Date   

Re: Release 1.0 to Maven central?

Guillermo González de Agüero
 

Thanks Arjan, I was about to request exactly this.


Regards,

Guillermo González de Agüero


On mar., 5 de septiembre de 2017 17:47 Arjan Tijms <arjan.tijms@...> wrote:
Hi,

Currently Maven central only has the b07 release. See http://central.maven.org/maven2/org/glassfish/soteria/javax.security.enterprise

It would perhaps be a good idea to release 1.0 too ;)

Kind regards,
Arjan Tijms


Release 1.0 to Maven central?

Arjan Tijms
 

Hi,

Currently Maven central only has the b07 release. See http://central.maven.org/maven2/org/glassfish/soteria/javax.security.enterprise

It would perhaps be a good idea to release 1.0 too ;)

Kind regards,
Arjan Tijms


GDPR: It’s Time to Comply

Werner Keil
 

This overlaps with JavaOne, but maybe someone in Europe or the UK who can't make it to JavaOne this year could also enjoy this Security event.

Kind Regards,

Werner 


---------- Forwarded message ----------
From: Silicon.co.uk <info@...>
Date: Tue, Aug 29, 2017 at 11:00 AM
Subject: GDPR: It’s Time to Comply
To: werner


View online

Unsubscribe

Register FREE now and save £35!

SPEAKERS SEMINARS EXHIBITORS REGISTER FREE*
ARE YOU PREPARED FOR GDPR?

The European ruling on the General Data Protection Regulation (GDPR) will apply in the UK from 25 May 2018.

A violation of GDPR, such as poor data security, could result in a fine of over 20 million euros or 4% of your company’s net income, and time to prepare is running out.

Complying with GDPR regulations is paramount to your business, but what do you need to know?

Register FREE* now for Cyber Security Europe 2017 on 4-5 October at ExCeL London and make sure you are prepared by attending our seminar programme solely dedicated to
GDPR
.

GDPR SEMINAR SESSIONS
GDPR AND THE WORK-TIME PARADOX
Stewart Room | Global Head of Cyber Security and Data Protection Legal Services | PwC
Thurs 5th Oct | 14:10 - 14:50 | Cyber Hack Theatre
HOW TO TACKLE THE GDPR: A TYPICAL PRIVACY & SECURITY ROADMAP
Ian Evans | Managing Director | OneTrust
Thurs 5th Oct | 14:10 - 14:50 | Cyber Hack Theatre
GDPR BLUEPRINT
Jason Hart | CTO | Gemalto
Wed 4th Oct | 14:20 - 14:50 | CARM Theatre
COMPLIANCE AS CODE: DEVOPS MEETS GDPR
Joe Gardiner | Compliance Architect | Chef
Thurs 5th Oct | 12:20 - 12:50 | Continuous Delivery Theatre
THE GDPR COUNTDOWN IS ON! ARE YOU READY?
Joanne Bone | Partner | Irwin Mitchell LLP
Thurs 5th Oct | 15:00 - 15:30 | Cyber Security Keynote Theatre
REDUCING NETWORK COMPLEXITY CHALLENGES FOR SECURING
IOT & CLOUD ENVIRONMENTS TO ACHIEVE GDPR COMPLIANCE

Reggie Best | Chief Product Officer | Lumeta Corporation
Wed 4th Oct | 15:40 - 16:10 | Cyber Threat Protection Theatre
A DAY IN THE LIFE OF A GDPR BREACH
Robert Farnod | Security Specialist, EMEA | Splunk, Inc.
Thurs 5th Oct | 13:00 - 13:30 | Future of Threat Intelligence Theatre
ELIMINATE GDPR FINES, PHISHING AND SHADOW IT - WITH ONE MOVE!
Mike Newman | CEO | My1Login
Thurs 5th Oct | 14:20 - 14:50 | Identity & Access Management Theatre
Register FREE today and save £35*
4 - 5 October - ExCeL London
Cyber Security Europe 2017 is located at IP EXPO Europe at ExCeL London on 4-5 October 2017.
2017 Sponsors
BAE Systems Blue Cat BrookCourt Solutions Darktrace
Duo Security Exclusive Networks Forcepoint Kaspersky Labs
Malwarebytes Nuvias OneTrust Sophos
Capita Security
 
Facebook Twitter LinkedIn

Cyber Security Europe is located at IP EXPO Europe 2017 and co-located with MACHINA Summit.AI. Registration will allow access to all events.

