[javaee-spec users] Re: [jsr366-experts] Java EE Security API

From: Romain Manni-Bucau <>
Date: Tue, 11 Apr 2017 10:53:53 +0200

2017-04-11 10:44 GMT+02:00 Werner Keil <>:

> +1
> Security is important and too often ignored, so making 375 available in
> the "smallest" Profile available is a must have IMO.

I would agree if it would be as easy as deploying a rest service but it is
not. Any hope the entry cost is reduced before If so a big +1,
if not i'll keep the same opinion on that.

> About download figures, I found Bintray especially helpful if used
> properly. Security API and Soteria are made available with full download
> stats.
> I know Apache itself is not so helpful. I raised it at ApacheCon but
> heard, they could not do it because of mirrors. Whether Bintray includes
> downloads via Mavencentral or not I can't tell, but even if it was
> combined, the rejected "legacy" JSR275 has more than what we heard from
> Deltaspike.
> The Most popular Eclipse projects in MarketPlace have 30-40k downloads per
> Month, so should E.g. Microprofile Parts or custom implementations be there
> it was easy to tell which are popular and which are less

We can close that, point was there are used libs which are not relying on
"complex" state machine + protocol (notify*) coding in user land, then the
detail of stats and which part is hidden if out of topic there (even if
interesting ;)).

> Werner