arjan tijms wrote on 10/03/2013 05:32 AM:
> Hi,
>
> Thanks for the report. Some comments:
>
>
> On slide 17, just to make it clear for everyone, "standardize authentication"
> is really about simplifying the process. Authentication in Java EE is
> theoretically standardized already (via JASPIC).
JASPIC standards how to plug in an authentication provider. I think the issue
here was to have some standard authentication providers already available for
applications.
>
> On slide 19, "JAX-RS MVC"
>
> I agree with the central question "Do we really need another standard web
> framework?", and would like to specifically add the question "*Why* would we
> want a second web framework?"
>
> Is it because JSF is not popular enough, or are there specific use cases JSF
> can't address?
This is exactly what we need feedback on from the community.
> On slide 31 and 32 "ReST APIs to deploy and manage applications" and "ReST
> APIs to monitor applications"
>
> It's perhaps interesting to remember that Java EE had an API/SPI here with JSR
> 88 and JSR 77, but they were pruned for Java EE 7 (see e.g.
> https://java.net/projects/javaee-spec/lists/jsr342-experts/archive/2011-11/message/4).
Right, do we believe they aren't used because they were poor APIs? Because they
used the wrong technology? Will converting them to use ReST suddenly make them
more attractive?
I don't think the answers are clear.
> About the support, I'm surprised about a few things.
>
> There is much support for "More CDI", but little support for "Security
> Interceptors" and "Generalized Timer Support". Yet, both of these are
> specifically for the "More CDI' story.
People may've thought they would get them by voting for More CDI, although that
wasn't the intent.
> I also wonder how there can be no support for Multi-point MDBs. Wasn't that
> David Blevins' idea? Didn't he vote for his own idea?
There was some confusion here and in the end we merged that item with the Better
MDBs item; I forgot to remove it from the summary slide.
> Maybe it would also have been interesting to see what the votes would have
> been with Oracle attendees included.
We didn't want to skew the results; we were more interested in what others thought.
> As for the "Improved Security Framework", it's sad to see it got no support at
> this particular meet-up. Indeed, there are still lots of complaints about it.
> I think very few people would argue Java EE security is extremely good and
> even less would argue that security itself is not important, so it seems like
> a no-brainer.
And there seemed to be support for it during the discussion, but in the end no
one voted for it. Sometimes you have to make difficult choices when you have a
limited number of dollars to spend...
> Anyway, thanks again for the report and great to see the Java EE 8
> preparations starting.
>
> Kind regards,
> Arjan Tijms
>