The JSR-375 Expert Group, after a period of relative inactivity, has a new Spec Lead, and has resumed its work to define a core set of security APIs and functions for Java EE.
The EG is active and engaged. An Early Draft Release specification is taking shape, and, while there are still deliberations going on, we expect to publish an EDR by January 2017. API code is also taking shape, as is a Reference Implementation.
Recent talks by EG members and others, at JavaOne and other developer conferences, have publicized the EG's work, and laid out a roadmap for Java EE security that includes JSR-375 as a foundation in EE 8, with additional capabilities, including OAuth/OpenID Connect support, planned for a follow-on JSR. The roadmap has been generally well-received.
Additional talks are scheduled, including my talk, "What's New in Java EE Security: JSR-375 and Beyond", which has been accepted for Devoxx US 2017.
The EG believes that JSR-375 should be completed, that it is important to the future of Java EE, and that it enjoys broad community support. We ask you to approve the renewal ballot.
Spec Lead, JSR-375