I think there is a potential license compatibility issue with using EPL2/GPL2CE licensed code in ASL which is used by MicroProfile (probably due to the one-way-only compatibility). I believe this was discussed in the context of the Ozark project during the last PMC meeting of Jan 9. > These gaps become painfully obvious in the MicroProfile project, where an ad-hoc mechanism had to be invented I said earlier on, this MicroProfile "REST Client" was a bit of a fork and should better be integrated with JAX-RS in EE4J. As both are Eclipse projects doing so should not be difficult. Sooner or later e.g. MicroProfile Config will also be retired in favor of JSR 382 or just remain a bridge like apache-commons-logging. Werner On Sat, Jan 20, 2018 at 6:00 PM, <ee4j-community-request@xxxxxxxxxxx> wrote: Send ee4j-community mailing list submissions to ee4j-community@xxxxxxxxxxx
To subscribe or unsubscribe via the World Wide Web, visit https://dev.eclipse.org/mailman/listinfo/ee4j-community or, via email, send a message with subject or body 'help' to ee4j-community-request@xxxxxxxxxxx
You can reach the person managing the list at ee4j-community-owner@xxxxxxxxxxx
When replying, please edit your Subject line so it is more specific than "Re: Contents of ee4j-community digest..."
Today's Topics:
1. Re: JAX-RS Now Available in Git (arjan tijms) 2. Re: JAX-RS Now Available in Git (Gaurav Gupta)
----------------------------------------------------------------------
Message: 1 Date: Sat, 20 Jan 2018 14:49:05 +0000 From: arjan tijms <arjan.tijms@xxxxxxxxx> To: EE4J community discussions <ee4j-community@xxxxxxxxxxx> Subject: Re: [ee4j-community] JAX-RS Now Available in Git Message-ID: <CAE=-AhAT1f7ROt4wQw0044Siz53u-sQYLqUdEZ9ucQYKchOC9g@xxxxxxxxxxxxxx> Content-Type: text/plain; charset="utf-8"
Hi,
Indeed, JAX-RS is pretty stable. There's a few gaps in how security works in a standard way without any explicit (or even implicit) dependency on Servlet, so that would be a good thing to address. These gaps become painfully obvious in the MicroProfile project, where an ad-hoc mechanism had to be invented on the spot (the not really ideal @LoginConfig annotation) to setup security.
There's also some security "backbone" missing, making it hard to answer security queries like: "to which JAX-RS methods (endpoints) does the current caller have access".
Kind regards, Arjan Tijms
On Sat, Jan 20, 2018 at 12:52 PM, reza_rahman <reza_rahman@xxxxxxxxx> wrote:
> +1. This is what I had in mind for JAX-RS too. In addition, JAX-RS needs > to support Java SE 9 modules and possibly reactive streams. > > Other than this, I think JAX-RS is pretty much stable. I really think a > "minor player" like someone from the community or the CXF folks could take > over JAX-RS now (hint, hint :-)). This will allow the "big guys" to focus > on where the heavy lifting is necessary. > > Sent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone > > -------- Original message -------- > From: arjan tijms <arjan.tijms@xxxxxxxxx> > Date: 1/19/18 5:41 PM (GMT-05:00) > To: EE4J community discussions <ee4j-community@xxxxxxxxxxx> > Subject: Re: [ee4j-community] JAX-RS Now Available in Git > > Super news! :) > > I hope we can start work on evolving the API soon. > > My two initial proposals would be to further align with CDI and to define > support for the existing javax.annotation.security.RolesAllowed > annotation (several JAX-RS implementations already support that in a > proprietary way, and MicroProfile JWT-AUTH defines this for JAX-RS as well). > > Kind regards, > Arjan Tijms > > > > > > On Fri, Jan 19, 2018 at 9:53 PM, dmitry.kornilov < > dmitry.kornilov@xxxxxxxxxx> wrote: > >> Great job, Santiago! Thank you very much! >> >> -- Dmitry >> >> ?????????? ?? ????????? Samsung Galaxy. >> >> -------- ???????? ????????? -------- >> ??: Santiago Pericas-Geertsen <Santiago.PericasGeertsen@xxxxxxxxxx> >> ????: 19.01.18 22:37 (GMT+01:00) >> ????: ee4j-community@xxxxxxxxxxx >> ????: [ee4j-community] JAX-RS Now Available in Git >> >> All, >> >> The JAX-RS API sources are now available at [1]. >> >> ? Santiago >> >> [1] https://github.com/eclipse-ee4j/jaxrs-api >> >> _______________________________________________ >> ee4j-community mailing list >> ee4j-community@xxxxxxxxxxx >> To change your delivery options, retrieve your password, or unsubscribe >> from this list, visit >> https://dev.eclipse.org/mailman/listinfo/ee4j-community >> >> > > _______________________________________________ > ee4j-community mailing list > ee4j-community@xxxxxxxxxxx > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://dev.eclipse.org/mailman/listinfo/ee4j-community > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dev.eclipse.org/mailman/private/ee4j-community/attachments/20180120/bf6b12f7/attachment.html>