*Visitors not registered by 19:00 on 03.10.17 will be charged a fee of £35

DO NOT REPLY TO THIS MESSAGE.

Copyright 2017 - Imago Techmedia Imago Techmedia Ltd.
Place of registration: England and Wales. Registered company number 04865455. Registered Address: Bedford House, Fulham Green, 69-79 Fulham High Street, London, SW6 3JW, United Kingdom.

This message was sent to you because you signed up to receive email from NetMediaEurope. Unsubscribe from this list

 

 



Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Will Hopkins
 

Yes, I'll be adding it to gh-pages, but I've got a number of tasks on my list ahead of that.

IIRC, though, the existing content is all .pdf, .ppt, .doc, etc. -- nothing I can recall that would need to be converted to asciidoc. There was really very little content there, other than general information of the kind that's already on the new site, and a number of presentations/documents that I think we should just host in their existing format.

Will

On 08/23/2017 08:55 AM, Guillermo González de Agüero wrote:
Hi Will,

Will you be able to upload somewhere/share the java.net missing content?

We take take care of adapting it to AsciiDoc.


Regards,

Guillermo González de Agüero

El mié., 23 de agosto de 2017 14:46, Will Hopkins <will.hopkins@...> escribió:
No gaurantees on how much of that we'll be able to do, but some, at least, will likely be adapted for the Java EE tutorial.

On August 23, 2017 4:52:06 AM EDT, Werner Keil <werner.keil@...> wrote:
Will,

Thanks for letting us know. After the examples are in the main Java EE organization, I trust they can also be adjusted to match the final state of the JSR ;-)
So those of us who present Java Security at JavaOne or elsewhere can use them.

Regards,
Werner

--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803

-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Developer Experience
35 Network Drive, Burlington, MA 01803


Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Michael Remijan
 

Thanks!  I will look into these


On Wednesday, August 23, 2017 8:18 AM, Guillermo González de Agüero <z06.guillermo@...> wrote:


Also keep an eye on the (unofficial) Java EE 8 samples repo: https://github.com/javaee-samples/javaee8-samples/tree/master/security

Arjan and other members of the Payara team are these days starting to add content there. At least Payara 5 is tested against those examples so you have a guarantee that they work.


Regards,

Guillermo González de Agüero

El mié., 23 de agosto de 2017 15:10, Guillermo González de Agüero <z06.guillermo@...> escribió:
Hi Michael,

You can have a look at Soteria (RI) integration tests. They are a very good starting point: https://github.com/javaee/security-soteria/tree/master/test

Please report us any problem you find!


Regards,

Guillermo González de Agüero


El mié., 23 de agosto de 2017 15:07, Michael Remijan via Groups.Io <mjremijan=yahoo.com@groups.io> escribió:
That would be very helpful. I will be presenting on Java Security and I'm at the point now where I want to start migrating my JASPIC examples to Security API (Is JSA the acronym agreed on?).  I'm hoping this migration will be pretty easy, but of course, just need to start looking at some examples :)


On Wednesday, August 23, 2017 3:52 AM, Werner Keil <werner.keil@...> wrote:


Will,

Thanks for letting us know. After the examples are in the main Java EE organization, I trust they can also be adjusted to match the final state of the JSR ;-)
So those of us who present Java Security at JavaOne or elsewhere can use them.

Regards,
Werner





Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Will Hopkins
 

Good point, Werner.

On 08/23/2017 09:55 AM, Werner Keil wrote:
All,

At the moment Rudy's poll has "EE Security" before "JSA" and "JSEC". 
Can we please ensure, that the final acronym remains valid even after Java EE was turned Open Source?
With all the various acronyms like "JPA", "JMS" or "JSF" both the 2nd and 3rd choice feel very safe, but after the Java EE branding discussion we heard (especially all who are also in the EC) calling it "EE Security" will require a distinct confirmation, that "EE" does not fall under any of these Oracle brand names, otherwise please let's use one of those starting with J*.

Thanks,
Werner

-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Developer Experience
35 Network Drive, Burlington, MA 01803


Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Will Hopkins
 

Hi Rudy,

Let's leave it open a little longer -- I haven't voted yet and I've got a few things on my plate ahead of that. Based on the responses so far, I wonder if we should base the result on the votes of EG members/Contributors vs. the community at large, because there seems to be some divergence of opinion, and "EE Security" isn't precisely an acronym.

