There are no structural differences between the files; they are all archived using zip-jar compression. However, they are intended for different purposes.

• Jar files (files with a .jar extension) are intended to hold generic libraries of Java classes, resources, auxiliary files, etc.
• War files (files with a .war extension) are intended to contain complete Web applications. In this context, a Web application is defined as a single group of files, classes, resources, .jar files that can be packaged and accessed as one servlet context.
• Ear files (files with a .ear extension) are intended to contain complete enterprise applications. In this context, an enterprise application is defined as a collection of .jar files, resources, classes, and multiple Web applications.
  
  

  Each type of file (.jar, .war, .ear) is processed uniquely by application servers, servlet containers, EJB containers, etc.

The Session bean and Entity bean are two main parts of EJB container.

Session Bean

• represents a workflow on behalf of a client
• one-to-one logical mapping to a client.
• created and destroyed by a client
• permanent objects
• Lives its EJB container(generally) does not survive system shut down
• two types: stateless and stateful beans

Entity Bean

• represents persistent data and behavior of this data
• can be shared among multiple clients
• persists across multiple invocations
• findable permanent objects
• outlives its EJB container, survives system shutdown
• two types: container managed persistence(CMP) and bean managed persistence(BMP)

A J2EE component that typically executes in a Web browser but can execute in a variety of other applications or devices that support the applet programming model.

A person who combines J2EE components and modules into deployable application units.

A first-tier J2EE client component that executes in its own Java virtual machine. Application clients have access to some J2EE platform APIs.

A software unit that consists of one or more classes and an application client deployment descriptor.

A vendor that provides the Java classes that implement components' methods, JSP page definitions, and any required deployment descriptors.

An XML file used to configure resources for a Java Server Faces application, to define navigation rules for the application, and to register converters, Validator, listeners, renders, and components with the application.

A Java-based build tool that can be extended using Java classes. The configuration files are XML-based, calling out a target tree where various tasks get executed.

The process that verifies the identity of a user, device, or other entity in a computer system, usually as a prerequisite to allowing access to resources in a system. The Java servlet specification requires three types of authentication-basic, form-based, and mutual-and supports digest authentication.

The process by which access to a method or resource is determined. Authorization depends on the determination of whether the principal associated with a request through authentication is in a given security role. A security role is a logical grouping of users defined by the person who assembles the application. A deployer maps security roles to security identities. Security identities may be principals or groups in the operational environment.

An authorization rule that determines who is permitted to access a Web resource collection.

A JavaBeans component that corresponds to a JSP page that includes JavaServer Faces components. The backing bean defines properties for the components on the page and methods that perform processing for the component. This processing includes event handling, validation, and processing associated with navigation.

An authentication mechanism in which a Web server authenticates an entity via a user name and password obtained using the Web application's built-in authentication mechanism.

The mechanism whereby data transfer between an entity bean's variables and a resource manager is managed by the entity bean.