are described in the following sections.

mod_ssl

This module provides standard HTTPS that is fully supported by Oracle. It enables secure listener connections with an Oracle-provided encryption mechanism via the Secure Sockets Layer (SSL).

mod_plsql

This module routes PL/SQL requests to Oracle8i PLSQL service, which, in turn, delegates the servicing of requests to PL/SQL programs.

For detailed information, see Using mod_plsql on your Documentation Library CD-ROM.

mod_perl

This module forwards Perl application requests to the Perl Interpreter that is embedded in Oracle HTTP Server. The primary advantages of using mod_perl are power and speed. The embedded Perl Interpreter saves the overhead of starting an external interpreter, and the code caching feature, where modules and scripts are loaded and compiled only once, allows the server to run already-loaded and compiled code.

For detailed information, see the Apache mod_perl Documentation on your Documentation Library CD-ROM.

mod_jserv

This module routes all servlet requests to Apache JServ servlet engine that is embedded in Oracle HTTP Server. It can share servlets across multiple zones and ensures that requests get routed to the same servlet engine.

Presentation Services

These services deliver dynamic content to client browsers, supporting servlets, JavaServer Pages, Perl/CGI scripts, PL/SQL Pages, forms, and business intelligence. The major elements that support these services are described in the following sections and shown in Figure 2-2.

Figure 2-2 Presentation Services in Oracle Internet Application Server

Apache JServ

Apache JServ is a 100% pure Java servlet engine fully compliant with the Sun Microsystems Java Servlet APIs 2.0 specification. Apache JServ works on any version 1.1 compliant Java Virtual Machine and executes any Java servlet compliant with version 2.0.

When the HTTP server receives a servlet request, it is routed to mod_jserv, which in turn forwards the request to the Apache JServ servlet engine.

For detailed information about Apache JServ, see the Apache JServ Documentation on your Documentation Library CD-ROM.

OracleJSP (JavaServer pages)

As Sun Microsystems explains, JavaServer Pages technology extends Java Servlet technology, and supports the use of Java calls and scriptlets within HTML and XML pages. Using JSP pages, you can combine static template data with dynamic content to create user interfaces. JSP pages support component-based development, separating business logic (usually in JavaBeans) from the presentation, thus allowing developers to focus on their areas of expertise. Consequently, JSP developers (who may not know Java) can focus on presentation logic, while Java developers can focus on business logic.

For general information about JavaServer Pages, refer to the JavaServer Pages Specification (available from http://java.sun.com).

OracleJSP is a complete implementation of JavaServer Pages 1.1 as specified by Sun Microsystems. Moreover, OracleJSP extends the 1.1 specification and provides these benefits:

• Portability between Servlet Environments: OracleJSP pages are supported on all Web servers that support Java servlets built to the 2.0 or higher specification. Consequently, you can migrate your existing JSP pages 1.0-compliant code to Oracle Internet Application Server without rewriting it.

• Support for SQLJ: SQLJ is a standard syntax for embedding SQL commands directly into Java code. OracleJSP supports SQLJ programming in JSP scriptlets. This includes support for an additional file name extension, .sqljsp, which results in OracleJSP translator invoking Oracle SQLJ translator.

• OracleJSP Markup Language (JML): As a sample tag library, Oracle provides the JML tag set which allows developers to use loop, conditional, and other high-level programming logic without having to know Java syntax.

• Extended National Language Support (NLS): OracleJSP provides extended NLS support for servlet environments that cannot encode multibyte request parameters and bean property settings. For such environments, OracleJSP offers the translate_params configuration parameter, which can be enabled to direct OracleJSP to override the servlet container and do the encoding itself.

• Extended Datatypes: OracleJSP provides the JmlBoolean, JmlNumber, JmlFPNumber, and JmlString JavaBean classes in the oracle.jsp.jml package to wrap the most common Java datatypes. These extended datatypes provide a way to work around the limitations of Java primitive types and wrapper classes in the standard java.lang package.

• Custom JavaBeans: OracleJSP includes a set of custom JavaBeans for accessing an Oracle database.

For detailed information about OracleJSP, see the OracleJSP Developer's Guide on your Documentation Library CD-ROM.