I'll try to come back to that later in the week.

Will

On 08/23/2017 09:42 AM, Rudy De Busscher wrote:
Hi Michael,

The "EE Security" option has the most votes for the moment in the poll, so it will probably not be JSA.

@Will,

When do I close the poll and post the results here on the mailing list.

Best regards
Rudy





On 23 August 2017 at 12:48, Michael Remijan via Groups.Io <mjremijan@...> wrote:
That would be very helpful. I will be presenting on Java Security and I'm at the point now where I want to start migrating my JASPIC examples to Security API (Is JSA the acronym agreed on?).  I'm hoping this migration will be pretty easy, but of course, just need to start looking at some examples :)


On Wednesday, August 23, 2017 3:52 AM, Werner Keil <werner.keil@...> wrote:


Will,

Thanks for letting us know. After the examples are in the main Java EE organization, I trust they can also be adjusted to match the final state of the JSR ;-)
So those of us who present Java Security at JavaOne or elsewhere can use them.

Regards,
Werner




-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Developer Experience
35 Network Drive, Burlington, MA 01803


Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Werner Keil
 

All,

At the moment Rudy's poll has "EE Security" before "JSA" and "JSEC". 
Can we please ensure, that the final acronym remains valid even after Java EE was turned Open Source?
With all the various acronyms like "JPA", "JMS" or "JSF" both the 2nd and 3rd choice feel very safe, but after the Java EE branding discussion we heard (especially all who are also in the EC) calling it "EE Security" will require a distinct confirmation, that "EE" does not fall under any of these Oracle brand names, otherwise please let's use one of those starting with J*.

Thanks,
Werner


Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Werner Keil
 

All,

Thanks Rudy for the update on the poll. As long as the term "EE" will not be disallowed in the very near future, I find it OK.
Otherwise if "Java EE" or abbreviations must not  be used by the upcoming "Open Enterprise Foundation for Java" or whatever , could we rather use something that does not have to change with the next Security JSR?;-)

Regards,
Werner


Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Rudy De Busscher
 

Hi Michael,

The "EE Security" option has the most votes for the moment in the poll, so it will probably not be JSA.

@Will,

When do I close the poll and post the results here on the mailing list.

Best regards
Rudy





On 23 August 2017 at 12:48, Michael Remijan via Groups.Io <mjremijan@...> wrote:
That would be very helpful. I will be presenting on Java Security and I'm at the point now where I want to start migrating my JASPIC examples to Security API (Is JSA the acronym agreed on?).  I'm hoping this migration will be pretty easy, but of course, just need to start looking at some examples :)


On Wednesday, August 23, 2017 3:52 AM, Werner Keil <werner.keil@...> wrote:


Will,

Thanks for letting us know. After the examples are in the main Java EE organization, I trust they can also be adjusted to match the final state of the JSR ;-)
So those of us who present Java Security at JavaOne or elsewhere can use them.

Regards,
Werner




Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Guillermo González de Agüero
 

Also keep an eye on the (unofficial) Java EE 8 samples repo: https://github.com/javaee-samples/javaee8-samples/tree/master/security

Arjan and other members of the Payara team are these days starting to add content there. At least Payara 5 is tested against those examples so you have a guarantee that they work.


Regards,

Guillermo González de Agüero

El mié., 23 de agosto de 2017 15:10, Guillermo González de Agüero <z06.guillermo@...> escribió:
Hi Michael,

You can have a look at Soteria (RI) integration tests. They are a very good starting point: https://github.com/javaee/security-soteria/tree/master/test

Please report us any problem you find!


Regards,

Guillermo González de Agüero


El mié., 23 de agosto de 2017 15:07, Michael Remijan via Groups.Io <mjremijan=yahoo.com@groups.io> escribió:
That would be very helpful. I will be presenting on Java Security and I'm at the point now where I want to start migrating my JASPIC examples to Security API (Is JSA the acronym agreed on?).  I'm hoping this migration will be pretty easy, but of course, just need to start looking at some examples :)


On Wednesday, August 23, 2017 3:52 AM, Werner Keil <werner.keil@...> wrote:


Will,

Thanks for letting us know. After the examples are in the main Java EE organization, I trust they can also be adjusted to match the final state of the JSR ;-)
So those of us who present Java Security at JavaOne or elsewhere can use them.

Regards,
Werner



Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Guillermo González de Agüero
 

Hi Michael,

You can have a look at Soteria (RI) integration tests. They are a very good starting point: https://github.com/javaee/security-soteria/tree/master/test

Please report us any problem you find!


Regards,

Guillermo González de Agüero


El mié., 23 de agosto de 2017 15:07, Michael Remijan via Groups.Io <mjremijan=yahoo.com@groups.io> escribió:
That would be very helpful. I will be presenting on Java Security and I'm at the point now where I want to start migrating my JASPIC examples to Security API (Is JSA the acronym agreed on?).  I'm hoping this migration will be pretty easy, but of course, just need to start looking at some examples :)


On Wednesday, August 23, 2017 3:52 AM, Werner Keil <werner.keil@...> wrote:


Will,

Thanks for letting us know. After the examples are in the main Java EE organization, I trust they can also be adjusted to match the final state of the JSR ;-)
So those of us who present Java Security at JavaOne or elsewhere can use them.

Regards,
Werner



Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Michael Remijan
 

That would be very helpful. I will be presenting on Java Security and I'm at the point now where I want to start migrating my JASPIC examples to Security API (Is JSA the acronym agreed on?).  I'm hoping this migration will be pretty easy, but of course, just need to start looking at some examples :)


On Wednesday, August 23, 2017 3:52 AM, Werner Keil <werner.keil@...> wrote:


Will,

Thanks for letting us know. After the examples are in the main Java EE organization, I trust they can also be adjusted to match the final state of the JSR ;-)
So those of us who present Java Security at JavaOne or elsewhere can use them.

Regards,
Werner



Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Guillermo González de Agüero
 

Hi Will,

Will you be able to upload somewhere/share the java.net missing content?

We take take care of adapting it to AsciiDoc.


Regards,

Guillermo González de Agüero


El mié., 23 de agosto de 2017 14:46, Will Hopkins <will.hopkins@...> escribió:
No gaurantees on how much of that we'll be able to do, but some, at least, will likely be adapted for the Java EE tutorial.

On August 23, 2017 4:52:06 AM EDT, Werner Keil <werner.keil@...> wrote:
Will,

Thanks for letting us know. After the examples are in the main Java EE organization, I trust they can also be adjusted to match the final state of the JSR ;-)
So those of us who present Java Security at JavaOne or elsewhere can use them.

Regards,
Werner

--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803


Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Will Hopkins
 

No gaurantees on how much of that we'll be able to do, but some, at least, will likely be adapted for the Java EE tutorial.


On August 23, 2017 4:52:06 AM EDT, Werner Keil <werner.keil@...> wrote:
Will,

Thanks for letting us know. After the examples are in the main Java EE organization, I trust they can also be adjusted to match the final state of the JSR ;-)
So those of us who present Java Security at JavaOne or elsewhere can use them.

Regards,
Werner

--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803


Re: NOTICE: Moving the security-examples repo to JavaEE tonight

Werner Keil
 

Will,

Thanks for letting us know. After the examples are in the main Java EE organization, I trust they can also be adjusted to match the final state of the JSR ;-)
So those of us who present Java Security at JavaOne or elsewhere can use them.

Regards,
Werner


NOTICE: Moving the security-examples repo to JavaEE tonight

Will Hopkins
 

If anyone's working in the github.com/javaee-security-spec/security-examples repo, please note that I'll be moving it to the Java EE org (github.com/javaee) sometime in the next 12 hours.

All forks, clones, links, etc., should follow the repo when it moves, so there will be a minimum of disruption, but I can't say what will happen if you're in the middle of pushing, fetching, merging, etc. when I hit the "transfer" button.

I recommend creating a new clone/fork after the move, as the javaee-security-spec organization will be going away at some point in the not-too-distant future.

Regards,

Will
-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Developer Experience
35 Network Drive, Burlington, MA 01803


Re: Final Approval Ballot passes! :)

Arjan Tijms
 

Thanks again to everyone involved! I did a lot of the work and pushing indeed, but honestly could not have pulled this of without people such as Guillermo, Rudy, Werner and others :) Will had a hard time coming in mid-stream, but I think everything worked out in the end ;)

On Tue, Aug 22, 2017 at 10:28 am, Will Hopkins wrote:
I'd also like to thank Alex for his work getting this JSR off the ground -- putting together the original proposal, forming the expert group, and leading the initial rounds of specification work. We would not have a spec today without him, either!
It's indeed important not to forget Alex. Indeed, he not only did a lot of work of getting the JSR off the ground, but he also set up much of the base types like the IdentityStore and the CredentialValidationResult that are still present in the final result. Not to be underestimated, Alex also firmly established the scope of the JSR by focussing on the (in his words) "low hanging fruit", which we adhered to all the way up to the final release.

Kind regards,
Arjan Tijms


Re: Final Approval Ballot passes! :)

Will Hopkins
 

Yes, congratulations indeed!

Thanks to all the experts and contributors, and especially to Arjan, for all your efforts, and for your patience with me coming up to speed mid-stream.

I'd also like to thank Alex for his work getting this JSR off the ground -- putting together the original proposal, forming the expert group, and leading the initial rounds of specification work. We would not have a spec today without him, either!

Will

On 08/22/2017 10:04 AM, Elder Moraes wrote:
Congratulations!!

Elder

Twitter: @elderjava

2017-08-22 11:02 GMT-03:00 Rudy De Busscher <rdebusscher@...>:
It was a unique experience to be involved in an EG and I learned a lot.

And Thanks to Arjan for the huge amount of work he has put into the spec. Without his work, there would be no vote at all if you ask me :)

I hope we can soon start with the security.NEXT version so that we can define all the initial ideas to make Java EE Security complete.

Best regards
Rudy


On 22 August 2017 at 14:38, Arjan Tijms <arjan.tijms@...> wrote:
Hi all,

Today we passed our Final Approval Ballot:

https://jcp.org/en/jsr/results?id=6044

The result is an unanimous yes, with only Intel not having voted.

Thanks to everybody involved :) Without all of your help this would not have been possible!

As mentioned before, the JSR is *much* smaller than what we initially set out for, but it's an enormous step in the right direction as far as I'm concerned. Being so small may have its advantages even, as instead of getting an enormous framework dropped into their laps, users can now more gradually discover Java EE security.

The spec document can be found here, extra thanks to Will for taking care of that part so much:

http://download.oracle.com/otndocs/jcp/java_ee_security-1_0-pfd-spec/index.html

For now there's a few tiny bugs left in the implementation (Soteria), but nothing preventing a 1.0 release. Of course, as happens for each and every RI out there, incremental updates (Soteria 1.0.1, 1.1 etc) should be released with some frequency to address whatever is going to be found and raised by the community.

Kind regards,
Arjan Tijms



-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Developer Experience
35 Network Drive, Burlington, MA 01803


Re: Final Approval Ballot passes! :)

Elder Moraes
 

Congratulations!!


2017-08-22 11:02 GMT-03:00 Rudy De Busscher <rdebusscher@...>:

It was a unique experience to be involved in an EG and I learned a lot.

And Thanks to Arjan for the huge amount of work he has put into the spec. Without his work, there would be no vote at all if you ask me :)

I hope we can soon start with the security.NEXT version so that we can define all the initial ideas to make Java EE Security complete.

Best regards
Rudy


On 22 August 2017 at 14:38, Arjan Tijms <arjan.tijms@...> wrote:
Hi all,

Today we passed our Final Approval Ballot:

https://jcp.org/en/jsr/results?id=6044

The result is an unanimous yes, with only Intel not having voted.

Thanks to everybody involved :) Without all of your help this would not have been possible!

As mentioned before, the JSR is *much* smaller than what we initially set out for, but it's an enormous step in the right direction as far as I'm concerned. Being so small may have its advantages even, as instead of getting an enormous framework dropped into their laps, users can now more gradually discover Java EE security.

The spec document can be found here, extra thanks to Will for taking care of that part so much:

http://download.oracle.com/otndocs/jcp/java_ee_security-1_0-pfd-spec/index.html

For now there's a few tiny bugs left in the implementation (Soteria), but nothing preventing a 1.0 release. Of course, as happens for each and every RI out there, incremental updates (Soteria 1.0.1, 1.1 etc) should be released with some frequency to address whatever is going to be found and raised by the community.

Kind regards,
Arjan Tijms



61 - 80 of 736