40thAirhacksQ&A.md

40thAirhacksQ&A.md

Ask questions and see you at July, 3rd at 6.PM. CET: http://www.ustream.tv/channel/adambien

Adam,
Do you recommend JASPIC for securing Java EE 7 web apps? For a project that places high value on security, how would you approach authorization (resource/role based access control) in the business logic layer? I want to avoid unnecessary dependencies on third party libraries as much as possible. Thanks!

"What do you think about lambdas and the move from Oracle to "evolve" Java including more functional programming style features?
Do you like or use lambdas in your projects or you prefer to stick up with the "pure" object orientation aspects of the language?" comment by Mars Forsc: Pushing Java EE 7/8 To Oracle Container Cloud Service: https://www.youtube.com/watch?v=6cVHeEeKLSI

What are your strategies to reduce the compiled size of a React.js application? The jar.js of my small sample app turns out to be 2.5 MB in size, which is crazy for somebody used to Java EE ;-)

Currently I have five different Containers (JavaEE & Servlet) where I need custom Login Modules for them (the standard ones like LDAP, DB, ... from the containers do not fit to the requirements). Writing container modules for each one is very time consuming and in some you need to include container specific configurations (jboss-web, ...). JAAS would be perfect as a common solution but is rarly supported in some of them (JASPIC is not supported in some of them).
So I tend to write a custom servlet login module. One benefit is that I won't need any container specific configs and projects can simple use one jar and can be deployed to various containers easily. Example project: https://github.com/nickscha/servlet-auth

What's your opinion ? In my case infrastructure is very restricted and I can't just setup keyloak or something like this.

Hi Adam

I watch your screencast about thin wars and docker, my question is how you handle about database transaction?
As I know, the best practice of using docker is one image one responsibilty so you need to separate between the image of the application and the image of the database. Then how you configure the database transaction? Since Java EE transaction was perform by application server.

Regards,
Sukma Wardana

Hi Adam , I have two questions:

1- Do you recommand using only JSF (primefaces) in the whole frontend enterprise application because it really make the developement quick and easy or you like to mix it with some javascript like React / angular or even html5
2- Can we rely on Restful webservices to communicate between the modules of an application with large data exchange.

Thanks

Dear Adam,
Thank you for all the great work. You are indeed empowering generations of developers.

I work with NIBSS (Nigeria interbank settlement system) we are affiliated to the Central Bank of Nigeria and power Nigeria Central switch (financial processing) and we use 100% Java. Please I recommend some members of my team for your training and one person was approved by the name Akinwale Akintola . He has being trying to get the invoice so that the finance department can process payments. Pls is it possible you respond to his registration request for 4 courses in December?
Thank you and sorry for the trouble.

Hi Adam,

I am developing a JavaEE 7 + Angular application with ~90% CRUD operations using JAX-RS + JWT. The other ~10% are long running tasks, where the progress / status should be visible in the front-end.

For this I can think to two possible solutions:

1. Just start the task async and poll status from JAX-RS. Is very easy to implement, but causes additional overhead (http requests).

2. Use Websocket to push status to clients. Less overhead, but it feels more low-level in comparison to JAX-RS and I need to think how to implement security ect. plus it is another technology making the project more complex.

Do you have any recommendations / experience which way to go?

Best regards,
Simon

If you use JsonObject as DTO like described here: http://www.adam-bien.com/roller/abien/entry/json_is_the_new_dto

What are good approaches, if you have Entities and Inheritance? E.g. calling some super.somemethod() and adding more Attributes? Would such a Method return JsonObject or a JsonObjectBuilder? Other approaches?

Regards,
Ivan

I am interested in the course of Java EE microservices I have some doubts to clarify

In Java EE 7 Microservices, do you use Jenkins?

If I buy the course, can I ask you specific questions about microservices if you do not cover it in the course?

Hi, Adam. Thanks for the screencasts, they are awesome.
My first question:
I saw it several times in your screencasts but i didn't get the idea behind async rest requests (CompletableFuture, @suspended). When to use it? What is the use case? When to avoid it?

2nd question:
Do you have any experience with docker swarm? Any tips or avoid it?

Thanks.

Bastian

Hi Adam,
We have REST app which has dependency on one of module that has EJB annotation. Wildfly tend to start too many threads for EJB because one of the jar has EJB annotation. How we can make it not to start EJB threads.
We use Wildfly 10

Hi dear Adam

1. Do you think MVC is dying? both for back-end and front-end? (https://www.infoq.com/articles/no-more-mvc-frameworks)
2. Do you use Reactive Programming? when? why? which use cases?
3. Which of Java EE technologies should one learn for creating microservices with Java?

Is it possible do programmatically deploy/enable/disable/undeploy a JEE app on glassfish, payara, jboss or others? Via a REST api or something?

I could only find some info about JSR 88, but it's not clear to me which platform implements it. I understood that it was an optional requirement.

Hi Adam,

When working with microservice, what do you use to control the amount of simultanios access to a service? How do you do the load balance?

Can you recommend a good read on how to build applications with microservice?

Thanks for your help.