New Jakarta EE 8 Certified server: Primeton AppServer V7

Somewhat as a surprise, a company called Primeton Information Technologies, Inc recently filed a certification request for a new Jakarta EE 8 compliant server called Primeton AppServer V7.

In this blog we're going to take a quick look at what this server entails. As Jakarta EE is a very complete platform, from scratch implementations are rare to basically non-existent, so it's interesting to see what's exactly in Primeton AppServer V7.

Within a Jakarta EE certification request, a link where the product (or a trial thereof) can be downloaded is mandatory, and Primeton indeed provided one. Today's Internet users normally have it easy. One clicks on a download link, and the software effortlessly transfers to your machine. Thanks to 500mbit+ speeds which are becoming increasingly common in this part of the world, most downloads take mere seconds. If you're from a certain age though, you may remember how different this was in the late 80s and early 90s. Dial-up modems that would fail halfway (or not rarely, when at 99%), and a download of 1MB or less taking hours and hours.

The Primeton download brought some of these nostalgic memories back:

Challenge 1: Initially your are presented with a challenge: a box in which you have to enter something, and you have to type something back to get something again:

Puzzling... after some attempts and with the help of Chrome translate, it appeared to be a phone number. Of course, only Chinese numbers are accepted, and Chinese numbers are fairly difficult to obtain from outside China (a problem which we'll stumble upon once more later). Luckily the kind people at Primeton agreed to reduce the difficulty of this challenge and changed the challenge screen to:

This one is seemingly much easier, although appearances can be deceptive. Typing in an email address would give "提示 手机号码不能为空!" as response. Puzzling... luckily the kind people from Primeton were again willing to provide a hint. The intend is to do a hard browser refresh. After doing that, a frantic countdown started. Only 59 seconds to provide a response! Will the email reply be in time? While the timer was frantically counting down, I was frantically refreshing my email client. With only 12 seconds left on the timer, the email arrived with a code! I quickly copied the code, went back to the challenge screen and with some 8 seconds left on the timer it accepted my code, and took me to the second challenge.

Challenge 2: a new screen with multiple boxes, some of which drop-downs. How to beat this one? The first was a numerical box. After some trial and error it appeared it wanted a number of 11 digits, starting with 134 to 139, or 150 to 159, and some more. I opted for "13412341234", and hey ho, it was happy with that. Sub-challenge 2.1 beaten! But the other boxes proved more difficult to pass. No matter what I put into them, it kept giving me back "提示 请检查姓名,公司字段". Did it want only Chinese characters? Or only English? Perhaps of a certain length? Eventually it appeared that the secret combination one had to enter was hard refreshing the page again. It's not super clear how the system exactly detects this, but there you have it. It was now fully happy, and after leaving me in anticipation for a few seconds it provided me with the third challenge: a mysterious link and a code. (hint: the code is only for a short while on your screen, so copy it right away when you get it).

Challenge 3: The link looked something like this: https://pan.baidu.com/s/1TKf9B_puPZfDooooXXX (made up link), while the code looked this this: a8op (again, made up code). Entering the link, the mysterious website asked for the code. I expected this to involve a challenge as well, but somewhat to my surprise the code was accepted without an additional challenge. I was now presented with what appeared to be a download page:

Only the download page was just a teaser. You can't directly download something from it, but you again have to go through a challenge, the fourth one.

Challenge 4: after some trial and error, it appears the challenge is to create an account. Initially this seems simple. After all, we create accounts all the time everywhere. How hard can this possible be? Well, the answer is: very hard, or in this case, very challenging. Where sites such as Reddit once wowed people all over the world in simplifying account creation as much as possible, Baidu wowed people by making it as hard as possible (for people outside China, that is). After being stuck for quite some time on this challenge, I basically admitted defeat. The key problem is that you need a Chinese phone number again, although there's a hidden registration form where you can provide numbers from countries like Nigeria or Korea, but unfortunately nothing from the EU. Luckily a Chinese friend could help me out, so I got an account. Yes, it's cheating a little. Having the account the site directed me to the fifth challenge; a riddle.

Challenge 5: the website presented me the following riddle: "Yundetectservice.exe". In the time of Internet and Google, old fashioned riddles are not much of a challenge and it appeared that the riddle referred to having to install something called Baidu Netdisk. This appeared to be relatively simple. So I installed this, and logged-in to it using the aforementioned account. When you try to download something using the teaser screen shown above, the riddle would come up again, which you can just answer with "yes", upon which the Baidu Netdisk will take over the download, and then present you with the sixth challenge.

Challenge 6: the Baidu Netdisk will display the file to be downloaded, keep you in suspension for a few seconds, then present you with a cryptic message:

After struggling with this for quite some time, it appeared the Baidu Netdisk is just a decoy. It's not a challenge one can solve. Instead, you have to backtrack to after challenge 4, and first copy the file you want to download to the private cloud storage of the account that you created. After you've done that, you can proceed to the next challenge, which is how to get it off of that account.

Challenge 7: after puzzling for a bit on this one, it appeared you need to connect your Baidu account to a service called multcloud.com. There's a funny little sub-challenge here, where you need to create a folder on your Baidu cloud storage called "lin1118" and move whatever you want to download to there. The challenge again tries to throw up some decoys, like making you belief you can transfer the file to another cloud storage, like e.g. Google Drive, but this is again just a decoy. If you look closely, you can obtain a public share link to the file you want to download, which presents you with a download icon on its turn that actually starts to download!

But what fun would it be if it ended here so easily? There's a plot twist when the download suddenly stops! Resuming it will download maybe 200kb, maybe a whopping 2MB even, but never really more. It's throwing up a final challenge for you, the eighth one.

Challenge 8: getting the download to continue. Puzzling on this for a while using several different browsers, I finally beat this challenge using a download manager on Windows called Internet Download Manager (IDK). After installing this and attempting the download again, it will take it over and... is accepted by our game master and finally, finally allows us to download the file:

Now that was interesting! Who said downloading a file is boring?

Having spend nearly all my free time on this funny, but indeed time consuming challenge, I took a quick look at the archive. Inside are some installer scripts and a resources folder. In "resources/as_comps/" there's what seems to be the actual Jakarta EE 8 server: "pas-7.0.0.zip":

Opening that one, reveals a (to me) very familiar layout:

That looks exactly like GlassFish. Looking into the folders some more, and specifically the "/modules/" folder confirms this to be GlassFish based:

Now being GlassFish based is not that out of the ordinary in Jakarta EE land. The "Japanese 3" are all based on GlassFish as well, mostly having their own support channels and their own assortment of fixes. We're therefor very happy that Primeton has adopted GlassFish for its Chinese customers, and look forward to whatever this brings to the table concerning the upstream GlassFish maintenance.

Looking at the landscape of Jakarta EE compatible products, we now have 4 families of products: the GlassFish based ones, the JBoss based ones, JEUS and Open Liberty. It's expected that WebLogic will join this group soon (which is a unique implementation, though does share some bits with GlassFish), and hopefully Fujitsu will soon join as well (which is GlassFish based). For now the landscape looks like this:

Arjan Tijms

Comments

Popular posts from this blog

Implementing container authentication in Java EE with JASPIC

Jakarta EE Survey 2022

What’s new in Jakarta Security 3?