Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jakartaee-platform-dev] Moving MicroProfile JWT to Jakarta Security?

For me these conversations always bring about a strange sense of deja vu (it's almost like watching re-runs of old Roseanne episodes from the eighties on late night TV - they were good but they do get tiresome after a while). So I felt compelled to go back and try to remember why we made the decisions we did for Jakarta Config. In the heady days when CN4J was being formed IBM's Emily led this very good analysis and survey with help from the Eclipse Foundation: https://reza-rahman.me/2021/04/10/jakarta-ee-microprofile-alignment-survey-results/. For me this was a very good effort and I believe helped drive the decisions for Jakarta Config.

Most of that is still very relevant and I believe worth reviewing in this context. Certainly when I still talk to our customers and this lingering problem inevitably comes up, their views reflect the community voice that shines through in the outcome of the survey. I am attaching the key results and the actual raw survey data shared by the Eclipse Foundation here for reference.

On 11/11/2022 3:37 PM, reza_rahman@xxxxxxxxx wrote:
Happy to join on behalf of Microsoft. For reasons discussed in the past, Microsoft would not be supportive of including a MicroProfile dependency into Jakarta EE. It gets too far away from the core value propositions of Jakarta EE as our customers see it - chiefly those around stability and more general purpose applicability than microservices. It also creates a potentially very hard to manage circular dependency at the platform levels between projects with very different life cycles and objectives.
 
From: jakartaee-platform-dev <jakartaee-platform-dev-bounces@xxxxxxxxxxx> on behalf of David Blevins <dblevins@xxxxxxxxxxxxx>
Sent: Friday, November 11, 2022 3:19 PM
To: jakartaee-platform developer discussions <jakartaee-platform-dev@xxxxxxxxxxx>
Subject: Re: [jakartaee-platform-dev] Moving MicroProfile JWT to Jakarta Security?
 
> On Nov 11, 2022, at 12:06 PM, arjan tijms <arjan.tijms@xxxxxxxxx> wrote:
>
> Do you mean that the Jakarta security spec, and specifically the Jakarta Security API jar directly has the MP JWT spec / api as a dependency?

It's worth exploring at the very least. It's not something I've typically endorsed in the past, but I'm starting to soften to the idea if it can avoid a trend of having two copies of every api.

There are possibly other avenues that could be explored as well.

I think this thread is great, but would people be open to getting together for an hour and just talking out some options? I.e. we get us Jakarta Security and MicroProfile JWT folks together and see what we can come up with.

Thoughts?


-David

_______________________________________________
jakartaee-platform-dev mailing list
jakartaee-platform-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jakartaee-platform-dev

Attachment: Jakarta_EE_and_MicroProfile_Alignment_Survey_Results.pdf
Description: Adobe PDF document

Attachment: survey_results.png
Description: PNG image

Back to the top