Aggressive Road Map for Java EE

After almost a year of silence, Oracle presented a preliminary proposed road map for Java EE. It is an aggressive one and will require dedicated hard work in the Expert Groups to make it happen.

There are some interesting new JSRs coming up regarding configuration and health check in addition to the changes going to happen in the existing ones. Worth noting is also that MVC 1.0 is left out entirely from this proposal.

On the other hand, also note that it is still just a preliminary proposal, and that we as a Community are invited to give our input through a new Java EE Community Survey.

Make sure to show your support by participating in this survey!


So, I am still optimistic and still believe that what I was hinting at in my previous post The Future of Java EE May Be Bright After All may actually come true!

JCP EC 2016 Nomination

The Java Community Process (JCP) program 2016 Executive Committee (EC)
Elections have started. This is the first election to be held under the newest JCP 2.10 Process Document rules.

One of the new things introduced is that there will be two Associate Seats in the Expert Committee. These seats are elected by the Associate members of the JCP.

I have nominated myself for one of these Associate Seats. See my position statement below.

JCP EC 2016 Position Statement

The Future of Java EE May Be Bright After All

I don’t think anybody with the slightest interest in server-side Java™, and Java EE in particular, have missed the frustrations (and anger) in the community for the hiatus regarding the specification work of Java EE 8. The activity for most of the Java EE 8 targeted JSRs have more or less stagnated for almost a year, with only a few exceptions.

This has resulted in initiatives such as the Java EE Guardians and the Both emerging from a community eager to move Java EE forward to continue being the preferred platform for enterprise Java™.

The minutes from the August meeting in the JCP Executive Committee indicates that Oracle is finally beginning to move. At the meeting, Anil Gaur, Oracle Group Vice President with responsibility for Java EE and WebLogic Server, said:

“…We would like the future of Java EE to be viable to next generation of applications. These apps are composed and deployed differently in cloud and require flexibility, reliability and scale. The platform needs a new programming model that’s geared towards reactive style programming for building large-scale distributed applications that are loosely coupled…”

This year’s JavaOne will definitely be exciting in terms of Java EE. If you haven’t registered yet, do so!

I am carefully optimistic and think that Java EE has a bright future!

Java Champion

I am extremely proud and honored to be included in this exclusive group of Java dignitaries.

The Java Champions are an exclusive group of passionate Java technology and community leaders who are community-nominated and selected under a project sponsored by Oracle. Learn more about Java Champions.

MVC 1.0 Generator

The JPA Modeler plugin for NetBeans provides visual support for creating, designing and editing entity relationship models. It also provides Java code generation and new for version 1.5.5 is that it provides support for generating MVC 1.0 applications.

Check out MVC 1.0 Generator Tutorial to see how it works.


Kudos to Gaurav Gupta (@jGauravGupta) for this awesome tool! Another proof that NetBeans is the IDE for developing Java EE applications!

Follow @jpamodeler on Twitter!

Javaforum Malmö – a Fresh Start

I am pleased to announce that I will take over as JUG leader in the Malmö branch of Javaforum in Sweden. As a first step we will follow our friends from the other locations in Sweden and move to Meetup. The old site at has been around for 10 years and time has come to try out some more modern options.

Make sure you register yourself to stay up-to-date on what’s going on in your local Java Community.

Javaforum Malmö
Thanks to Cybercom for sponsoring the Meetup subscription.


Java EE Security API Moving Forward

The Java EE Security API (JSR 375) is moving forward, as summarised by Arjan Tijms here:

One thing to note is that we now have a name for the reference implementation, namely Soteria. The name originates from Greek Mythology where Soteria was the goddess of safety and salvation [Wikipedia]. Our Soteria can be found on GitHub ( and also has a Twitter handle. Follow @Soteria_RI.

The Soteria GitHub repo contains a couple of samples that demonstrates the features implemented so far. I have created a couple of additional examples where I combine Soteria with other Java EE technologies, such as MVC and JSF. These can be found in

As the following code shows, it is fairly straightforward to define an embedded identity store for an MVC 1.0 application.

The examples will be evolved as the specification and Soteria continues to evolve.

NetBeans Dream Team

It is great to start 2016 with the announcement that I have been included in the NetBeans Dream Team!

I always try to be as objective and unbiased as possible when writing and talking about tools and technologies, but I guess it has been pretty obvious that NetBeans is my favorite IDE and in my opinion the best IDE for Java EE development. Being a member of the Dream Team will enable me to contribute even more to make this great tool even greater.

More information about the NetBeans Dream Team can be found on the wiki.

Snoop becomes SnoopEE [ˈsnuːpı]

SnoopEE [ˈsnuːpı] The lean and simple discovery mechanism for Java EE based microservices.

What’s in a name, really?

Naming is hard! When I came up with the name Snoop for my discovery mechanism for microservices based on Java EE, my though was to associate the name with snooping around for services to discover”. It seems, however, that most people’s thought goes to Snoop Dogg when hearing the name and that was never my intention.

That is one of the reasons for the renaming. Another consideration is that I want to point out that the best fit for SnoopEE is for Java EE!

At the same time I don’t want to signal that it is only for Java EE. I want it to be just as lean and simple no matter what technology used to implement the services. That is the only reason why I have been a little reluctant to the renaming.

SnoopEE has a nicer feel and as the twitter poll indicates, I am not alone thinking this.

For the record, I have nothing at all against Snoop Dogg! I just feel that Snoopy the dog is a little bit cuter…

I have crated a new page for SnoopEE, but as for everyhing else, such as GitHub repo, maven coordinates and naming, it all stays as it is until properly announced otherwise.

Cool Security Feature in MVC 1.0

If you are developing web applications, sooner or later you will come across something called Cross Site Request Forgery. The most common way to prevent CSRF attacks is by embedding additional, difficult-to-guess data fields, or tokens, in requests containing sensitive data.

Support for CSRF protection has been added to the MVC 1.0 specification. It goes like this:

First, enable CSRF Protection in your application configuration by setting the to either CsrfOptions.EXPLICIT or CsrfOptions.IMPLICIT.

Then add the CSRF token to your forms. The Csrf object is available in Expression Language as mvc.csrf .

If  CsrfOptions.IMPLICIT is used, you’re done. All controller methods annotated with  @POST and that consumes the media type x-www-form-urlencoded will be automatically checked for a valid CSRF token.

If  CsrfOptions.EXPLICIT is used, then the   @CsrfValid annotation must be added exlicitly to the methods you want the CSRF token to be validated.

And that’s all you need!