From: Werner Keil <werner.keil_at_gmail.com>
Date: Tue, 27 Sep 2016 20:31:33 +0200

Well that's why this is meant for Java EE 9 ;-)

Kind Regards,

Werner


On Tue, Sep 27, 2016 at 8:27 PM, arjan tijms <arjan.tijms_at_gmail.com> wrote:

> Hi,
>
> On Tue, Sep 27, 2016 at 4:33 PM, Werner Keil <werner.keil_at_gmail.com>
> wrote:
>
>> Thanks to the "playground" https://github.com/javaee-secu
>> rity-spec/javaee-security-proposals I see no reason why you should not
>> add something that works there any time.
>>
>
> Well, the main reason is time, or actually a lack thereof ;)
>
> Kind regards,
> Arjan Tijms
>
>
>
>> Whether or not it could be mature enough for a Java EE 8 release train,
>> we shall see. First we need a definitive Spec Lead either by Oracle and/or
>> other EG members to help (nothing is written in stone there, but similar
>> possibilities were discussed for the Config JSR Oracle outlined last week;-)
>>
>> Kind Regards,
>> Werner
>>
>>
>>
>> On Tue, Sep 27, 2016 at 4:18 PM, arjan tijms <arjan.tijms_at_gmail.com>
>> wrote:
>>
>>> Hi,
>>>
>>> On Tue, Sep 27, 2016 at 3:21 PM, Werner Keil <werner.keil_at_gmail.com>
>>> wrote:
>>>
>>>> Thanks Ivar and others for sharing the updates from JavaOne.
>>>> Please don't forget, Oauth or OpenID Connect are not aiming at Java EE
>>>> 8 yet. Antoine who worked with me on Agorava confirmed it's a "totally
>>>> different beast" on the server side and Agorava so far only covered OAuth
>>>> clients to consume other services. If JSR 375 (MR) follow-up Security JSR
>>>> supports it, that has to be both client and server.
>>>>
>>>
>>> Not committed anywhere yet, but OmniFaces member Jan Beernink and myself
>>> have actually been working on the server variant as well, which is indeed a
>>> totally different beast. Time constraints have prevented us from actually
>>> committing this anywhere public and/or write a demo for it, but the client
>>> version that we did commit has been tested with this.
>>>
>>> Kind regards,
>>> Arjan Tijms
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>>
>>>> JSR 370 (JAX-RS) just had a question about its activity and future on
>>>> the mailing list. I was not in that session, but the Spec Lead did not seem
>>>> present. Somebody (not in the EG according to JCP.org) did however update
>>>> the Jersey RI as recent as last week, so there may be a situation similar
>>>> to JSR 375 and Soteria (where Arjan also pushed 6 days ago;-)
>>>>
>>>> It won't work without somebody from Oracle, but would you consider an
>>>> EDR 1 based on what Soteria has to offer before the inevitable Renewal
>>>> Ballot at the end of November? (similar to JSR 370 the last one was 23 Nov,
>>>> 2015)
>>>>
>>>> If Oracle is not able to help with that before November, I guess the
>>>> very least would be good arguments (based on what we heard at JavaOne) for
>>>> the EC (given the reelection in November we also don't know who will be
>>>> there, despite at least 2 members of this EG also running;-)
>>>>
>>>> Kind Regards,
>>>>
>>>> Werner
>>>>
>>>>
>>>> On Thu, Sep 22, 2016 at 11:43 PM, Ivar Grimstad <
>>>> ivar.grimstad_at_gmail.com> wrote:
>>>>
>>>>>
>>>>> On Thu, Sep 22, 2016 at 11:57 AM arjan tijms <arjan.tijms_at_gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Thank you all for the presentation, looks good!
>>>>>>
>>>>>> Good to see as well that OAuth gets a renewed focus. Indeed, this may
>>>>>> be one of the most important mechanisms to have.
>>>>>>
>>>>>> Scoping sounds cool too to support as well.
>>>>>>
