[javaee-spec users] Re: [jsr366-experts] Java EE Security API

From: arjan tijms <>
Date: Tue, 11 Apr 2017 00:52:58 +0200

Could be a good idea indeed.

I'm of course strongly, strongly biased, but I know from application
development and working with a lot of different devs in application
development, that something like a basic security for JAX-RS endpoints in a
fully portable and app controlled way is something that comes up each and
every time.

Basically just something like defining this: (pre JSR 375 syntax)

On Tue, Apr 11, 2017 at 12:47 AM, reza_rahman <> wrote:

> If needed, I suggest doing a simple community poll (e.g. via Twitter) to
> help determine this. As I said, I suspect there is very strong desire for
> this functionality in all profiles.
> What do other people in this EG think? I know activity has been sparse for
> quite a few months, but surely we all have some opinions on this?
> -------- Original message --------
> From: reza_rahman <>
> Date: 4/10/17 4:38 PM (GMT-05:00)
> To:
> Subject: Re: [javaee-spec users] Re: [jsr366-experts] Java EE Security API
> I actually think what we have now is pretty useful. Given the strong
> support for security in all the Java EE surveys, I think it sends the wrong
> message not to include it in the Web Profile. I don't see that there is any
> future where the security API does not wind up in pretty much all
> significant Java EE profiles.