Oracle PL/SQL Server Pages (PSP)

PL/SQL server pages are analogous to JavaServer Pages, but they use PL/SQL rather than Java for the server-side scripting. Oracle PSP includes the PSP Compiler and the PL/SQL Web Toolkit. Using this service when developing applications, you can separate page format from application logic.

Starting with an existing Web page, or with an existing stored procedure, you can create dynamic Web pages. These dynamic Web pages can perform database operations and display the results as HTML, XML, plain text, or some other document type that your browser has been configured to recognize. Typically, a PL/SQL server page is intended to be displayed in a Web browser. However, it could also be retrieved and interpreted by a program that can make HTTP requests, such as a Java or Perl application.

A PSP file can contain whatever content you like, with text and tags interspersed with PSP directives, declarations, and scriptlets:

• In the simplest case, it is nothing more than an HTML file or an XML file. Compiling it as a PSP produces a stored procedure that outputs the exact same HTML or XML file.

• In the most complex case, it is a PL/SQL procedure that generates all the content of the Web page, including the tags for title, body, and headings.

• In the typical case, it is a mix of HTML or XML (which provide the static parts of the page) and PL/SQL (filling in the dynamic content).

You can author the Web pages in a script-friendly HTML authoring tool, and drop the pieces of PL/SQL code into place. Embedding the PL/SQL code in the HTML page that you create lets you write content quickly and follow a rapid, iterative development process.

For detailed information about Oracle PL/SQL Server Pages, see the Oracle8i Application Developer's Guide - Fundamentals in the Oracle8i database documentation set.

Perl Interpreter

A persistent Perl runtime environment that is embedded in Oracle HTTP Server, thus saving the overhead of starting an external interpreter. When Oracle HTTP Server receives a Perl request, it is routed to mod_perl, which, in turn, routes the request to the Perl Interpreter for processing.

For detailed information about the Perl Interpreter, see the Apache mod_perl Documentation on your Documentation Library CD-ROM.

Oracle Portal (formerly Oracle WebDB)

Oracle Portal provides portal services for Oracle Internet Application Server. A portal is a common, integrated entry point for accessing dissimilar data types on a single Web page. For example, you can create portal Web pages that give users access to Web-enabled applications, business documents, images, and URLs which reside both inside and outside your corporate intranet.

Note: Currently, Oracle Portal is only available on the Windows NT version of Oracle Internet Application Server. In subsequent releases, other platforms are supported.

Create and Manage Web Sites and Portals

Oracle Portal includes all of the tools to create, administer, and maintain Web sites and portals, allowing you to:

• Offer self-service content publishing: content creators can upload files themselves; no technical expertise or knowledge of HTML is required.

• Customize your portals: if you want to maintain a standardized corporate look and feel, individual privilege levels for content creators can be reduced or eliminated by Oracle Portal administrators.

• Control document collaboration: when multiple users are editing the same documents, Oracle Portal supports item version control, item check-in and check-out, item expiration, publishing approval, and item publish dates.

• Secure your content: Oracle Portal offers various levels of access to content, from full ownership of a folder to view-only privileges.

• Build applications that display your database data: Oracle Portal provides wizards so you can quickly build application components regardless of your programming knowledge.

For detailed information about Oracle Portal, see the Oracle Portal documentation on your Documentation Library CD-ROM.

Business Logic Services

These services support your application logic. The following sections describe the major elements that provide business logic services in Oracle Internet Application Server. The major elements that support these services are described in the following sections and are shown in Figure 2-3.

Figure 2-3 Business Logic Services in Oracle Internet Application Server

Oracle BC4J (Business Components for Java)

Oracle BC4J is a 100%-Java, XML-powered framework that enables productive development, portable deployment, and flexible customization of multi-tier, database-enabled applications from reusable business components. Application developers can use this framework to:

• Author and test business logic in components that automatically integrate with databases.

• Reuse business logic through multiple SQL-based views of data that support different application tasks.

• Access and update the views from servlets, JavaServer Pages (JSPs), and Thin-Java Swing clients.

• Customize application functionality in layers without modifying the delivered application.

Once developed, these application services can then be deployed as either EJB Session Beans or CORBA Server Objects on Oracle Internet Application Server.

For detailed information about Oracle BC4J and how to use it, see the Oracle BC4J documentation on your Documentation Library CD-ROM.

