News & Events

This FAQ page answers some of the common community questions about Spring User Agent Analysis (UAA).

Please note this FAQ does not replace or modify the Spring UAA Terms of Use found at http://www.springsource.org/uaa/terms_of_use.

What is Spring UAA?

Spring UAA helps us gain a better understanding of how people are using Spring technologies. Of course your privacy is of paramount importance. For this reason Spring UAA does not operate unless you explicitly authorize it to, and any data it sends is completely anonymous.

What benefit does Spring UAA give to me?

Spring UAA enables us to make the Spring technologies better. We can focus on improving those technologies and features that the community use the most. We can also prioritize our interoperability efforts around the technologies that people most commonly use together. UAA also enables some exciting new features, such as automatically ranking the add-ons/plugins receiving the most use. This helps you locate the most popular Spring technology extensions according to the overall Spring community. If you wish you can also provide anonymous comments and ratings of such Spring technology extensions and these will be shared with other community members considering using them. Essentially Spring UAA lets us make your Spring experience much better.

Does Spring UAA collect any data without my permission?

No. Spring UAA does not collect any data without your explicit permission. Even if you give permission, you can naturally revoke your permission at a later time.

Will you use Spring UAA for marketing to me?

No. This is not permitted under the Terms of Use at http://www.springsource.org/uaa/terms_of_use. Even if it were permitted, we have no way of identifying you given the data collected is always anonymous.

What steps have been taken to ensure I can't be identified?

Spring UAA has been expressly designed to prevent you from being identified. The entire design helps achieve this, but some specifics include being disabled by default, never asking for your name or any other details, not correlating your IP address with any data collected, only recording add-on/plugin names if those add-ons/plugins are known to be public accordingly to public extension lists etc. We also transmit SHA-256 hash codes where appropriate rather than plain text, thus preventing us from being able to reverse the hash code back to its original form. Of course Spring UAA is also disabled by default and you can control and view the data it is collecting at any time.

How can I see and control what data Spring UAA is sending?

Every UAA-enabled tool allows you to see and control the data being sent. For details on the menu options or commands to use, please refer to the UAA Terms of Use document at http://www.springsource.org/uaa/terms_of_use.

When will Spring UAA transmit data?

There are three circumstances in which UAA will transmit data. The first circumstance is if you've explicitly enabled UAA. The second circumstance is you've neither accepted nor rejected the UAA Terms of Use, in which case UAA will occasionally transmit a randomly-generated machine ID. The third and final circumstance is if you've rejected the Terms of Use, in which case a single, final transmission will occur containing a randomly-generated machine ID. The latter two transmission types never contain any data apart from the randomly-generated machine ID (ie a UUID) and a flag to indicate the Terms of Use status. These latter two transmission types are necessary so that we can accurately determine what proportion of total users the UAA data reliably represents.

Is there a Terms of Use document covering Spring UAA?

Yes. We maintain the Terms of Use at http://www.springsource.org/uaa/terms_of_use.

Where is the Spring UAA source code so I can review it?

Every Spring UAA client library release includes source code. These are published in a standard Maven repository at http://s3browse.springsource.com/browse/spring-roo-repository.springsource.org/release/org/springframework/uaa/org.springframework.uaa.client/.

What technical approach does Spring UAA use?

If you have enabled Spring UAA, it works by maintaining usage details via the Java Preferences API. This allows multiple Spring tools to update the same Spring UAA data. While the Spring tools are running, UAA will occasionally transmit a Base64-encoded Protocol Buffers payload to VMware. The payload represents the key data maintained via the Java Preferences API. Generally the UAA data is truncated after each successful HTTP request to save storage space and future transmission bandwidth.

Why did you use those technologies?

By using this approach, we were able to minimize the payload size by efficient encoding using Protocol Buffers and truncating the data after a successful HTTP request. The use of the Preferences API also means that different Spring technologies can share UAA data, thus giving you the convenience of seeing all data from any tool and also allowing you to control your UAA settings (such as enabling/disabling UAA) just once and having this impact every Spring tool you're using. Essentially UAA aims to be as privacy-respecting, convenient and as lightweight as possible.

Where can I ask other questions?

Some of your questions might be answered by reading the Terms of Use at http://www.springsource.org/uaa/terms_of_use. If this doesn't answer your questions, please email s2-uaa-operations@vmware.com.