220.127.116.11. Java API for XML Processing (JAXP)
XML is not strictly an enterprise-focused tool. XML is useful in all kinds of contexts,
enterprise and otherwise. We've included it in this book, however, because XML is now
such a fundamental, all-purpose tool that it touches nearly every level of enterprise
application development, from basic datafile formats to interprocess communications to
user interface representations.
The Java API for XML Processing (JAXP) (defined in JSR 005)[*] is the standard API for
consuming and producing XML in Java. Application servers compliant with J2EE 1.3 and
later must include a compliant JAXP implementation. JAXP provides a pluggable API that
supports both SAX and DOM parsing of XML content, as well as XSLT-based
transformations of XML. JAXP 1.2, the version specified in the J2EE 1.4 specification,
supports the SAX 2 and DOM 2 parsing APIs, as well as the XSLT 1.0 transform API. JAXP
is covered briefly in Chapter 7. The JAXP APIs are also covered in Java in a Nutshell by
David Flanagan (O'Reilly).
18.104.22.168. J2EE security
Security is of paramount importance in enterprises today and is entrenched in many
aspects of application development and deployment. In fact, security is a concern that must
be considered in all aspects of the modern enterprise, well beyond the J2EE security APIs
discussed in this book.
The J2EE security chapter (Chapter 10) provides a brief overview of fundamental security
concepts such as authentication and authorization. Authentication refers to the process of
a user identifying himself to an application, typically using a username and password.
Authorization refers to granting the authenticated user access to the resources within the
application, as appropriate to that user.