How Java Microservices are Improved by Java EE Security and MVC 1.0


How Java Microservices are Improved by Java EE Security and MVC 1.0

When all's said and done about Java Microservices it is important to remember that it is the new Java EE Security API, which comes with Java Enterprise Edition (EE) 8 that will provide the all-important security for self-contained microservices.

But what are the foundations to Java EE Security API? What makes the Java EE Security API possible?

To answer this question we need to take a peek under the hood of the UI-based MVC 1.0 API, and this is exactly what our EDC4IT instructors and consultants, experts on Java and microservices, have done.

Where MVC 1.0’s magic lies is in the way it works with Java API for RESTful Web Services (JAX-RS) via representational state transfer.

Java Champion Ivar Grimstad said at the recent JavaOne 2017 conference: "The most important thing, the way I see it, is that MVC 1.0 is built on top of JAX-RS. If you're used to using JAX-RS to create your REST endpoints, it's an easy decision to also add some web interfaces to your applications. Most REST-based microservices have some type of admin tool that goes along with them. With MVC 1.0, you can now build that UI tool using exactly the same technology as the microservice itself."

Along with MVC 1.0 another crucial element is the development of JSR-375. JSR-375 is the comprehensive list of key elements that come together to form Java EE Security API.

Big deal, right? Just a list of issues that security experts were already tackling in an effort to standardise. Here, according to Ivan Grimstad, is where it gets exciting!

Not only will the “brand-new API for EE8”, according to Grimstad, provide the missing link between different previous editions of EE, but the actual application will have the ability to execute annotation-based security configurations.

What does that mean? Well it means a self-contained microservices element can begin working without the need for further external configuration. Or in the words of Grimstad himself: "You do it within the application, so you don't have to configure it from the outside. Security configuration is contained within the application."

It all sounds great but what does it boil down to? Well, what it means is that Java development will get a shot in the arm thanks to the heavy lifting already having been done to keep things secure. Thanks to these developments Java-based microservices stand to advance much quicker.

As Java experts our instructors and consultants at EDC4IT will be keeping a close eye on developments. If you need a course for your team or company, or perhaps you’re studying Java and want to join one of our scheduled classes, get in touch and let’s see how we can help. Check out our list of Java courses here

This article does not necessarily reflect the technical opinion of EDC4IT, but purely of the writer. If you want to discuss about this content, please send us an email at