== Java EE Containers ==

''Containers'' are the interface between a component and the low-level platform-specific functionality that supports the component. Before a web, enterprise bean, or application client component can be executed, it must be assembled into a Java EE module and deployed into its container.

 {{attachment:overview-serverAndContainers.gif}}

The assembly process involves specifying container settings for each component in the Java EE application and for the Java EE application itself. Container settings customize the underlying support provided by the Java EE server, including services such as security, transaction management, Java Naming and Directory InterfaceTM (JNDI) lookups, and remote connectivity.

''Java EE server:'' The runtime portion of a Java EE product. A Java EE server provides EJB and web containers.

''Enterprise Java``Beans (EJB) container:'' Manages the execution of enterprise beans for Java EE applications. Enterprise beans and their container run on the Java EE server.

''Web container:'' Manages the execution of JSP page and servlet components for Java EE applications. Web components and their container run on the Java EE server.

''Application client container:'' Manages the execution of application client components. Application clients and their container run on the client.

''Applet container:'' Manages the execution of applets. Consists of a web browser and Java Plug-in running on the client together.

=== Security ===

While other enterprise application models require platform-specific security measures in each application, the Java EE security environment enables security constraints to be defined at deployment time. The Java EE platform makes applications portable to a wide variety of security implementations by shielding application developers from the complexity of implementing security features.

The Java EE platform provides standard declarative access control rules that are defined by the developer and interpreted when the application is deployed on the server. Java EE also provides standard login mechanisms so application developers do not have to implement these mechanisms in their applications. The same application works in a variety of different security environments without changing the source code.