Oracle8i JVM

Designed as a highly scalable, server-side Java platform, Oracle8i JVM is an enterprise-class 100% Java-compatible server environment that supports Enterprise JavaBeans, CORBA, and database stored procedures. Oracle8i JVM achieves high scalability through its unique architectural design, which minimizes the burden and complexity of memory management when the number of users increases.

Using Oracle8i JVM provides a number of advantages:

• Enhanced garbage collection algorithms that facilitate more efficient memory allocation.

• Support for concurrent, stateful, conversational clients.

• All common resources shared across multiple user sessions so only one Java Virtual Machine needs to run to provide user session support.

• No multi-threaded applications are necessary because the Oracle8i JVM environment handles load balancing.

Oracle8i JVM is the common foundation for running Java and Java services in Oracle Internet Application Server and Oracle8i. Consequently, components can be moved across tiers seamlessly without having to change any code for better performance.

For detailed information on Oracle8i JVM and its Java environment, see the Oracle8i JVM documentation on your Documentation Library CD-ROM.

Oracle8i PLSQL

Oracle8i PLSQL is a scalable engine for running business logic against data in Oracle8i Cache and Oracle8i database. It provides an environment that enables users to use their browsers to invoke PL/SQL procedures stored in Oracle databases. The stored procedures can retrieve data from tables in the database and generate HTML pages that include the data to return to the client browser.

For detailed information on Oracle8i PLSQL, see Using mod_plsql on your Documentation Library CD-ROM.

Oracle Forms Services

Using Oracle Forms Services, you can run applications based on Oracle Forms technology over the Internet or over your corporate intranet. On the application server tier, Oracle Forms Services consist of a listener and a runtime engine, where the application logic is stored. On the client tier, Oracle Forms Services consist of a thin Java-based Forms client (Java applet) that provides the user interface for the runtime engine, and Oracle JInitiator, a Java plug-in that provides the ability to specify the use of a specific Java virtual machine on the client.

In Oracle Internet Application Server, when a user submits a URL to launch an Oracle Forms-based application, the Web listener accepts the request and downloads the Oracle Forms applet to the user's browser. Then the Oracle Forms applet establishes a persistent connection to an Oracle Forms runtime engine. All processing takes place between the Oracle Forms client applet and the Oracle Forms Services runtime engine, seamlessly handling any queries or commits to the database.

For detailed information, see the Oracle Forms Services documentation on your Documentation Library CD-ROM.

Oracle Reports Services

Using Oracle Reports Services and its Reports Servlet services, you can run new and existing Oracle Reports Developer reports on an internal company intranet, an external company extranet, or on the Internet. Oracle Reports Services is optimized to deploy Oracle Reports Developer applications (Reports and Graphics) in a multi-tiered environment. It consists of the server component, runtime engines, and the servlet runner.

In Oracle Internet Application Server, when a client submits a request for a report, the Oracle HTTP Server Web listener routes that request to the Oracle Reports Services server component. The server routes the request to the Oracle Reports Services runtime engine, which runs the report. Then the report output is sent back to the client via the Oracle HTTP Server Web listener.

For detailed information, see the Oracle Reports Services documentation on your Documentation Library CD-ROM.

Oracle Discoverer 3i Viewer

Oracle Discoverer 3i Viewer is a runtime environment for running and viewing Oracle Discoverer workbooks (reports) over the Web that have been created with Oracle Discoverer 3i User edition. Using Discoverer Viewer, Web authors can access database information to embed in their sites without being database experts. They can publish live reports to Web sites by creating a URL that indicates to Discoverer Viewer which workbooks to open. Clicking the URL invokes the workbook query to the database and returns live results to the user's browser. Users interact with the query results to show more or less detailed information, to enter values into parameters, or to follow links to other applications.

Note: Currently, Oracle Discoverer 3i Viewer is available in the Windows NT and SPARC Solaris versions of Oracle Internet Application Server. In subsequent releases, other UNIX platforms are supported.

Using Discoverer Viewer, you can:

• Run workbooks that have been saved in the database dynamically

• Print workbooks

• Export workbooks to various file formats

• Perform drill-down analysis

• Drill out to data held in other applications, such as Web pages or business documents

• Leverage the security features of Oracle HTTP Server and the database (supports SSL, x.509, and other standard Web security protocols)

• Embed workbooks into portals, such as Oracle Portal

Architecture Overview

Discoverer Viewer supports an HTML client and consists of two pieces:

• Discoverer Viewer Servlet

• Discoverer Service

When users request Oracle Discoverer workbooks, the Viewer servlet, which runs on Oracle HTTP Server (Apache JServ servlet engine), interprets the HTTP request and makes the necessary calls to the Discoverer Service. The Discoverer Service response is represented in XML (Extensible Markup Language), which the servlet generates. Then the XML response is sent to an XML/XSL (Extensible Stylesheet Language) processor. This combines the XML with XSL configuration files that define the user interface. Then the processor generates HTML to send back to the client browser. The Discoverer Viewer user interface can be customized for individual sites by defining or editing the XSL configuration files.

The Discoverer Viewer servlet and Discover Service can both run on the same machine (with Oracle HTTP Server), if necessary. However, they are designed to be deployed on separate and multiple machines so Oracle HTTP Server can be replicated using standard Web farm techniques. If you deploy the Discoverer Viewer servlet and Discoverer Service on separate machines, then Discoverer Service can be replicated and Discoverer Service sessions can be started on alternate machines to balance the load. This allows your implementation to support large numbers of Discoverer Viewer users.

Workbook Accessibility

Because Discoverer Viewer is an application built using standard Web technologies, all the usual features of your browser are available. Favorite workbooks can be bookmarked or embedded in other Web pages. Font sizes and link styles can be changed simply by changing your browser options. Discoverer Viewer uses no Java, no JavaScript, and no frames, so any browser can be used.

For detailed information about Oracle Discoverer 3i Viewer, see the Oracle Discoverer 3i Viewer documentation on your Documentation Library CD-ROM.

Data Management Services

To reduce the load on the back-end database instance, and to avoid network roundtrips for read-only data, Oracle Internet Application Server includes Oracle8i Cache. This service runs stateful servlets, JavaServer Pages, Enterprise JavaBeans, and CORBA objects.

Figure 2-4 shows the data management services in Oracle Internet Application Server.

Figure 2-4 Data Management Services in Oracle Internet Application Server

The following section contains information about Oracle8i Cache.

Oracle8i Cache

Oracle8i Cache is a data cache that resides on the middle tier as a component of Oracle Internet Application Server. It improves the performance and scalability of applications that access Oracle databases by caching frequently used data on the middle-tier machine. With Oracle8i Cache, your applications can process several times as many requests as their original capacity because round-trips to the database are greatly reduced.

Who Should Use Oracle8i Cache?

If your applications meet the following criteria, you can use Oracle8i Cache to boost the scalability of your Web sites and the performance of your applications:

• Your applications access Oracle databases.

• You use a multiple-tier environment, where the clients, Oracle Internet Application Server, and Oracle database servers are located on separate systems.

• Your applications communicate with an Oracle database through Oracle Call Interface (OCI), or an access layer built on OCI, like JDBC-OCI, ODBC, or OLE. The applications can be written using scripting or programming languages.

• Web or application users generate mostly read-only queries.

• Your applications can tolerate some synchronization delay with data in the origin database. That is, the cache does not need to be as up-to-date as the data in the origin database. (You decide how often to refresh the data.)

Performance and Scalability Benefits

Using Oracle8i Cache in the middle tier provides a number of performance and scalability benefits. The most significant benefits are listed below.

• Processing database queries on the middle tier reduces time spent sending and receiving data over the network so hardware resources are used more efficiently.

• Reducing the load on the database server tier means that existing databases can support more users.

For detailed information about Oracle8i Cache, see the Oracle8i Cache Concepts and Administration Guide on your Documentation Library CD-ROM.

Developer's Kits

To support application development and deployment, several toolkits containing libraries and tools are included in Oracle Internet Application Server. These services are described in the following sections and are shown in Figure 2-5.

Figure 2-5 Developer's Kits in Oracle Internet Application Server

Oracle Database Client Developer's Kit

Oracle Database Client Developer's Kit contains client libraries for Oracle8i and the Java client libraries (JMS, SQLJ, and JDBC) described in the following sections.

