Other MP Specs @ Geronimo?

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Other MP Specs @ Geronimo?

John D. Ament
All,

I know Mark brought in Config to Geronimo.  We have at least 3 more specs coming in MP 1.2 (Fault Tolerance, Health, JWT Processing), possibly Metrics and OpenTracing.

I have a fully functioning JWT Processing impl based on jose ( https://bitbucket.org/connect2id/nimbus-jose-jwt/src ) which I'd be happy to bring over to Geronimo.

Health is a tricky one, may make sense to start from scratch, or bring in pieces of the former Sirona podling to start a health checker.

I had started on a Fault Tolerance implementation, based on the work from failsafe.  However, from talking to the developer offline I'm a bit worried about relying on Failsafe.  

Any thoughts on bringing these into Geronimo?

John
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Other MP Specs @ Geronimo?

Romain Manni-Bucau
Is there any actual spec?

For jwt we can impl from scratch, it is not hard and would avoid  a big dep and enable some consistency using jsonb. 

Le 30 juil. 2017 23:28, "John D. Ament" <[hidden email]> a écrit :
All,

I know Mark brought in Config to Geronimo.  We have at least 3 more specs coming in MP 1.2 (Fault Tolerance, Health, JWT Processing), possibly Metrics and OpenTracing.

I have a fully functioning JWT Processing impl based on jose ( https://bitbucket.org/connect2id/nimbus-jose-jwt/src ) which I'd be happy to bring over to Geronimo.

Health is a tricky one, may make sense to start from scratch, or bring in pieces of the former Sirona podling to start a health checker.

I had started on a Fault Tolerance implementation, based on the work from failsafe.  However, from talking to the developer offline I'm a bit worried about relying on Failsafe.  

Any thoughts on bringing these into Geronimo?

John

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Other MP Specs @ Geronimo?

John D. Ament


On Sun, Jul 30, 2017 at 5:44 PM Romain Manni-Bucau <[hidden email]> wrote:
Is there any actual spec?

Not sure what you mean.  Rhetorical question?
 

For jwt we can impl from scratch, it is not hard and would avoid  a big dep and enable some consistency using jsonb. 

JWT is a lot more complicated than that.  It's more than reading the JSON, but also ensuring proper crypto signatures, on the generation and consumption side.  You need to be able to reach out to other servers to fetch keys and handle extra validation checks.  There's a standard set of claims that's being requested as well.  Yes, the json smart dependency bites, maybe we can convince the author to switch to the javax.json namespace?

 


Le 30 juil. 2017 23:28, "John D. Ament" <[hidden email]> a écrit :
All,

I know Mark brought in Config to Geronimo.  We have at least 3 more specs coming in MP 1.2 (Fault Tolerance, Health, JWT Processing), possibly Metrics and OpenTracing.

I have a fully functioning JWT Processing impl based on jose ( https://bitbucket.org/connect2id/nimbus-jose-jwt/src ) which I'd be happy to bring over to Geronimo.

Health is a tricky one, may make sense to start from scratch, or bring in pieces of the former Sirona podling to start a health checker.

I had started on a Fault Tolerance implementation, based on the work from failsafe.  However, from talking to the developer offline I'm a bit worried about relying on Failsafe.  

Any thoughts on bringing these into Geronimo?

John

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Other MP Specs @ Geronimo?

Romain Manni-Bucau


Le 30 juil. 2017 23:54, "John D. Ament" <[hidden email]> a écrit :


On Sun, Jul 30, 2017 at 5:44 PM Romain Manni-Bucau <[hidden email]> wrote:
Is there any actual spec?

Not sure what you mean.  Rhetorical question?

No no, for now MP is a lot of marketing - server part is nothing for instance. If no spec but future specs I d wait it is close to release.

 

For jwt we can impl from scratch, it is not hard and would avoid  a big dep and enable some consistency using jsonb. 

