Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [ee4j-community] JAX-RS Now Available in Git


On Sun, Jan 21, 2018 at 12:14 AM, John D. Ament <john.d.ament@xxxxxxxxx> wrote:
Assuming you mean the Apache License (since ASL stands for Amazon Software License), I believe you are correct. 

I think it was also called out when the MicroProfile project was created that other projects within Eclipse wouldn't be able to directly use the source code due to the single Apache License state of all features.  Since its the original authors' IP, you would need those authors to relicense the IP.


I don't think it's a question of "how" the MicroProfile project should be re-licensed to EPL, given that MicroProfile is still a new project and is unlikely that many folks would be using it for critical applications in production at this point of time. So, the impact of re-licensing on downstream product implementations and service offerings might not be that great at this point of time. But, it is a question of "whether" the MicroProfile should go down the path of EPL considering that most other technologies and platforms such as OpenStack, Cloud Foundry etc. in the open source cloud ecosystem are widely using the Apache License. While the current licensing incompatibilities with the existing EE4J implementations are known, the risk of future license incompatibilities (and the consequent risk of adoption) with other open source cloud technologies and platforms cannot be underestimated. This is a decision that the MicroProfile stakeholders need to take.

-Mrinal


On Sat, Jan 20, 2018 at 1:25 PM Mrinal Kanti M <mrinal.kanti@xxxxxxxxx> wrote:

I think there is a potential license compatibility issue with using EPL2/GPL2CE licensed code in ASL which is used by MicroProfile (probably due to the one-way-only compatibility). I believe this was discussed in the context of the Ozark project during the last PMC meeting of Jan 9.

 

 

From: Werner Keil
Sent: 20 January 2018 23:36
To: EE4J community discussions


Subject: Re: [ee4j-community] JAX-RS Now Available in Git

 

> These gaps become painfully obvious in the MicroProfile project, where an ad-hoc mechanism had to be invented

 

I said earlier on, this MicroProfile "REST Client" was a bit of a fork and should better be integrated with JAX-RS in EE4J. As both are Eclipse projects doing so should not be difficult. Sooner or later e.g. MicroProfile Config will also be retired in favor of JSR 382 or just remain a bridge like apache-commons-logging.

 

Werner

 

 

On Sat, Jan 20, 2018 at 6:00 PM, <ee4j-community-request@eclipse.org> wrote:

Send ee4j-community mailing list submissions to
        ee4j-community@xxxxxxxxxxx

To subscribe or unsubscribe via the World Wide Web, visit
        https://dev.eclipse.org/mailman/listinfo/ee4j-community
or, via email, send a message with subject or body 'help' to
        ee4j-community-request@eclipse.org

You can reach the person managing the list at
        ee4j-community-owner@eclipse.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of ee4j-community digest..."


Today's Topics:

   1. Re: JAX-RS Now Available in Git (arjan tijms)
   2. Re: JAX-RS Now Available in Git (Gaurav Gupta)


----------------------------------------------------------------------

Message: 1
Date: Sat, 20 Jan 2018 14:49:05 +0000
From: arjan tijms <arjan.tijms@xxxxxxxxx>
To: EE4J community discussions <ee4j-community@xxxxxxxxxxx>
Subject: Re: [ee4j-community] JAX-RS Now Available in Git
Message-ID:
        <CAE=-AhAT1f7ROt4wQw0044Siz53u-sQYLqUdEZ9ucQYKchOC9g@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

Hi,

Indeed, JAX-RS is pretty stable. There's a few gaps in how security works
in a standard way without any explicit (or even implicit) dependency on
Servlet, so that would be a good thing to address. These gaps become
painfully obvious in the MicroProfile project, where an ad-hoc mechanism
had to be invented on the spot (the not really ideal @LoginConfig
annotation) to setup security.

There's also some security "backbone" missing, making it hard to answer
security queries like: "to which JAX-RS methods (endpoints) does the
current caller have access".

