Re: Java EE Security.next and JWT (JSON Web Tokens)


Will Hopkins
 

I have reached out to JetBrains to:
  • Provide them with an updated spec and javadoc that I think should address at least some of their concerns.
  • Explain the decision we made to not implement OpenID Connect or OAuth2 based on the limited time we had to complete the JSR, and our view that JSR-375 is nonetheless useful on its own merits, and as a foundation on which things like OpenID Connect can be implemented.
  • Request more information about their concerns.

They've said they'll respond with more information; hopefully we can address their concerns.

Will


On 07/10/2017 09:27 PM, David Blevins wrote:
Let me add I fully understand someone largely inactive popping up a the finish line and asking a massive scope creep question is frustrating.  I am understandably patient and really just curious on our thoughts.

-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803

Join javaee-security-spec@javaee.groups.io to automatically receive all group messages.