REST TX, Clustering, Dead SOAP, Timers, Microservices vs. Monolith, Principal Propagation or Questions for the 12th Airhacks

Last chance to ask questions. We will discuss them at 2nd March, 6.PM. CET: http://www.ustream.tv/channel/adambien:

  1. HTTP Session Replication and Clustering discussion Piotrek
  2. I have a question for you :) You may even queue it up for an upcoming stream, but I’m really curious! You stated that SOAP (support?) could even be removed from the API.I just got into the SOAP world a few months ago, came from a REST background, and I am really confident that it still has it’s place. The type safety, and the tools that Java gives us are really great. Why do people hate it so much nowadays? Plus in the finance sector they are relying on it really heavily still, so it’s a good thing to be familiar with either way IMHO. noherczeg
  3. Can two ejb modules communicate with each other through local interfaces in the same app server or JVM? (…) Viktor Citaku
  4. What’s the most effective/elegant way of implementing single-table multi-tenancy (with discriminator column) in JPA2/2.1 without using provider specific (like that of EclipseLink 2.5) [Mátyás B.]
  5. Example scenario: a J2EE app utilizing single-table multi-tenancy that would allow users to sign-in using either Facebook, Google, Paypal, etc. as well as using native accounts (username/pw in the application’s DB itself) while using the HTML UI of the App. Its REST Resources would need a ‘token’ to authenticate. App server: GF 4.1
  6. Do we need to propagate the security context (Subject/Principals) to EJBs if using a form-based authentication? Isn’t it better (and almost easier) to use custom annotations and interceptors to implement a “permission” based security (as opposed to the container’s role based security)? Octopus (https://bitbucket.org/contribute-bitbucket/javaeesecurityfirst) comes to my mind.
  7. Would a JASPIC ServerAuthenticationModule (SAM) fit this scenario? How to tell SAM which authentication method to start based on the user’s choice? Similarly, how to tell JASPIC that the REST resources need a completely different ‘SAM’? ratcashdev
  8. Single timer event of a EJB timers in a distributed application [Tibor D.]
  9. What do you think about gradle? What about use gradle instead of maven? Can you talk a little bit about this subject? @Brunos_Santos
  10. With Java 8 and streams I do not really get how the exception handling should work when composing several functions? (Michael G.)
  11. “I’ve added beans.xml, but I read somewhere we don’t need it in JavaEE 7? The error is gone even if the file is empty!!” PoslovniAdresar
  12. “Can we set scheduler time from some property file so that we don’t need to
    recompile for changing time? Also, while executing scheduler, can I set next execution time at runtime?” Valsaraj
  13. Can we get @scheduler configurations details from properties file? like sec,min… Ravi
  14. (...) In one of your past presentations, I believe I remember you saying that being monolithic is your friend, vs nowadays there’s a lot of discussion around microservices. Can the ideas of “monolithic is your friend” and microservices still peacefully co-exist in your mind? John Hogan
  15. REST is stateless:

    Some are claiming, that you should not even keep any client state on the server (no session, nothing).

    Does this not imply, that Java EE server sessions should not be generated for requests at all?

    How would you do that with stateful session beans then? I guess, they are completely out of scope for REST?

    Does this mean, that each request should contain a reference or concrete information about eg. user credentials or client state if the server needs that information? Is that not producing a huge communication overhead in some scenarios?
  16. How would you implement a user authentication with a UI based on a pure RESTful API? With tokens? How to pass and maintain tokens and invalidate “sessions” without keeping client state on the server? Would that not also be a potential performance problem, as the token (and thus, every single API request needing authorization) would normally always have to be sent over HTTPS to avoid being intercepted and risk identity theft?
  17. How would you maintain transactions over several REST API calls? Is that at all possible with REST? Or would it simply be maintained completely on client side until final submission? (I have read eg. this resource https://jcalcote.wordpress.com/2009/08/06/restful-transactions/, but I am not fully convinced by the solution, or maybe miss some points) [heppa](https://gist.github.com/heppa
  18. @Entity

    @PrimaryKey(validation=IdValidation.NONE, columns={@column(name=“a”), @column(name=“b”, @column(name=“c”)})

    public class MyView implements Serializable ……

    If I run the query (as JUnit test) then I will receive the following error message:

    Exception [EclipseLink–6044] (Eclipse Persistence Services - 2.5.1. …..

    org.eclipse.persistence.exceptions.QueryException Exception Description: The primary key read from the row [row omitted here] during the execution of the query was detected to be null. Primary keys must not contain null. jhoryna
  19. How would you structure your web application to keep one code base for several customers each with their own customizations? haisi

See also the airhacks archives airhacks.tv for past shows and subscribe to the airhacksnews.com.

See you at Java EE Workshops at Munich Airport, Terminal 2 or Virtual Dedicated Workshops / consulting


NEW online workshop: WebStandards Igniter (online)

Airport MUC workshops: Java EE 8, Java 9: Bootstrap, Effective, Architectures, Single Page Apps, Progressive Web Apps, HTML 5, ES 6, CSS 3 and Microservices

Podcast: airhacks.fm and newsletter: airhacks.news

A book about rethinking Java EE Patterns

Comments:

Hello Adam,

I ' d like to post a question for the upcoming airhacks session:

What is in your opinion the forward-looking technology building modern web applications ? How to cope with the tangled mass of web application frameoworks ?

Kind regards,
Markus

Posted by Markus on February 27, 2015 at 08:00 AM CET #

Please can you provide some sample examples of Secure REST API accessed from java and javascript clients that uses OAuth or HttpAuthentication.
Is it possible to use JAAS to secure A JavaEE REST resource targeting non Java Clients and how?

Posted by Betrand on February 28, 2015 at 11:14 PM CET #

Hi Adam,

1. What are the drawbacks of using embedded DB like Derby?

2. Can you please show an example of a "real world" multiple modules maven project?

3. Can you please show an example of angular and restful webservice project.

Thanks

Posted by Eyal on March 01, 2015 at 12:13 PM CET #

Hi Adam,
For multi tenancy application I am using JAVA EE 7. I need to change schema dynamically based on customer.Since there will be a lot of customer so multiple EntityManager will be insufficient. So I am using Hibernate's EmptyInterceptor along with ThreadLocal and changing schema dynamically which is working fine.Since, my solution is tightly couple with Hibernate, could you suggest me some generic way so that it will be vendor independent .

Also Like to ask which application server( full java EE 7 support) will be best for production Glasfish(payara) or Wildfly.

Thanks
Suraj

Posted by Suraj on March 01, 2015 at 05:14 PM CET #

Hi Adam,
in a JAVA EE 7 web application with an highly and dynamic configuration settings for the persistence tier, what will be your way? NoSQL or an entity abstraction layer like Atlassian JIRA (Apache OfBiz)?

Posted by Riccardo on March 12, 2015 at 12:14 PM CET #

Post a Comment:
  • HTML Syntax: NOT allowed
realworldpatterns.com
Online Workshops
...the last 150 posts
...the last 10 comments
License