Showing posts from March, 2015

Java EE authorization - JACC revisited part III

This is the third and final part of a series where we revisit JACC after taking an initial look at it last year. In the first part we mainly looked at various role mapping strategies, while the main topic of the second part was obtaining the container specific role mapper and the container specific way of how a JACC provider is deployed. In this third and final part we'll be bringing it all together and present a fully working JACC provider for a single application module (e.g. a single war). Architecture As explained before , implementing a JACC provider requires implementing three classes: PolicyConfigurationFactory PolicyConfiguration Policy Zooming into these, the following is what is more accurately required to be implemented: A factory that provides an object that collects permissions A state machine that controls the life-cyle of this permission collector Linking permissions of multiple modules and utilities Collecting and managing permissio

The most popular Java EE servers in 2014/2015 according to OmniFaces users

For a little over 3 months (from half of November 2014 to late February 2015) we had a poll on the OmniFaces website asking what AS (Application Server) people used with OmniFaces (people could select multiple servers). The response was quite overwhelming for our little project; no less than 840 people responded , choosing a grand total of 1108 servers. The final results are as follows: Position Server Votes (Percentage) 1 JBoss (AS/EAP/WildFly) 395 (47%) 2 GlassFish 206 (24%) 3 Tomcat/Mojarra/Weld 186 (22%) 4 TomEE 85 (10%) 5 WebSphere 55 (6%) 6 WebLogic 49 (6%) 7 Tomcat/MyFaces/OWB 33 (3%) 8 Jetty/Mojarra/Weld 19 (2%) 9 Geronimo 13 (1%) 10 JEUS 11 (1%) 11 Liberty 9 (1%) 12 Jetty/MyFaces/OWB 9 (1%) 13 JOnAS 8 (0%) 14 NetWeaver 8 (0%) 15 Resin 6 (0%) 16 InforSuite 5 (0%) 17 WebOTX 4 (0%) 18 Interstage AS