Features Roadmap

Networking and Connectivity

The security, servlet, JDBC, Java IDL, and RMI APIs let you safely interact with resources on the Internet, on the network, and in databases.

Security Architecture

New JDK releases continue to enhance the security features inherent in the Java language and built into the Java platform. JDK 1.0.2 restricts applets to a secure environment or sandbox so they cannot access local system resources outside their sandbox, and JDK 1.1 provides digitally signed Java ARchive (JAR) files to sign and verify the signature on applet and application files.

JDK 1.2 introduces a strong security model and accompanying tools so end users and system administrators can extend the security policy to applications and determine how much access to system resources an applet or Java application can have. The JDK 1.2 security policy is easy to configure, provides fine-grain access control, and applies to all Java applets and applications.

JDK 1.2 security tools:

• Key Tool for creating a database of keys.
• JAR Signer for signing JAR files.
• Policy Tool for granting access to system resources.

Cryptography APIs

Cryptography is the study of encryption and decryption. Encryption is the process of transforming original text into unintelligible text, and decryption is the process of transforming unintelligible text into original text.

JDK 1.1 provides APIs for digital signatures and message digests. Digital signatures are an authentication tool that verifies the origin of a message and the identity of the sender and receiver. Message digests are a mechanism to ensure that the message received by way of the network exactly matches the message that was sent.

JDK 1.2 Java Cryptography Architecture (JCA) framework builds on these features to provide a full range of cryptographic services and algorithms to keep messages sent over the network secure. The JCA has been significantly extended with additional classes and methods to support the new policy-oriented architecture, and introduce a wider range of cryptographic functionality including third-party cryptographic services and key management. JDK 1.2 also upgrades the certificate management infrastructure to support X.509 v3 certificates.

Servlets

The Servlets APIs let you extend server functionality. Servlets can be implemented to extend a web server's functionality in the same way Common Gateway Interface (CGI) scripts do. For example, a servlet can process data entered into a form on an HTML page and store it in a database. Unlike CGI scripts, however, servlets use fewer resources, are faster, and because they are coded entirely in the Java language, work seamlessly across multiple hardware, software, and server platforms.

The Java Servlet APIs are a new standard extension that downloads with JDK 1.2. Now you have access to the Servlets APIs through JDK 1.2 and the Java Web Server^TM software. Either way, there are no new features and only minor API changes.

JDBC

The JDBC APIs make it possible to send SQL statements to a database and to process the results that are returned. The APIs provide uniform access to a wide range of relational databases, and provides a common base upon which database tools can be built.

The JDBC API implementation includes a driver manager to support multiple drivers that mediate the connections between the JDBC APIs and different databases. A driver can be written entirely in the Java language so it can be downloaded as part of an applet, or in a mixture of the Java language and Java Native Interface (JNI) native methods if it needs to bridge to existing database access libraries.

In JDK 1.2, the java.sql package builds on the existing SQL functionality to include:

• Result sets that scroll forwards and backwards.
• Batch updates so an application can submit multiple update statements (insert/update/delete) in one request.
• Additional support for persistent storage of objects in the Java programming language.
• SQL3 data types such as binary large object (BLOB) and character large object (CLOB).
• Structured types.
• User-defined types (UDTs).
• Character stream support so character data can be retrieved and sent to the database as a stream of internationalized Unicode characters.
• New methods to allow java.math.BigDecimal values to be returned with full precision.

Java IDL

Java IDL adds CORBA (Common Object Request Broker Architecture) capability to the Java platform to provide standards-based interoperability and connectivity. Java IDL is new with JDK 1.2 so distributed Web-enabled Java applications can transparently invoke operations on remote network services using the industry standard Object Management Group (OMG) interface definition language (IDL) and Internet Inter-ORB Protocol (IIOP) defined by the OMG. Runtime components include a fully-compliant Java ORB for distributed computing using IIOP communication.

The two main Java IDL packages are:

• org.omg.CORBA
• org.omg.CosNaming

The org.omg.CORBA package supplies the mapping of the OMG CORBA 1.0 APIs to the Java programming language. An implementation of the ORB class is included so a programmer can use it as a fully functional Object Request Broker (ORB). An ORB object handles (or brokers) method invocations between a client and the method implementation on the server. Because the client and server can be anywhere on a network and the invocation and implementation can be in different languages, an ORB object does a lot of behind-the-scenes work to enable the communication.

The org.omg.CosNaming package specifies the naming service for Java IDL. The package and all its classes and interfaces were generated by running the idltojava tool on the file nameservice.idl, which is a module written in OMG IDL.

Remote Method Invocation

The Remote Method Invocation (RMI) APIs let Java applications use remote method calls (rather than sockets and streams) to communicate across a network. The communicating applications can be running on different computers on opposite sides of the planet. This higher-level and method-based approach to network communications allows access to a remote object as easily as a local object.

JDK 1.2 RMI enhancements include remote object activation, downloadable socket factories, and other minor API enhancements:

• Remote object activation introduces support for persistent references to remote objects and automatic object activation by way of these references.

• Downloadable socket factories allow a remote object to specify the custom socket factory that RMI will use for remote calls to that object. RMI over a secure transport (such as SSL) can be supported using downloadable socket factories.

• Other minor API enhancements allow unexporting a remote object, obtaining the stub for an object implementation, and exporting an object on a specific port.

Features Roadmap