Oracle Java Messaging Service (JMS) Toolkit

Oracle JMS extends the standard Sun Microsystems Java Message Service specification, version 1.02 as defined by Sun Microsystems. In addition to the standard JMS features, Oracle JMS provides a Java API for Oracle Advanced Queuing (AQ). This API supports the AQ administrative operations and other AQ features including:

• An administrative API to create queue tables, queues, and topics.

• Point-to-multipoint communication (extends the standard point-to-point), using recipient lists for topics.

• Message propagation between destinations, which allows applications to define remote subscribers.

• Support for transacted sessions so you can perform JMS as well as SQL operations in one atomic transaction.

• Message retention after messages have been dequeued.

• Message delay so you can make messages visible after a specified time.

• Exception handling so messages can be moved to exception queues if they cannot be processed successfully.

• Support for Oracle8i AdtMessages message types. (These are stored in the database as Oracle objects. Consequently, the payload of the message can be queried after it is enqueued. Subscriptions can be defined on the contents of these messages in addition to the message properties.)

For detailed information on Oracle Java Messaging Service, see the Oracle8i Application Developer's Guide - Advanced Queuing in the Oracle8i documentation set.

Oracle SQLJ Translator

Oracle SQLJ is a preprocessor that developers can use to embed static SQL operations in Java code. A SQLJ program is a Java program that contains embedded static SQL statements which comply with the ANSI-standard SQLJ Language Reference syntax. Static SQL operations are predefined--the operations themselves do not change in real-time as a user runs the application, although the data values transmitted can change dynamically.

Oracle SQLJ consists of a translator and a runtime component. The translation process replaces embedded SQL with calls to the SQLJ runtime, which implements the SQL operations. In standard SQLJ, this is typically done through calls to a JDBC driver. In the case of Oracle Internet Application Server, you use an Oracle JDBC driver [see "Oracle Java Database Connectivity (JDBC) Drivers" in the next section]. When end users run SQLJ applications, the runtime is invoked to handle the SQL operations.

Oracle SQLJ Translator

is a precompiler, which developers run after creating SQLJ source code. The translator checks the following:

• Syntax of the embedded SQL.

• SQL constructs, against a specified database schema to ensure consistency within a particular set of SQL entities (optional). For example, it verifies table names and column names.

• Datatypes, to ensure that the data exchanged between Java and SQL have compatible types and proper type conversions.

The translator, written in pure Java, supports a programming syntax that allows you to embed SQL operations inside SQLJ executable statements. SQLJ executable statements and SQLJ declarations are preceded by the # sql token and can be interspersed with Java statements in a SQLJ source code file.

The translator produces a .java file and one or more SQLJ profiles, which are serialized Java resources that contain details about the embedded SQL operations in your SQLJ source code. After the translator produces the .java file and the profiles, SQLJ automatically invokes a Java compiler to produce .class files from the .java file.

Oracle SQLJ Runtime

is a thin layer of pure Java code that runs above the JDBC driver. When Oracle SQLJ translates your SQLJ source code, embedded SQL commands in your Java application are replaced by calls to the SQLJ runtime. Runtime classes act as wrappers for equivalent JDBC classes, providing special SQLJ functionality. When the end user runs the application, the SQLJ runtime acts as an intermediary, reading information about your SQL operations from the profile and passing instructions along to the JDBC driver.

A SQLJ runtime can be implemented to use any JDBC driver or vendor-proprietary means of accessing the data cache or origin database. Oracle SQLJ runtime requires a JDBC driver but can use any standard JDBC driver. To use Oracle-specific database types and features, however, you must use an Oracle JDBC driver.

For detailed information about Oracle SQLJ, see the Oracle 8i SQLJ Developer's Guide and Reference on your Documentation Library CD-ROM.

Oracle Java Database Connectivity (JDBC) Drivers

JDBC is a database access API that enables you to connect to a database and then prepare and execute SQL statements against the database. Core Java class libraries provide the interfaces and Oracle JDBC drivers implement those interfaces to access an Oracle database.

