The Java EE Security API, JSR 375, was approved in early August. All members of the JCP Executive Committee voted "Yes", with zero "No" votes. Intel Corp. did not vote on the JSR.
The JSR contains many improvements around user management, password aliasing, role mapping, authentication, and authorization. Such enhancements are designed to make Java EE security easier to implement in a cloud environment. (Details of JSR 375 were covered by InfoQ in November 2014.)
The project site has moved to https://github.com/javaee/security-spec. (The JSR still lists the project site incorrectly as http://java.net/projects/javaee-security-spec.) The repository contains the specification and 20 open issues, likely found when creating the reference implementation in Glassfish.
The road to Java EE 8 has not been easy, but there is light at the end of the long tunnel with recent JSR approvals. Oracle is also considering moving Java EE to an open source foundation. Their recent dialog with the community is a positive step in increasing the transparency of the platform. More details will likely be shared at Oracle’s annual JavaOne Conference in early October. Be sure to check back with us then, as InfoQ will provide extensive coverage.