J2EE licencees gather at Sun Tech Forum to discuss J2EE 1.3

Discussions

News: J2EE licencees gather at Sun Tech Forum to discuss J2EE 1.3

  1. In October, Sun hosted technical forum for the 20 J2EE licenees where representatives from the vendors gathers for three days with Sun architects and engineers to get last minute details on J2EE 1.3. Items discussed included issues with J2EE compatibility such as the CTS tests, cross server interoperability and more. Its nice to see how the J2EE 'providers' work together behind the scenes.

    Read about the J2EE 1.3 Compatibility Tech Forum.
  2. Its nice to see how the J2EE 'providers' work together >behind the scenes.


    Riiiiight...

    Bet JBoss wasn't invited to this little industry love-fest.
  3. AFAIK, JBoss is not a J2EE Licensee (because of the fees, I imagine).

  4. Security, security, security! Integrate JAAS! Please!
  5. JAAS is already part of the J2EE spec.

    See for example:

    BEA AS:

    http://e-docs.bea.com/wls/docs61/security/prog.html#1039659

    and for jBoss of course ;-)

    http://www.jboss.org/online-manual/HTML/ch12s78.html
    and
    http://www.javaworld.com/javaworld/jw-08-2001/jw-0831-jaas.html

    Thierry
    Jyperion.org
  6. Those are proprietary implementations - not portable, not part of the J2EE spec.

    Also, if you look closely, Weblogic only supports authentication, not authorization.
  7. It supports both authentication and authorization
  8. J2EE 1.3 spec.

    Section 2.6, "J2EE Standard Services"

    JAAS is defined in 2.6.13

    Section 6.1 as well, "Required API"
    and 6.13 as well.

    To sum up, you cannot miss it.

    Thierry
  9. Thierry, my humble apologies. You were wrong about one thing though, apparently I <i>could</i> miss it ;-)

    Also, following your link to the BEA implementation, I find "Note: The authorization component of JAAS is not provided in WebLogic Server." Is there a service pack or patch that enables authorization?



  10. JAAS is a required API but implementation of the API is not required. Like JMS in J2EE 1.2. So no vendor is forced to build it's own security model around JAAS.