JWT is a lot more complicated than that.  It's more than reading the JSON, but also ensuring proper crypto signatures, on the generation and consumption side.  You need to be able to reach out to other servers to fetch keys and handle extra validation checks.  There's a standard set of claims that's being requested as well.  Yes, the json smart dependency bites, maybe we can convince the author to switch to the javax.json namespace?

It is trivial to impl on java once you have json link, ~200 lines for the needed part. Javax.json is maybe not rigyt bit building on it sounds right - actually did on johnzon with quite successes.



 


Le 30 juil. 2017 23:28, "John D. Ament" <[hidden email]> a écrit :
All,

I know Mark brought in Config to Geronimo.  We have at least 3 more specs coming in MP 1.2 (Fault Tolerance, Health, JWT Processing), possibly Metrics and OpenTracing.

I have a fully functioning JWT Processing impl based on jose ( https://bitbucket.org/connect2id/nimbus-jose-jwt/src ) which I'd be happy to bring over to Geronimo.

Health is a tricky one, may make sense to start from scratch, or bring in pieces of the former Sirona podling to start a health checker.

I had started on a Fault Tolerance implementation, based on the work from failsafe.  However, from talking to the developer offline I'm a bit worried about relying on Failsafe.  

Any thoughts on bringing these into Geronimo?

John


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Other MP Specs @ Geronimo?

Mark Struberg
I would love implementing the mp jwt spec at Geronimo.
But I've not closely followed the discussions and current state.
So I cannot really make an educated guess right now about whether it already makes sense to implement it.

Although I think it cannot be wrong to start tinkering with it in a seperate component.
And then we know a lot better what it is able to and what not.
This is not yet a guarantee that we release anything in that direction.
But by playing with it we don't loose anything. An the worst case we learn a lot ;)

LieGrue,
strub


> Am 30.07.2017 um 23:58 schrieb Romain Manni-Bucau <[hidden email]>:
>
>
>
> Le 30 juil. 2017 23:54, "John D. Ament" <[hidden email]> a écrit :
>
>
> On Sun, Jul 30, 2017 at 5:44 PM Romain Manni-Bucau <[hidden email]> wrote:
> Is there any actual spec?
>
> Not sure what you mean.  Rhetorical question?
>
> No no, for now MP is a lot of marketing - server part is nothing for instance. If no spec but future specs I d wait it is close to release.
>
>  
>
> For jwt we can impl from scratch, it is not hard and would avoid  a big dep and enable some consistency using jsonb.
>
> JWT is a lot more complicated than that.  It's more than reading the JSON, but also ensuring proper crypto signatures, on the generation and consumption side.  You need to be able to reach out to other servers to fetch keys and handle extra validation checks.  There's a standard set of claims that's being requested as well.  Yes, the json smart dependency bites, maybe we can convince the author to switch to the javax.json namespace?
>
> It is trivial to impl on java once you have json link, ~200 lines for the needed part. Javax.json is maybe not rigyt bit building on it sounds right - actually did on johnzon with quite successes.
>
>
>
>  
>
>
> Le 30 juil. 2017 23:28, "John D. Ament" <[hidden email]> a écrit :
> All,
>
> I know Mark brought in Config to Geronimo.  We have at least 3 more specs coming in MP 1.2 (Fault Tolerance, Health, JWT Processing), possibly Metrics and OpenTracing.
>
> I have a fully functioning JWT Processing impl based on jose ( https://bitbucket.org/connect2id/nimbus-jose-jwt/src ) which I'd be happy to bring over to Geronimo.
>
> Health is a tricky one, may make sense to start from scratch, or bring in pieces of the former Sirona podling to start a health checker.
>
> I had started on a Fault Tolerance implementation, based on the work from failsafe.  However, from talking to the developer offline I'm a bit worried about relying on Failsafe.  
>
> Any thoughts on bringing these into Geronimo?
>
> John
>
>

Loading...