J2EE defines standards for developing, building and deploying multitiered enterprise applications. The runtime environment of J2EE applications are provided by Containers which is typically a part of the J2EE server where the application is deployed. J2EE also defines what services the container must support for the application to make use of. J2EE is thus a specification for both container and the application.
The runtime environment provided by containers includes JRE for the J2SE that the J2EE container/server supports.
The J2EE specification describes a minimum set of facilities that all J2EE products (servers) must provide. Most J2EE products will provide facilities beyond the minimum required by this specification. This specification includes only a few limits to the ability of a product to provide extensions. In particular, it includes the same restrictions as J2SE on extensions to Java APIs. A J2EE product may not add classes to the Java programming language packages included in this specification, and may not add methods or otherwise alter the signatures of the specified classes.
However, many other extensions are allowed. A J2EE product may provide additional Java APIs, either other Java optional packages or other (appropriately named) packages. A J2EE product may include support for additional protocols or services not specified here. A J2EE product may support applications written in other languages, or may support connectivity to other platforms or applications. In short, if the application doesn't depend on extensions provided by a J2EE server, it would be deployable (as per specification) in any other J2EE compliant server. On the other hand, J2EE servers must pass the Compatibility Test Suite to be labelled J2EE compliant.
The J2EE API specifications define the contract between the J2EE application components and the J2EE platform. The contract specifies both the runtime and deployment interfaces.
The J2EE Service Provider Interfaces (SPIs) API specifications define the contract between the J2EE platform and service providers that may be plugged into a J2EE product. The Connector APIs define service provider interfaces for integrating resource adapters with a J2EE application server. Resource adapter components implementing the Connector APIs are called Connectors. The J2EE Authorization APIs define service provider interfaces for integrating security authorization mechanisms with a J2EE application server.
Standards services that J2EE mandates are
JNDI, Java Mail, Deployment, JAAS-JACC (security), Management, Corba, JTA, JMS, EJB, Servlets/JSP, WebServices, JCA
J2EE 1.4 includes JAX-RPC, SAAJ, JAXR (supports web services) and JMX as J2EE management API and JACC SPI.
J2EE 1.3 included JCA, JMS, JAXP, JAAS and IIOP for EJBs (2.0) and Local Interfaces.