Oracle JDBC drivers are described in Table 2-1:

Table 2-1 Oracle JDBC Drivers  

Driver	Description
JDBC Thin Driver	You can use the JDBC thin driver to write 100% pure Java applications that access Oracle SQL data. You can use it for EJBs in the database. The JDBC thin driver is especially well-suited to Web browser-based applications because you can dynamically download it from a Web page.
JDBC Oracle Call Interface Driver	The JDBC Oracle Call Interface (OCI) driver accesses Oracle-specific native code (that is, non-Java) libraries on the client or in the middle tier, providing a richer set of functionality and some performance boost compared to the JDBC thin driver, at the cost of significantly larger size.
JDBC Server-side Internal Driver	Oracle8i JVM uses the JDBC server-side internal driver when Java code runs on Oracle Internet Application Server. It allows Java applications running in Oracle8i JVM to access locally defined data (that is, on the same machine and in the same process) with JDBC. It provides a further performance boost because of its ability to use underlying Oracle RDBMS libraries directly, without the overhead of an intervening network connection between your Java code and SQL data. This driver can also be used for EJBs in Oracle8i JVM.

For detailed information on the Oracle JDBC drivers and Oracle extensions to the standard JDBC API, see the Oracle 8i JDBC Developer's Guide and Reference on your Documentation Library CD-ROM.

Oracle XML Developer's Kit

Oracle XML Developer's Kit (XDK) contains XML (Extensible Markup Language) component libraries and utilities that you can use to XML-enable applications and Web sites. The XDK in the Oracle Internet Application Server contains the components described in Table 2-2.

Table 2-2 XDK Components in Oracle Internet Application Server  

XDK Component	Description
XML Parser for Java	Parses XML documents or stand-alone Document Type Definitions (DTDs) so Java applications can process them. This parser uses industry standard Document Object Model (DOM) and Simple API for XML (SAX) interfaces. DOM APIs permit applications to access and manipulate an XML document as a tree structure in memory. This interface is used by such applications as editors. SAX APIs permit an application to process XML documents using an event-driven model.
XML Class Generator for Java	Automatically generates Java class source files from XML DTDs. Using these classes, Java applications can construct, validate, and print XML documents that comply with the input DTD. The class generator works in conjunction with the parser, which parses the DTD and passes the parsed document to the class generator.
XML Transviewer JavaBeans	Displays and transforms XML documents and data via Java components to add graphical or visual interfaces to XML applications. The included beans are: DOM Builder Bean: Encapsulates the Java XML Parser with a bean interface and extends its functionality to permit asynchronous parsing. By registering a listener, Java applications can parse large or successive documents having control return immediately to the caller. TreeViewer Bean: Displays XML formatted files graphically as a tree. SourceViewer Bean: Displays XML files with color syntax highlighting when modifying an XML document with an editing application. XSL Transformer Bean: Transforms an XML document to other text-based formats, including HTML and DDL, by applying an XSL (Extensible Stylesheet Language) stylesheet.
XSQL Servlet	Processes SQL queries and outputs the result set as XML. This processor is implemented as a Java servlet and takes as its input an XML file containing embedded SQL queries.

For detailed information about this service, see the Oracle XML Developer's Kit documentation on your Documentation Library CD-ROM.

Oracle LDAP Developer's Kit

This service supports client interaction with Oracle Internet Directory, the Oracle LDAP (Lightweight Directory Access Protocol), version 3-compliant directory server product. Oracle Internet Directory combines a native implementation of the Internet Engineering Task Force's (IETF) LDAPv3 standard with an Oracle8i back-end data store.

Specifically, you can use Oracle LDAP Developer's Kit to develop and monitor LDAP-enabled applications. It supports client calls to directory services, encrypted connections, and you can use it to manage your directory data. Oracle LDAP Developer's Kit contains the following subcomponents:

Oracle Internet Directory C API

An LDAP C API that is based on the Internet Engineering Task Force (IETF) RFC 1823. This component supports client calls to directory services from a standard C programming environment.

JNDI 1.2 (Java Naming and Directory Interface)

Sun Microsystems programming interface that enables Java-based programs to communicate directly with LDAP servers such as Oracle Internet Directory. (See http://java.sun.com/products/jndi for documentation about JNDI.)

SSL Toolkit

Standards-based extensions to the LDAP API that enable one-way, two-way, and simple encrypted connections to directory services.

Oracle Internet Directory Command Line Tools

A set of LDAP-compliant command line tools that you can use for querying and returning results from Oracle Internet Directory.

