| Re: [jakartaee-platform-dev] Moving MicroProfile JWT to Jakarta Security? |
Hey All, A couple notes on various things mentioned in this thread. # Technical MP JWT does define bindings for EJB, Servlets, JACC, JASPIC, etc. - https://download.eclipse.org/microprofile/microprofile-jwt-auth-2.0/microprofile-jwt-auth-spec-2.0.html#_recommendations_for_optional_container_integration These have been there since MP JWT 1.0. If we wanted to expand that and bolster the TCK tests in MP JWT, this is not a problem. There are no technical limitations that would prevent us from defining in MP JWT how MP JWT ties into Jakarta Security, Jakarta Servlets or any Jakarta spec. # Procedural In CN4J we did agree to some technical principles. One of them is that duplication should be avoided. - https://docs.google.com/presentation/d/1i7hBzjXtApAUQDopPopLNG0yuwLXBLiSAFKr1_jhFlQ/edit?pli=1#slide=id.ge89d7772e8_0_9 Copying MP JWT would violate the principles we agreed on. The process for getting agreement between the two groups for a move is basically: - Create a proposal and get a member of each WG to sponsor (endorse) it - Once sponsored, both WGs independently vote to approve it - If both WGs agree, it can move forward Hope this helps. -David