A Java package is a collection of classes that share a common namespace. For example, if a class named test.java contains the line package com.ms.fx, the full name of the compiled class will be com.ms.fx.test. Packages are the building blocks of Java applications. The Java core libraries are a set of packages: java.lang, java.io, and so on.
Early adopters of Java realized that packages would be easier to work with if they could be encapsulated in a single file. The Java community chose to use the public-domain PKZIP archiving standard to encapsulate Java packages. The PKZIP archive format remains the de facto standard for delivering Java packages. Two other packaging standards are also now available to address the packaging requirements of Java applications: the Sun Microsystems Java Archive (JAR) standard and the Microsoft Cabinet File (.cab) standard.
The JAR standard appeared in Java Development Kit (JDK) version 1.1. .jar files continue to use the PKZIP archiving standard, but add a manifest component to the Java class files in the archive. The manifest file provides a way to individually digitally sign each class file. Signature files are added in a META-INF directory inside the .jar file.
Compression in .jar files is done on a file-by-file basis. This method of compression can be inefficient because Java class files are often too small to benefit from individual compression.
The cabinet file (.cab) standard was initially used to package Microsoft® Windows® 95 and other products. Cabinet files have since become Microsoft's standard archive format. Cabinet file compression first concatenates all files into a large block and compresses the block, a method similar to the TAR/GZIP archiving standard used on UNIX platforms. This method of compression significantly increases the compression of Java packages.
Microsoft® Internet Explorer 3.0 includes a code download feature to allow web distribution of software using cabinet files. To use the code download feature, you first create an inner cabinet with all the files needed for the application. Next, you write a master .inf file to describe how to install the files in the cabinet file. Finally, you place both the .inf file and the inner cabinet file into an outer cabinet file, which you can then use for download.
The OBJECT tag in an HTML file specifies a cabinet file for download. When Internet Explorer detects the OBJECT tag, it checks for a current version of the cabinet file on the user's system. If it is not there, Internet Explorer downloads the cabinet file and installs it according to the instructions in the enclosed .inf file.
Cabinet files should be digitally signed before being made available for download. The cabinet standard does not support individually signing each class file—the signature on the cabinet file is assumed to apply to all the files in the archive.
Note You are not limited to using the cabinet format for code downloading. Other archive formats can be used as long as there is some method for digitally signing the archive.
Code download in Microsoft® Internet Explorer 3.0 relies on registry entries to determine if a particular archive (.cab) is installed and, if it is, what version is installed. Version information is maintained at the cabinet-file level (it does not extend to individual packages). The Internet Explorer 3.0 code download mechanism does not uninstall packages or supply version information to the Microsoft virtual machine (Microsoft VM).
Internet Explorer 4.0 or later addresses these limitations with a more advanced transport for code download: the Distribution Unit (DU). DUs have version numbers that are checked by the browser's code download feature to see if they should be downloaded. Each DU contains a list of all the packages and applications inside the DU. This list, called an Open Software Distribution manifest (OSD), also contains version and security information.
A powerful feature of OSDs is that they can be nested inside other OSDs. This allows a single DU to act as a front-end for a multiple component application. DUs can also be delivered with push technology. A push channel can check to see if the client has the latest version of content and update the client, if necessary. Push is superior to standard browsing from the user’s point of view because the user does not have to actively check for updates (the issues are largely the same from a package management viewpoint).
The Microsoft SDK for Java includes the dubuild utility, used to create DUs. See Creating and Using Distribution Units for details on using dubuild to create DUs.