>>>>>
>>>>> Yes, it looks promising and that we are on the right track!
>>>>>
>>>>>
>>>>>>
>>>>>> KK, wil you be part of the EG, or is that still left to be decided?
>>>>>> Any news about Alex?
>>>>>>
>>>>>
>>>>> I don't think Oracle will comment on resources and/or staffing at this
>>>>> point. At least I haven't been able to get an answer to that particular
>>>>> question yet :(
>>>>>
>>>>>
>>>>>>
>>>>>> Kind regards,
>>>>>> Arjan Tijms
>>>>>>
>>>>>>
>>>>>> On Thursday, September 22, 2016, Kk sriramadhesikan <
>>>>>> kk.sriramadhesikan_at_oracle.com> wrote:
>>>>>>
>>>>>>> Arjan
>>>>>>> Ivar already posted the link to my slides. We also met the f2f for
>>>>>>> an hour earlier this afternoon. Werner and ivar were in person but Werner
>>>>>>> had to leave early for his talk. I will write up the minutes and post it in
>>>>>>> the next day.
>>>>>>>
>>>>>>> Kk
>>>>>>>
>>>>>>>
>>>>>>> Sent from my phone, pardon any typos.
>>>>>>> ------------------------------
>>>>>>> From: Ivar Grimstad
>>>>>>> Sent: ‎9/‎21/‎2016 4:44 PM
>>>>>>> To: jsr375-experts_at_javaee-security-spec.java.net; Java EE Security
>>>>>>> API - JSR 375 - Experts
>>>>>>> Subject: [javaee-security-spec users] [jsr375-experts] Re: JavaOne
>>>>>>> securitypresentation
>>>>>>>
>>>>>>> Hi Arjan,
>>>>>>>
>>>>>>> Yes, I was there. Have attached an image of the suggested Way
>>>>>>> Forward slide. The presentation can be downloaded here:
>>>>>>>
>>>>>>> https://static.rainfocus.com/oracle/oow16/sess/1471981490115
>>>>>>> 001GrZ4/ppt/CON7978_Sriramadhesikan_JavaOne2016_SecurityForJ
>>>>>>> avaEE8AndTheCloud.pdf
>>>>>>>
>>>>>>> Ivar
>>>>>>>
>>>>>>> [image: jsr375wayforward.png]
>>>>>>>
>>>>>>> On Wed, Sep 21, 2016 at 1:38 AM arjan tijms <arjan.tijms_at_gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> Has anyone seen the JavaOne presentation about security (Security
>>>>>>>> for Java EE 8 and the Cloud)?
>>>>>>>>
>>>>>>>> I have not seen it yet, so curious what KK discussed.
>>>>>>>>
>>>>>>>> Kind regards,
>>>>>>>> Arjan Tijms
>>>>>>>>
>>>>>>> --
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Java EE Security API - JSR 375 - Experts" group.
>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>> send an email to jsr375-experts+unsubscribe_at_googlegroups.com.
>>>>>> To post to this group, send email to jsr375-experts_at_googlegroups.com.
>>>>>> To view this discussion on the web visit
>>>>>> https://groups.google.com/d/msgid/jsr375-experts/CAE%3D-AhBi
>>>>>> LTx7BC3qNSmsHEMdgeGVNZKQUQ4BW4A0AtXp7-%2Bi6g%40mail.gmail.com
>>>>>> <https://groups.google.com/d/msgid/jsr375-experts/CAE%3D-AhBiLTx7BC3qNSmsHEMdgeGVNZKQUQ4BW4A0AtXp7-%2Bi6g%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>>>>> .
>>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>>
>>>>> --
>>>>> You received this message because you are subscribed to the Google
>>>>> Groups "Java EE Security API - JSR 375 - Experts" group.
>>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>>> an email to jsr375-experts+unsubscribe_at_googlegroups.com.
>>>>> To post to this group, send email to jsr375-experts_at_googlegroups.com.
>>>>> To view this discussion on the web visit
>>>>> https://groups.google.com/d/msgid/jsr375-experts/CAOAQAPpKnt
>>>>> 7kdJ_PCY6xpKsPkNzKZrsY3knfLvhCLG2wMmavLA%40mail.gmail.com
>>>>> <https://groups.google.com/d/msgid/jsr375-experts/CAOAQAPpKnt7kdJ_PCY6xpKsPkNzKZrsY3knfLvhCLG2wMmavLA%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>>>> .
>>>>>
>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>
>>>>
>>>>
>>>
>>
>