Alex,
Thanks for the update. I don't think the EC has too much demand for a live
demo. Some of them regularly admit, they mainly read the spec, JavaDoc at
most but neither look at the code nor its impact on applications (I think I
am currently the only EC member who is also in several EGs including Spec
Lead or active committer role ;-)
If actual demos could also run on the Oracle EE 8 Demo booth, that would be
great. I am pretty sure, some visitors also care about security though it
is often taken as granted on conferences and not as welcome as "blinky
things" or little robots on stage;-D
The Hackergarten is not a "demo camp" though you may show something that
already works. It often looks at bugs or missing features (e.g. I sat with
Guillaume and other Groovy core committers in Copenhagen on my birthday
during a GR8Conf Hackergarten and we made some new JPA feature available to
Groovy and Grails;-) So to pick some of the proposals or examples that look
most promising and try to flesh them out would be a perfect goal for
Hackergarten. Or try to compile a list and let people decide what they
think is most important in real life.
Regards,
Werner
On Thu, Oct 15, 2015 at 3:08 AM, Alex Kosowski <alex.kosowski_at_oracle.com>
wrote:
> Hi,
>
> The JCP will likely be putting JSR 375 up for a renewal ballot after
> JavaOne. I think some other EE 8 specs are similarly up for renewal. I have
> not been informed regarding what we need to provide, but as long as our EG
> is reasonably active I think we will be fine.
>
> Regarding the JCP EC F2F (i.e. Java Community Process Executive Committee
> Face To Face), I have been given a slide template and I have been filling
> it out. The focus of the review is more on how the EG is following the
> process regarding transparency and participation obligations, than on the
> technical details. I do not think a demo is needed.
>
> Regarding the EDR, my understanding is that the EDR is a snapshot of our
> progress. Of course, the more progress the better, and we can release
> multiple EDRs. The currently published JSR-375 EDR date is Q4 2015, so I
> see this as sometime in December.
>
> For EDR, I would like to at least touch upon as many of the Epics as
> possible:
>
> - API for Identity Store
> - API for Authentication Mechanism
> - API for Password Aliasing
> - API for Role/Permission Assignment
> - API for Security Context
> - API for Authorization Interceptors
>
> I think Identity Store is well defined, with some open issues.
>
> As for trying some of the proposals in the Hackergarten, I am not quite
> sure what you mean. There are some interfaces and samples in the repo, but
> not a lot of working code. I will probably be digging into the proposals
> during the BOF.
>
> JSR 375 will get some exposure:
>
> - Presented at the JCP EC F2F
> - Presented at a dedicated conference session
> - Presented at a dedicated BOF
> - Presented in slides on EE 8 at the Oracle Demo booth
> - Represented in various EE 8 platform sessions
>
> It would be nice to have something to demo. I guess I could demo a JASPIC
> SAM using the CDI based Identity Store. Any ideas?
>
> With regards,
> Alex
> On 10/14/15 5:15 AM, Werner Keil wrote:
>
> Hi,
>
> Sounds like a plan. Many JSRs like 362 (just filed it this week) go for
> multiple EDRs nowadays to follow a more "Agile" iterative approach.
> If Alex was able to announce or already initiate EDR proposal to the PMO,
> maybe it could even avert a renewal ballot (as mentioned, the list is
> fairly long, and e.g. JAX-RS was recently notified they had to expect one
> pretty soon due to the deadline;-)
>
> Kind Regards,
> Werner
>
> On Wed, Oct 14, 2015 at 11:03 AM, arjan tijms <arjan.tijms_at_gmail.com>
> wrote:
>
>> Hi,
>>
>> On Wed, Oct 14, 2015 at 10:03 AM, Werner Keil <werner.keil_at_gmail.com>
>> wrote:
>> > Dear Experts,
>> >
>> > Given the JSR was approved last December, it may just be a matter of
>> time,
>> > till we face a Renewal Ballot, since the official deadlines are pretty
>> much
>> > 9 months to produce EDR 1.
>>
>> What do you guys think; the current (or slightly revised) identity
>> store proposal that Alex wrote could easily function as a base for the
>> EDR, couldn't it? Add a chapter for the terminology that we've
>> established, and perhaps add one of the diagrams that were mailed to
>> the list earlier, and then start the next major chapter with the
>> identity store proposal.
>>
>> I don't know the exact process to submit the EDR, but iff the above
>> would be enough, then maybe end of this week can be a target for
>> submitting this?
>>
>> Kind regards,
>> Arjan Tijms
>>
>>
>>
>>
>>
>> >
>> > Patrick recently said, Oracle led JSRs are not "more equal" when it
>> comes to
>> > that, so it is likely the EC will have such ballots on its plate (not
>> just
>> > for 375 btw.;-)
>> >
>> > The open, community-driven momentum with the "proposals" repository
>> > https://github.com/javaee-security-spec/javaee-security-proposals
>> sounds
>> > like a great opportunity to try some of them at Hackergarten during
>> JavaOne.
>> >
>> > If Alex is already in SF, I trust he arranged a F2F Spec Lead demo to
>> the EC
>> > as well. Certainly a good chance to give them an idea what's happening
>> > beyond my brief overview in London. And to give them sufficient
>> information
>> > if a Renewal Ballot was up in the next few weeks or months.
>> >
>> > WDYT?,
>> > Werner
>>
>
>