[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jakartaee-platform-dev] Moving MicroProfile JWT to Jakarta Security?
|
For me these conversations always bring about a strange sense of
deja vu (it's almost like watching re-runs of old Roseanne
episodes from the eighties on late night TV - they were good but
they do get tiresome after a while). So I felt compelled to go
back and try to remember why we made the decisions we did for
Jakarta Config. In the heady days when CN4J was being formed IBM's
Emily led this very good analysis and survey with help from the
Eclipse Foundation:
https://reza-rahman.me/2021/04/10/jakarta-ee-microprofile-alignment-survey-results/.
For me this was a very good effort and I believe helped drive the
decisions for Jakarta Config.
Most of that is still very relevant and I believe worth reviewing
in this context. Certainly when I still talk to our customers and
this lingering problem inevitably comes up, their views reflect
the community voice that shines through in the outcome of the
survey. I am attaching the key results and the actual raw survey
data shared by the Eclipse Foundation here for reference.
Happy to join on behalf of Microsoft. For
reasons discussed in the past, Microsoft would not be
supportive of including a MicroProfile dependency into
Jakarta EE. It gets too far away from the core value
propositions of Jakarta EE as our customers see it -
chiefly those around stability and more general purpose
applicability than microservices. It also creates a
potentially very hard to manage circular dependency at the
platform levels between projects with very different life
cycles and objectives.
> On Nov 11, 2022, at 12:06 PM, arjan tijms
<arjan.tijms@xxxxxxxxx> wrote:
>
> Do you mean that the Jakarta security spec, and
specifically the Jakarta Security API jar directly has the MP
JWT spec / api as a dependency?
It's worth exploring at the very least. It's not something
I've typically endorsed in the past, but I'm starting to
soften to the idea if it can avoid a trend of having two
copies of every api.
There are possibly other avenues that could be explored as
well.
I think this thread is great, but would people be open to
getting together for an hour and just talking out some
options? I.e. we get us Jakarta Security and MicroProfile JWT
folks together and see what we can come up with.
Thoughts?
-David
_______________________________________________
jakartaee-platform-dev mailing list
jakartaee-platform-dev@xxxxxxxxxxx
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jakartaee-platform-dev
Attachment:
Jakarta_EE_and_MicroProfile_Alignment_Survey_Results.pdf
Description: Adobe PDF document
Attachment:
survey_results.png
Description: PNG image