------------------------------
Message: 2 Date: Sat, 20 Jan 2018 21:24:05 +0530 From: Gaurav Gupta <gaurav.gupta.jc@xxxxxxxxx> To: EE4J community discussions <ee4j-community@xxxxxxxxxxx> Subject: Re: [ee4j-community] JAX-RS Now Available in Git Message-ID: <CA+QLtA6KVdguQzBttbftcSHhb7u_gdD-88nutCYtmqesjHXi3g@xxxxxxxxxxxxxx> Content-Type: text/plain; charset="utf-8"
+1 for javax.annotation.security.RolesAllowed annotation support
Thanks and kind regards, Gaurav Gupta <https://twitter.com/ImJeddict> <https://jeddict.github.io/> <https://www.youtube.com/JPAModeler>
On Sat, Jan 20, 2018 at 8:19 PM, arjan tijms <arjan.tijms@xxxxxxxxx> wrote:
> Hi, > > Indeed, JAX-RS is pretty stable. There's a few gaps in how security works > in a standard way without any explicit (or even implicit) dependency on > Servlet, so that would be a good thing to address. These gaps become > painfully obvious in the MicroProfile project, where an ad-hoc mechanism > had to be invented on the spot (the not really ideal @LoginConfig > annotation) to setup security. > > There's also some security "backbone" missing, making it hard to answer > security queries like: "to which JAX-RS methods (endpoints) does the > current caller have access". > > Kind regards, > Arjan Tijms > > > > > On Sat, Jan 20, 2018 at 12:52 PM, reza_rahman <reza_rahman@xxxxxxxxx> > wrote: > >> +1. This is what I had in mind for JAX-RS too. In addition, JAX-RS needs >> to support Java SE 9 modules and possibly reactive streams. >> >> Other than this, I think JAX-RS is pretty much stable. I really think a >> "minor player" like someone from the community or the CXF folks could take >> over JAX-RS now (hint, hint :-)). This will allow the "big guys" to focus >> on where the heavy lifting is necessary. >> >> Sent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone >> >> -------- Original message -------- >> From: arjan tijms <arjan.tijms@xxxxxxxxx> >> Date: 1/19/18 5:41 PM (GMT-05:00) >> To: EE4J community discussions <ee4j-community@xxxxxxxxxxx> >> Subject: Re: [ee4j-community] JAX-RS Now Available in Git >> >> Super news! :) >> >> I hope we can start work on evolving the API soon. >> >> My two initial proposals would be to further align with CDI and to define >> support for the existing javax.annotation.security.RolesAllowed >> annotation (several JAX-RS implementations already support that in a >> proprietary way, and MicroProfile JWT-AUTH defines this for JAX-RS as well). >> >> Kind regards, >> Arjan Tijms >> >> >> >> >> >> On Fri, Jan 19, 2018 at 9:53 PM, dmitry.kornilov < >> dmitry.kornilov@xxxxxxxxxx> wrote: >> >>> Great job, Santiago! Thank you very much! >>> >>> -- Dmitry >>> >>> ?????????? ?? ????????? Samsung Galaxy. >>> >>> -------- ???????? ????????? -------- >>> ??: Santiago Pericas-Geertsen <Santiago.PericasGeertsen@xxxxxxxxxx> >>> ????: 19.01.18 22:37 (GMT+01:00) >>> ????: ee4j-community@xxxxxxxxxxx >>> ????: [ee4j-community] JAX-RS Now Available in Git >>> >>> All, >>> >>> The JAX-RS API sources are now available at [1]. >>> >>> ? Santiago >>> >>> [1] https://github.com/eclipse-ee4j/jaxrs-api >>> >>> _______________________________________________ >>> ee4j-community mailing list >>> ee4j-community@xxxxxxxxxxx >>> To change your delivery options, retrieve your password, or unsubscribe >>> from this list, visit >>> https://dev.eclipse.org/mailman/listinfo/ee4j-community >>> >>> >> >> _______________________________________________ >> ee4j-community mailing list >> ee4j-community@xxxxxxxxxxx >> To change your delivery options, retrieve your password, or unsubscribe >> from this list, visit >> https://dev.eclipse.org/mailman/listinfo/ee4j-community >> >> > > _______________________________________________ > ee4j-community mailing list > ee4j-community@xxxxxxxxxxx > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://dev.eclipse.org/mailman/listinfo/ee4j-community > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dev.eclipse.org/mailman/private/ee4j-community/attachments/20180120/9976e639/attachment.html>
------------------------------
_______________________________________________ ee4j-community mailing list ee4j-community@xxxxxxxxxxx To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/ee4j-community
End of ee4j-community Digest, Vol 5, Issue 73 *********************************************
|