[javaee-spec users] Re: [jsr342-experts] report on EG meeting at JavaOne

From: Bill Shannon <>
Date: Thu, 03 Oct 2013 15:09:13 -0700

arjan tijms wrote on 10/03/2013 05:32 AM:
> Hi,
> Thanks for the report. Some comments:
> On slide 17, just to make it clear for everyone, "standardize authentication"
> is really about simplifying the process. Authentication in Java EE is
> theoretically standardized already (via JASPIC).
JASPIC standards how to plug in an authentication provider. I think the issue
here was to have some standard authentication providers already available for

> On slide 19, "JAX-RS MVC"
> I agree with the central question "Do we really need another standard web
> framework?", and would like to specifically add the question "*Why* would we
> want a second web framework?"
> Is it because JSF is not popular enough, or are there specific use cases JSF
> can't address?
This is exactly what we need feedback on from the community.

> On slide 31 and 32 "ReST APIs to deploy and manage applications" and "ReST
> APIs to monitor applications"
> It's perhaps interesting to remember that Java EE had an API/SPI here with JSR
> 88 and JSR 77, but they were pruned for Java EE 7 (see e.g.
Right, do we believe they aren't used because they were poor APIs? Because they
used the wrong technology? Will converting them to use ReST suddenly make them
more attractive?

I don't think the answers are clear.

> About the support, I'm surprised about a few things.
> There is much support for "More CDI", but little support for "Security
> Interceptors" and "Generalized Timer Support". Yet, both of these are
> specifically for the "More CDI' story.
People may've thought they would get them by voting for More CDI, although that
wasn't the intent.

> I also wonder how there can be no support for Multi-point MDBs. Wasn't that
> David Blevins' idea? Didn't he vote for his own idea?
There was some confusion here and in the end we merged that item with the Better
MDBs item; I forgot to remove it from the summary slide.

> Maybe it would also have been interesting to see what the votes would have
> been with Oracle attendees included.
We didn't want to skew the results; we were more interested in what others thought.

> As for the "Improved Security Framework", it's sad to see it got no support at
> this particular meet-up. Indeed, there are still lots of complaints about it.
> I think very few people would argue Java EE security is extremely good and
> even less would argue that security itself is not important, so it seems like
> a no-brainer.
And there seemed to be support for it during the discussion, but in the end no
one voted for it. Sometimes you have to make difficult choices when you have a
limited number of dollars to spend...

> Anyway, thanks again for the report and great to see the Java EE 8
> preparations starting.
> Kind regards,
> Arjan Tijms