What is Java programming language?
The Java programming language is a general-purpose, platform-independent programming language and a key component of the Java platform. The Java platform also includes other software components, such as the Java compiler, Java Runtime Environment (JRE), development tools, and other integration libraries.
The platform independence is perhaps the most important feature of the Java language. In the next couple of sections, we will learn how platform independence is achieved in Java platform and what are the key building blocks of the Java ecosystem, but before that let’s compare Java with C++.
What makes Java programming language platform-independent and how is it different from C++?
Let’s first understand how does a C++ program work. On Windows platform, when you write a C++ program (myprogram.cpp) and compile it, the system directly converts this program into an .exe file.
You can use this .exe file on Windows platform only; it makes C++ a platform-dependent programming language.
On the other hand, a Java program execution is essentially a two-step process. In the first step, the Java source file (myprogram.java) is compiled into bytecode (myprogram.class) by the Java compiler (javac).
The Java compiler is a part of the Java Development Kit (JDK). This bytecode is then executed by the Java Virtual Machine (JVM). The JVM uses the .class file as an input and generates the equivalent machine code that your CPU can understand. The JVM is a part of the Java Runtime Environment (JRE).
Note: Technically, the JVM includes another component called Just In Time compiler (JIT) that helps in improving the performance of a Java application. However, for the sake of simplicity, we will not distinguish between JVM and JIT.
Understanding the concepts of JDK, JRE, and JVM
Software developers often talk about JDK, JRE, and JVM while discussing or troubleshooting a Java program. Let’s learn more about these components.
- Java Development Kit (JDK): It is primarily for software developers. The JDK includes the Java compiler (javac). The JDK is platform specific. For instance, jdk-8u231-solaris-sparcv9.tar.gz is the JDK for the Solaris operating system that is running on the processor with Scalable Processor Architecture (SPARC) architecture. The JDK also includes several other important files, such as:
- src.zip: The Java source code.
- jar.exe: A tool to build Java ARchive (jar) files.
- javadoc.exe: A command line tool for Javadoc – Javadoc is used to generate API documentation from the Java source files.
- keytool.exe: A tool to generate encryption keys and certificates and store them in the Java Keystore – an encrypted repository to store keys and certificates.
- Java Runtime Environment (JRE): Includes the JVM and other Java files. For example, if you search for JVM in the JRE folder on a Windows machine, you will find jvm.dll file. The jvm.dll file is the Windows implementation of the JVM.
Understanding the workflow
- Using Notepad, Eclipse IDE, or any other text editor, create a Java file on your Windows machine. Assuming that JDK is already installed on this machine, compile this .java file using the Java compiler (javac). After the successful execution of the command, a .class file (bytecode) is generated.
- You can now use this bytecode on any other machine that has JVM on it — essentially the machine must have JRE installed on it as JVM is a component of JRE. The JVM then creates the machine code based on the platform and creates an executable that the processor can understand. JVM is platform dependent.
Note: JRE, JVM, and JDK are platform-dependent because the configuration of each operating system is different; however, Java language is platform-independent.
Java and Data Security
In today’s digital economy, every business is a software business and protecting your company’s intellectual capital is the top priority for every software executive.
The focus of IT expenditure is on preventing cyber-attacks proactively. This is more relevant with the growing adoption of cloud-based applications, As-A-Service models (for instance, Infrastructure as a service and data as a service) and API-driven businesses.
In this section, let’s understand how Java provides the necessary security for your code and applications. Before that, here’s a quick summary of all the key building blocks of a secured communication between a client and a server.
- Security protocols (SSL and TLS, for instance): Cryptographic protocols that provide secured communication between two systems. When you connect to an HTTPS secured server, your web browser checks the website’s certificate and verifies if it is issued by a certificate authority (CA).
Note that now Transport Layer Security (TLS) protocol is being widely used as security vulnerabilities were detected in SSL. - Certificate (SSL certificate, for example): It certifies that the certificate requester (a person or an organization) meets all the stringent requirements to receive the certificate. A certificate is issued by a certification authority (CA). For example, VeriSign and DigiCert.
Certificates are installed on the web server hosting your website. It ensures a secured communication between your website and your customer’s machine. Every web browser also comes with some certificates pre-installed on it.
For example, when you type chrome://settings/?search=certificate in the Chrome web browser, you can see a list of all pre-installed certificates from the certification authorities. - Signature: It verifies that a particular digital document is authentic. In other words, it provides the receiver a guarantee that the message was generated by the intended sender only. Every certificate is encrypted using a signature.
- Cipher Suite: A set of methods (algorithms) required to secure a network connection through SSL or TLS. The software implementation of this algorithm is done by the software library. For example, OpenSSL. Here's an example of a typical cipher suite:
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - TLS indicates the protocol.
- ECDHE indicates the key exchange algorithm.
- ECDSA indicates the authentication algorithm.
- AES_256_CBC indicates the bulk encryption algorithm.
- SHA384 indicates the MAC algorithm.
The C:\Program Files\Java\jre1.8.0_202\lib\security folder lists other important files. For example, java.security is a master security properties file that is used to manage various aspects of Java security.
