When Oracle announced that MVC 1.0 was withdrawn from Java EE 8, they also indicated that they were investigating a possible transfer to a community member or organization for completion as a standalone JSR. True to their word, a request for a transfer ballot of JSR 371 has now been submitted to the JCP Executive Committee. […]

Read more

As mentioned in my article Aggressive Road Map for Java EE 8, MVC 1.0 is left out of the plans for Java EE 8. The way I see it, and also have indications from several people I have talked with during JavaOne, the possible outcomes of this are: 1. MVC is dropped completely 2. MVC continues and […]

Read more

The Java EE Security API (JSR 375) is moving forward, as summarised by Arjan Tijms here: http://arjan-tijms.omnifaces.org/p/whats-new-in-java-ee-security-api-10.html. One thing to note is that we now have a name for the reference implementation, namely Soteria. The name originates from Greek Mythology where Soteria was the goddess of safety and salvation [Wikipedia]. Our Soteria can be found on GitHub […]

Read more

If you are developing web applications, sooner or later you will come across something called Cross Site Request Forgery. The most common way to prevent CSRF attacks is by embedding additional, difficult-to-guess data fields, or tokens, in requests containing sensitive data. Support for CSRF protection has been added to the MVC 1.0 specification. It goes like […]

Read more