Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
40thAirhacksQ&A.md

Adam,
Do you recommend JASPIC for securing Java EE 7 web apps? For a project that places high value on security, how would you approach authorization (resource/role based access control) in the business logic layer? I want to avoid unnecessary dependencies on third party libraries as much as possible. Thanks!

Owner

AdamBien commented Jun 23, 2017

"What do you think about lambdas and the move from Oracle to "evolve" Java including more functional programming style features?
Do you like or use lambdas in your projects or you prefer to stick up with the "pure" object orientation aspects of the language?" comment by Mars Forsc: Pushing Java EE 7/8 To Oracle Container Cloud Service: https://www.youtube.com/watch?v=6cVHeEeKLSI

tnsasse commented Jun 24, 2017

What are your strategies to reduce the compiled size of a React.js application? The jar.js of my small sample app turns out to be 2.5 MB in size, which is crazy for somebody used to Java EE ;-)

nickscha commented Jun 25, 2017 edited

Currently I have five different Containers (JavaEE & Servlet) where I need custom Login Modules for them (the standard ones like LDAP, DB, ... from the containers do not fit to the requirements). Writing container modules for each one is very time consuming and in some you need to include container specific configurations (jboss-web, ...). JAAS would be perfect as a common solution but is rarly supported in some of them (JASPIC is not supported in some of them).
So I tend to write a custom servlet login module. One benefit is that I won't need any container specific configs and projects can simple use one jar and can be deployed to various containers easily. Example project: https://github.com/nickscha/servlet-auth

What's your opinion ? In my case infrastructure is very restricted and I can't just setup keyloak or something like this.

swhp commented Jun 26, 2017

Hi Adam

I watch your screencast about thin wars and docker, my question is how you handle about database transaction?
As I know, the best practice of using docker is one image one responsibilty so you need to separate between the image of the application and the image of the database. Then how you configure the database transaction? Since Java EE transaction was perform by application server.

Regards,
Sukma Wardana

dempile commented Jun 26, 2017

Hi Adam , I have two questions:

1- Do you recommand using only JSF (primefaces) in the whole frontend enterprise application because it really make the developement quick and easy or you like to mix it with some javascript like React / angular or even html5
2- Can we rely on Restful webservices to communicate between the modules of an application knowing that the shared data could be big , and how could you make the lazy loading in this case

Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment