Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [ee4j-community] JAX-RS Now Available in Git
Assuming you mean the Apache License (since ASL stands for Amazon Software License), I believe you are correct.  I think it was also called out when the MicroProfile project was created that other projects within Eclipse wouldn't be able to directly use the source code due to the single Apache License state of all features.  Since its the original authors' IP, you would need those authors to relicense the IP.

But I'll be honest, I'm not sure what the MP rest client has to do with the server runtime issues Arjan's mentioned.  I feel the same pain, but at the same time would recommend leveraging common annotations (javax.annotation) over coming up with a JAX-RS specific annotation, at the end of the day I would love to see an entire "EE4J feature" around security that doesn't require any runtime, maybe even just a plain CDI extension.

I can tell you that I've been experimenting within Apache CXF around tighter CDI integration on the server components to make the CDI runtime work a bit nicer.  Some of the recent features done:

- Support for CDI @Inject of all @Context objects
- More ways to automatically register providers

Most of this will be coming in the 3.2.2 release.  Would love to be able to help get some of these features into the JAX-RS spec (whatever that means in the future).

John

On Sat, Jan 20, 2018 at 1:25 PM Mrinal Kanti M <mrinal.kanti@xxxxxxxxx> wrote:

I think there is a potential license compatibility issue with using EPL2/GPL2CE licensed code in ASL which is used by MicroProfile (probably due to the one-way-only compatibility). I believe this was discussed in the context of the Ozark project during the last PMC meeting of Jan 9.

 

 

From: Werner Keil
Sent: 20 January 2018 23:36
To: EE4J community discussions


Subject: Re: [ee4j-community] JAX-RS Now Available in Git

 

> These gaps become painfully obvious in the MicroProfile project, where an ad-hoc mechanism had to be invented

 

I said earlier on, this MicroProfile "REST Client" was a bit of a fork and should better be integrated with JAX-RS in EE4J. As both are Eclipse projects doing so should not be difficult. Sooner or later e.g. MicroProfile Config will also be retired in favor of JSR 382 or just remain a bridge like apache-commons-logging.

 

Werner

 

 

On Sat, Jan 20, 2018 at 6:00 PM, <ee4j-community-request@xxxxxxxxxxx> wrote:

Send ee4j-community mailing list submissions to
        ee4j-community@xxxxxxxxxxx

To subscribe or unsubscribe via the World Wide Web, visit
        https://dev.eclipse.org/mailman/listinfo/ee4j-community
or, via email, send a message with subject or body 'help' to
        ee4j-community-request@xxxxxxxxxxx

You can reach the person managing the list at
        ee4j-community-owner@xxxxxxxxxxx

When replying, please edit your Subject line so it is more specific
than "Re: Contents of ee4j-community digest..."


Today's Topics:

   1. Re: JAX-RS Now Available in Git (arjan tijms)
   2. Re: JAX-RS Now Available in Git (Gaurav Gupta)


----------------------------------------------------------------------

Message: 1
Date: Sat, 20 Jan 2018 14:49:05 +0000
From: arjan tijms <arjan.tijms@xxxxxxxxx>
To: EE4J community discussions <ee4j-community@xxxxxxxxxxx>
Subject: Re: [ee4j-community] JAX-RS Now Available in Git
Message-ID:
        <CAE=-AhAT1f7ROt4wQw0044Siz53u-sQYLqUdEZ9ucQYKchOC9g@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="utf-8"

Hi,

Indeed, JAX-RS is pretty stable. There's a few gaps in how security works
in a standard way without any explicit (or even implicit) dependency on
Servlet, so that would be a good thing to address. These gaps become
painfully obvious in the MicroProfile project, where an ad-hoc mechanism
had to be invented on the spot (the not really ideal @LoginConfig
annotation) to setup security.

There's also some security "backbone" missing, making it hard to answer
security queries like: "to which JAX-RS methods (endpoints) does the
current caller have access".