Oracle Directory Manager

An Oracle Java-based application for managing data stored in Oracle Internet Directory.

For information about these Oracle LDAP Developer's Kit services, refer to the documentation listed below:

For information about...	Refer to...
Oracle Internet Directory C API SSL Toolkit Oracle Internet Directory Command Line Tools	Oracle Internet Directory Application Developer's Guide (located on your Documentation Library CD-ROM)
Oracle Directory Manager	Oracle Internet Directory Administrator's Guide

System Services

To provide system management and security services, Oracle Internet Application Server includes Oracle Enterprise Manager and Oracle Advanced Security. These system services provide a comprehensive management framework for your entire Oracle environment and network security via SSL (Secure Sockets Layer)-based encryption and authentication facilities. The major elements that support these services are described in the following sections and shown in Figure 2-6.

Figure 2-6 System Services in Oracle Internet Application Server

Oracle Enterprise Manager

Oracle Enterprise Manager is a system management tool that provides an integrated solution for centrally managing your Oracle platform. Combining a graphical console, Oracle Management Servers, Oracle Intelligent Agents, common services, and administrative tools, Oracle Enterprise Manager provides a comprehensive systems management platform for managing your Oracle products.

In Oracle Internet Application Server, you use Oracle Enterprise Manager console, a graphical interface, to manage Oracle8i Cache, Oracle Forms Services, and the host operating system.

From the client interface, Oracle Enterprise Manager console, you can perform the following tasks:

• Centrally manage, administer, and diagnose Oracle Internet Application Server Oracle8i Cache and Oracle Forms Services

• Effectively monitor and respond to the status of your Oracle family of products and third-party services

• Schedule activities on multiple nodes at varying time intervals

• Monitor networked services for events

• Customize your display by organizing your server components and services into logical administrative groups

Three-Tier Architecture

Oracle Enterprise Manager architecture consists of a three-tier framework, which is described in Table 2-3.

Table 2-3 Oracle Enterprise Manager Three-Tier Architecture

Tier	Description
1st-tier Console	Provides a graphical interface for administrators. This tier includes Cache Manager console for managing Oracle8i Cache. For information about Cache Manager console, see the Oracle8i Concepts and Administration Guide on your Documentation Library CD-ROM.
2nd-tier Management Servers1	Provides a scalable middle tier for processing all system management tasks.
3rd-tier Intelligent Agents2	Monitors databases and services on each node, and executes tasks received from the Management Server.

1 Only available with Oracle Internet Application Server Enterprise edition. 2 Intelligent Agents support Simple Network Management Protocol (SNMP), enabling third-party applications to communicate with the agent and be managed along with Oracle services.

Note: For this release, Oracle8i Cache and Oracle Forms are the only services in Oracle Internet Application Server that you can manage using Oracle Enterprise Manager. If you do not plan to use Oracle8i Cache or Oracle Forms Services, then you are not required to deploy Oracle Enterprise Manager.

Benefits of Oracle Enterprise Manager

This system management tool enables administrators to maintain the highest level of performance and availability while controlling system management costs. The major benefits of Oracle Enterprise Manager are:

• Single point of management

• Multi-administrator system support

• Scalability for growing, distributed environments

• Extensible architecture

• Automated lights-out administration

• Autonomous Intelligent Agents

• Ease of use

  For information about...	Refer to...
  Oracle Enterprise Manager	Oracle Enterprise Manager documentation on your Documentation Library CD-ROM
  Cache Manager	Oracle8i Cache Concepts and Administration Guide on your Documentation Library CD-ROM.

Oracle Advanced Security

Oracle Advanced Security provides a comprehensive suite of security services for Oracle8i Cache, Oracle8i JVM, and Oracle8i PLSQL. Its functionality is twofold. First, network security features protect enterprise networks and securely extend corporate networks to the Internet. Second, it integrates security and directory services, combining to provide enterprise user management and single signon.

Network Security

• Data Privacy

  Oracle Advanced Security ensures that data is not disclosed during transmission using the following encryption types:

  • RSA Encryption: Oracle Advanced Security provides RSA RC4 with 128-bit, 56-bit, and 40-bit keys.

