On 14/12/06, Stuart Charlton <[EMAIL PROTECTED]> wrote: > > > > > > > > --- Steve Jones <[EMAIL PROTECTED]> wrote: > > > I can see no reasons for anyone to upgrade from 5.0 to 6.0, the only > > decent > > thing in 6.0 is that finally we managed to get Sun to start marking > > things > > for deletion in future releases (bye bye midi support) and 7.0 should > > support the concept of modules and profiles which is what is > > important. > > Scripting is important... Particularly for operational automation. > Jython support with WebLogic was one of happiest features from BEA's > customers.
I have no issues with it being available, its its inclusion in the base package that irks me, it just encourages people to go "ooooh scripting" rather than thinking "I need something to easily automate this bit of deployment, I know some sort of scripting language would be good I'll go and have a look at how to do that". Debugging crap Java is bad enough, debugging crap Java that calls Rhino will be a complete arse. > > One of the biggest pluses of Java SE 6 are the revisions to Kerberos > that finally make it > a) compatible with Active Directory's RC4-HMAC std. encryption > b) allow you to do outbound HTTP SPNEGO authentication with a KRB v5 > ticket > c) don't force you to have to connect your app server to AD to get a > TGT > > I do hope the above is backported to Java SE 5, frankly. +1 on that, and this is my point around JavaSE 6, all of the "new" bits would have been better off available as additions that could be downloaded rather than in the core. So yes some people need the new Kerberos stuff... but lots don't. > > Many, many customers of both SOAP services and HTTP web apps are > looking for single-sign on with Active Directory. I've been involved > with many of these integrations, and it's not that hard once you've > spent a good couple of weeks toying with it & reading the specs. But > Sun's implementation is woefully under-documented, IMO. Much "folk > legend" abounds with such integration efforts. > > Further, I would say (c) has costed *millions* of dollars in > complaints, recrimination, and adult weeping. And it's *not required* > by the Krb5 protocol, but for some reason Sun followed the GSS-API > recommendations to the letter and assumed anybody that 'accepts' a > credential will also 'initiate' later on. Which is kinda tough when > you don't have SPNEGO outbound... Agreed, but this was my point during the spec. I'm willing to bet that during that sort of project you either a) had a J2EE app server or b) used Tomcat with a bunch of other libraries. My problem with the Sun approach is that it assumes you need everything in the JDK and just creates ridiculous things like now having a "lightweight" web server in the JDK that is "just" for JAX-WS... how long before someone creates a JSP et al stack, or even worse does a half-arsed (is there any other sort) PHP server using scripting + web server. JDK 6 is for the same people who go "woot" and 1337 and think that PHP is the best thing in the world and that Derby is pretty much the same as Oracle and "man it just flies"... when there is one user. > > Cheers > Stu > > __________________________________________________________ > Do you Yahoo!? > Everyone is raving about the all-new Yahoo! Mail beta. > http://new.mail.yahoo.com >