Kind regards,
Arjan Tijms




On Sat, Jan 20, 2018 at 12:52 PM, reza_rahman <reza_rahman@xxxxxxxxx> wrote:

> +1. This is what I had in mind for JAX-RS too. In addition, JAX-RS needs
> to support Java SE 9 modules and possibly reactive streams.
>
> Other than this, I think JAX-RS is pretty much stable. I really think a
> "minor player" like someone from the community or the CXF folks could take
> over JAX-RS now (hint, hint :-)). This will allow the "big guys" to focus
> on where the heavy lifting is necessary.
>
> Sent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone
>
> -------- Original message --------
> From: arjan tijms <arjan.tijms@xxxxxxxxx>
> Date: 1/19/18 5:41 PM (GMT-05:00)
> To: EE4J community discussions <ee4j-community@xxxxxxxxxxx>
> Subject: Re: [ee4j-community] JAX-RS Now Available in Git
>
> Super news! :)
>
> I hope we can start work on evolving the API soon.
>
> My two initial proposals would be to further align with CDI and to define
> support for the existing javax.annotation.security.RolesAllowed
> annotation (several JAX-RS implementations already support that in a
> proprietary way, and MicroProfile JWT-AUTH defines this for JAX-RS as well).
>
> Kind regards,
> Arjan Tijms
>
>
>
>
>
> On Fri, Jan 19, 2018 at 9:53 PM, dmitry.kornilov <
> dmitry.kornilov@xxxxxxxxxx> wrote:
>
>> Great job, Santiago! Thank you very much!
>>
>> -- Dmitry
>>
>> ?????????? ?? ????????? Samsung Galaxy.
>>
>> -------- ???????? ????????? --------
>> ??: Santiago Pericas-Geertsen <Santiago.PericasGeertsen@oracle.com>
>> ????: 19.01.18 22:37 (GMT+01:00)
>> ????: ee4j-community@xxxxxxxxxxx
>> ????: [ee4j-community] JAX-RS Now Available in Git
>>
>> All,
>>
>>  The JAX-RS API sources are now available at [1].
>>
>> ? Santiago
>>
>> [1] https://github.com/eclipse-ee4j/jaxrs-api
>>
>> _______________________________________________
>> ee4j-community mailing list
>> ee4j-community@xxxxxxxxxxx
>> To change your delivery options, retrieve your password, or unsubscribe
>> from this list, visit
>> https://dev.eclipse.org/mailman/listinfo/ee4j-community
>>
>>
>
> _______________________________________________
> ee4j-community mailing list
> ee4j-community@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe
> from this list, visit
> https://dev.eclipse.org/mailman/listinfo/ee4j-community
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dev.eclipse.org/mailman/private/ee4j-community/attachments/20180120/bf6b12f7/attachment.html>

------------------------------

Message: 2
Date: Sat, 20 Jan 2018 21:24:05 +0530
From: Gaurav Gupta <gaurav.gupta.jc@xxxxxxxxx>
To: EE4J community discussions <ee4j-community@xxxxxxxxxxx>
Subject: Re: [ee4j-community] JAX-RS Now Available in Git
Message-ID:
        <CA+QLtA6KVdguQzBttbftcSHhb7u_gdD-88nutCYtmqesjHXi3g@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

+1 for javax.annotation.security.RolesAllowed annotation support

Thanks and kind regards,
Gaurav Gupta
<https://twitter.com/ImJeddict>  <https://jeddict.github.io/>
<https://www.youtube.com/JPAModeler>




On Sat, Jan 20, 2018 at 8:19 PM, arjan tijms <arjan.tijms@xxxxxxxxx> wrote:

> Hi,
>
> Indeed, JAX-RS is pretty stable. There's a few gaps in how security works
> in a standard way without any explicit (or even implicit) dependency on
> Servlet, so that would be a good thing to address. These gaps become
> painfully obvious in the MicroProfile project, where an ad-hoc mechanism
> had to be invented on the spot (the not really ideal @LoginConfig
> annotation) to setup security.
>
> There's also some security "backbone" missing, making it hard to answer
> security queries like: "to which JAX-RS methods (endpoints) does the
> current caller have access".
>
> Kind regards,
> Arjan Tijms
>
>
>
>
> On Sat, Jan 20, 2018 at 12:52 PM, reza_rahman <reza_rahman@xxxxxxxxx>
> wrote:
>
>> +1. This is what I had in mind for JAX-RS too. In addition, JAX-RS needs
>> to support Java SE 9 modules and possibly reactive streams.
>>
>> Other than this, I think JAX-RS is pretty much stable. I really think a
>> "minor player" like someone from the community or the CXF folks could take
>> over JAX-RS now (hint, hint :-)). This will allow the "big guys" to focus
>> on where the heavy lifting is necessary.
>>
>> Sent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone
>>
>> -------- Original message --------
>> From: arjan tijms <arjan.tijms@xxxxxxxxx>
>> Date: 1/19/18 5:41 PM (GMT-05:00)
>> To: EE4J community discussions <ee4j-community@xxxxxxxxxxx>
>> Subject: Re: [ee4j-community] JAX-RS Now Available in Git
>>
>> Super news! :)
>>
>> I hope we can start work on evolving the API soon.
>>
>> My two initial proposals would be to further align with CDI and to define
>> support for the existing javax.annotation.security.RolesAllowed
>> annotation (several JAX-RS implementations already support that in a
>> proprietary way, and MicroProfile JWT-AUTH defines this for JAX-RS as well).
>>
>> Kind regards,
>> Arjan Tijms
>>
>>
>>
>>
>>
>> On Fri, Jan 19, 2018 at 9:53 PM, dmitry.kornilov <
>> dmitry.kornilov@xxxxxxxxxx> wrote:
>>
>>> Great job, Santiago! Thank you very much!
>>>
>>> -- Dmitry
>>>
>>> ?????????? ?? ????????? Samsung Galaxy.
>>>
>>> -------- ???????? ????????? --------
>>> ??: Santiago Pericas-Geertsen <Santiago.PericasGeertsen@oracle.com>
>>> ????: 19.01.18 22:37 (GMT+01:00)
>>> ????: ee4j-community@xxxxxxxxxxx
>>> ????: [ee4j-community] JAX-RS Now Available in Git
>>>
>>> All,
>>>
>>>  The JAX-RS API sources are now available at [1].
>>>
>>> ? Santiago
>>>
>>> [1] https://github.com/eclipse-ee4j/jaxrs-api
>>>
>>> _______________________________________________
>>> ee4j-community mailing list
>>> ee4j-community@xxxxxxxxxxx
>>> To change your delivery options, retrieve your password, or unsubscribe
>>> from this list, visit
>>> https://dev.eclipse.org/mailman/listinfo/ee4j-community
>>>
>>>
>>
>> _______________________________________________
>> ee4j-community mailing list
>> ee4j-community@xxxxxxxxxxx
>> To change your delivery options, retrieve your password, or unsubscribe
>> from this list, visit
>> https://dev.eclipse.org/mailman/listinfo/ee4j-community
>>
>>
>
> _______________________________________________
> ee4j-community mailing list
> ee4j-community@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe
> from this list, visit
> https://dev.eclipse.org/mailman/listinfo/ee4j-community
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dev.eclipse.org/mailman/private/ee4j-community/attachments/20180120/9976e639/attachment.html>

------------------------------

_______________________________________________
ee4j-community mailing list
ee4j-community@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/ee4j-community


End of ee4j-community Digest, Vol 5, Issue 73
*********************************************

 

 

_______________________________________________
ee4j-community mailing list
ee4j-community@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/ee4j-community

_______________________________________________
ee4j-community mailing list
ee4j-community@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/ee4j-community


Back to the top