  • DES Encryption: Oracle Advanced Security offers a standard, optimized 56-bit key DES (Data Encryption Standard) encryption algorithm and supports DES40 for backwards compatibility.

• Data Integrity

  Oracle Advanced Security makes it virtually impossible for an intruder to modify, delete, or replay packets without detection. During transmission, Oracle Advanced Security generates a cryptographically secure message digest through cryptographic checksums using the MD5 algorithm. Then, the secure message digest is included with each packet sent across the network.

• Authentication

  Oracle Advanced Security provides strong authentication of Oracle users support for third-party authentication services. The following authentication methods are supported:

  SSL with X.509v3 certificates	RADIUS
  Kerberos and CyberSafe	Smart Cards (RADIUS-compliant)
  Token Cards (SecurID- or RADIUS-compliant)	Biometrics (Identix- or RADIUS-compliant)
  DCE (Distributed Computing Environment)

• Single Signon

  Oracle Advanced Security provides single signon where the user authenticates once, then strong authentication occurs transparently in subsequent connections to other databases or services. Using single signon, users can access multiple accounts and applications with a single password. Oracle Advanced Security supports many forms of single signon, including Kerberos and CyberSafe, as well as SSL-based single signon.

• Authorization

  Once users are authenticated, they are then authorized to access only those services permitted by a corporate or business policy as found in a policy repository. Authorizations are provided with some of the third-party authentication solutions, such as DCE (Distributed Computing Environment), as well as with the enterprise user security functionality in Oracle Advanced Security.

Enterprise User Security

Oracle Advanced Security integrates with LDAP v3-compliant (Lightweight Directory Access Protocol) directory services, such as Oracle Internet Directory, for enterprise user management, enterprise role management, and single signon.

• Single Signon

  Oracle Advanced Security provides SSL-based (Secure Sockets Layer) single signon for Oracle users by virtue of integration with LDAP v3-compliant directory services. Integrated security and directory services and Oracle PKI (Public Key Infrastructure) implementation in Oracle Advanced Security enable SSL-based single signon to Oracle8i databases. Single signon enables users to authenticate once at the initial connection and subsequent connections authenticate the user transparently based on his or her X.509 certificate. This brings ease of use to the users and single station administration for the administrator with centralized management of users and authorizations.

• Enterprise User Management

  Oracle Advanced Security provides enterprise user management, allowing administrators to centrally manage users on a central directory service, rather than repeatedly managing the same users on individual databases. Using Oracle Enterprise Security Manager, a tool accessible through Oracle Enterprise Manager, enterprise users and their authorizations are managed in Oracle Internet Directory or other LDAP v3-compliant directory services. Enterprise users can be assigned enterprise roles that determine their access privileges in a database, and enterprise roles can be granted to one or more enterprise users.

• Schema-Independent Users

  Oracle Advanced Security allows the separation of users from schemas so that many enterprise users can access a single, shared application schema. Instead of creating a user account in each database that a user needs to access, administrators only need to create an enterprise user in the directory and point the user at a shared schema, which many other enterprise users can also access. This allows administrators to create an enterprise user once in the directory. Then that enterprise user can access multiple databases using only the privileges he or she needs, thus lowering the overhead of managing users in an enterprise.

• PKI Credential Management

  Oracle Wallet Manager provides secure management of PKI user credentials. It issues certificate requests to Certificate Authorities (CA), manages the X.509 certificates and trusted certificates, and creates a private and public key pair for users. In most cases, a user never needs to access a wallet once it has been configured, but can easily access a wallet using Oracle Enterprise Login Assistant, a login tool that hides the complexity of a private key and certificates from users. Users can then connect to multiple services over SSL without providing additional passwords. This provides the benefit of strong, certificate-based authentication as well as single signon.

• Directory Integration

  An Oracle Advanced Security license provides the use of Oracle Internet Directory to store and manage users and their authorizations. It supports enterprise user management with Oracle Internet Directory, which is fully integrated with Oracle8i. Additionally, Oracle Advanced Security supports other leading LDAP-compliant directories.

For more information, see the Oracle Advanced Security Administrator's Guide in the Oracle8i documentation set.

For information about using

Oracle Internet Application Server services, see Chapter 3, "Developing Applications for Oracle Internet Application Server".