Kind regards,
Arjan Tijms




On Sat, Jan 20, 2018 at 12:52 PM, reza_rahman <reza_rahman@xxxxxxxxx> wrote:

> +1. This is what I had in mind for JAX-RS too. In addition, JAX-RS needs
> to support Java SE 9 modules and possibly reactive streams.
>
> Other than this, I think JAX-RS is pretty much stable. I really think a
> "minor player" like someone from the community or the CXF folks could take
> over JAX-RS now (hint, hint :-)). This will allow the "big guys" to focus
> on where the heavy lifting is necessary.
>
> Sent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone
>
> -------- Original message --------
> From: arjan tijms <arjan.tijms@xxxxxxxxx>
> Date: 1/19/18 5:41 PM (GMT-05:00)
> To: EE4J community discussions <ee4j-community@xxxxxxxxxxx>
> Subject: Re: [ee4j-community] JAX-RS Now Available in Git
>
> Super news! :)
>
> I hope we can start work on evolving the API soon.
>
> My two initial proposals would be to further align with CDI and to define
> support for the existing javax.annotation.security.RolesAllowed
> annotation (several JAX-RS implementations already support that in a
> proprietary way, and MicroProfile JWT-AUTH defines this for JAX-RS as well).
>
> Kind regards,
> Arjan Tijms
>
>
>
>
>
> On Fri, Jan 19, 2018 at 9:53 PM, dmitry.kornilov <
> dmitry.kornilov@xxxxxxxxxx> wrote:
>
>> Great job, Santiago! Thank you very much!
>>
>> -- Dmitry
>>
>> ?????????? ?? ????????? Samsung Galaxy.
>>
>> -------- ???????? ????????? --------
>> ??: Santiago Pericas-Geertsen <Santiago.PericasGeertsen@xxxxxxxxxx>
>> ????: 19.01.18 22:37 (GMT+01:00)
>> ????: ee4j-community@xxxxxxxxxxx
>> ????: [ee4j-community] JAX-RS Now Available in Git
>>
>> All,
>>
>>  The JAX-RS API sources are now available at [1].
>>
>> ? Santiago
>>
>> [1] https://github.com/eclipse-ee4j/jaxrs-api
>>
>> _______________________________________________
>> ee4j-community mailing list
>> ee4j-community@xxxxxxxxxxx
>> To change your delivery options, retrieve your password, or unsubscribe
>> from this list, visit
>> https://dev.eclipse.org/mailman/listinfo/ee4j-community
>>
>>
>
> _______________________________________________
> ee4j-community mailing list
> ee4j-community@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe
> from this list, visit
> https://dev.eclipse.org/mailman/listinfo/ee4j-community
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dev.eclipse.org/mailman/private/ee4j-community/attachments/20180120/bf6b12f7/attachment.html>

------------------------------

Message: 2
Date: Sat, 20 Jan 2018 21:24:05 +0530
From: Gaurav Gupta <gaurav.gupta.jc@xxxxxxxxx>
To: EE4J community discussions <ee4j-community@xxxxxxxxxxx>
Subject: Re: [ee4j-community] JAX-RS Now Available in Git
Message-ID:
        <CA+QLtA6KVdguQzBttbftcSHhb7u_gdD-88nutCYtmqesjHXi3g@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="utf-8"

+1 for javax.annotation.security.RolesAllowed annotation support

Thanks and kind regards,
Gaurav Gupta
<https://twitter.com/ImJeddict>  <https://jeddict.github.io/>
<https://www.youtube.com/JPAModeler>




On Sat, Jan 20, 2018 at 8:19 PM, arjan tijms <arjan.tijms@xxxxxxxxx> wrote:

> Hi,
>
> Indeed, JAX-RS is pretty stable. There's a few gaps in how security works
> in a standard way without any explicit (or even implicit) dependency on
> Servlet, so that would be a good thing to address. These gaps become
> painfully obvious in the MicroProfile project, where an ad-hoc mechanism
> had to be invented on the spot (the not really ideal @LoginConfig
> annotation) to setup security.
>
> There's also some security "backbone" missing, making it hard to answer
> security queries like: "to which JAX-RS methods (endpoints) does the
> current caller have access".
>
> Kind regards,
> Arjan Tijms
>
>
>
>
> On Sat, Jan 20, 2018 at 12:52 PM, reza_rahman <reza_rahman@xxxxxxxxx>
> wrote:
>
>> +1. This is what I had in mind for JAX-RS too. In addition, JAX-RS needs
>> to support Java SE 9 modules and possibly reactive streams.
>>
>> Other than this, I think JAX-RS is pretty much stable. I really think a
>> "minor player" like someone from the community or the CXF folks could take
>> over JAX-RS now (hint, hint :-)). This will allow the "big guys" to focus
>> on where the heavy lifting is necessary.
>>
>> Sent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone
>>
>> -------- Original message --------
>> From: arjan tijms <arjan.tijms@xxxxxxxxx>
>> Date: 1/19/18 5:41 PM (GMT-05:00)
>> To: EE4J community discussions <ee4j-community@xxxxxxxxxxx>
>> Subject: Re: [ee4j-community] JAX-RS Now Available in Git
>>
>> Super news! :)
>>
>> I hope we can start work on evolving the API soon.
>>
>> My two initial proposals would be to further align with CDI and to define
>> support for the existing javax.annotation.security.RolesAllowed
>> annotation (several JAX-RS implementations already support that in a
>> proprietary way, and MicroProfile JWT-AUTH defines this for JAX-RS as well).
>>
>> Kind regards,
>> Arjan Tijms
>>
>>
>>
>>
>>
>> On Fri, Jan 19, 2018 at 9:53 PM, dmitry.kornilov <
>> dmitry.kornilov@xxxxxxxxxx> wrote:
>>
>>> Great job, Santiago! Thank you very much!
>>>
>>> -- Dmitry
>>>
>>> ?????????? ?? ????????? Samsung Galaxy.
>>>
>>> -------- ???????? ????????? --------
>>> ??: Santiago Pericas-Geertsen <Santiago.PericasGeertsen@xxxxxxxxxx>
>>> ????: 19.01.18 22:37 (GMT+01:00)
>>> ????: ee4j-community@xxxxxxxxxxx
>>> ????: [ee4j-community] JAX-RS Now Available in Git
>>>
>>> All,
>>>
>>>  The JAX-RS API sources are now available at [1].
>>>
>>> ? Santiago
>>>
>>> [1] https://github.com/eclipse-ee4j/jaxrs-api
>>>
>>> _______________________________________________
>>> ee4j-community mailing list
>>> ee4j-community@xxxxxxxxxxx
>>> To change your delivery options, retrieve your password, or unsubscribe
>>> from this list, visit
>>> https://dev.eclipse.org/mailman/listinfo/ee4j-community
>>>
>>>
>>
>> _______________________________________________
>> ee4j-community mailing list
>> ee4j-community@xxxxxxxxxxx
>> To change your delivery options, retrieve your password, or unsubscribe
>> from this list, visit
>> https://dev.eclipse.org/mailman/listinfo/ee4j-community
>>
>>
>
> _______________________________________________
> ee4j-community mailing list
> ee4j-community@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe
> from this list, visit
> https://dev.eclipse.org/mailman/listinfo/ee4j-community
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dev.eclipse.org/mailman/private/ee4j-community/attachments/20180120/9976e639/attachment.html>

------------------------------

_______________________________________________
ee4j-community mailing list
ee4j-community@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/ee4j-community


End of ee4j-community Digest, Vol 5, Issue 73
*********************************************

 

 

_______________________________________________
ee4j-community mailing list
ee4j-community@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/ee4j-community

Back to the top