{"id":"stantonk-mcp-server-java-sse-http-demo","name":"mcp-server-java-sse-http-demo","homepage":null,"repo_url":"https://github.com/stantonk/mcp-server-java-sse-http-demo","category":"devtools","subcategories":[],"tags":["ai-ml","mcp-server","java","jetty","sse","http-transport","agentic-ai","demo"],"what_it_does":"Provides a demo Java MCP (Model Context Protocol) server that exposes tools over an SSE-based HTTP transport (Jetty). The repository also demonstrates a “fast-agent” workflow that can call other MCP servers (e.g., websearch for geocoding) and then call the included weather MCP server to summarize forecasts.","use_cases":["Demonstrate MCP server integration over HTTP using SSE","Build/learn MCP tool implementations in Java","Prototype multi-MCP “agent” flows (e.g., geocoding then weather)","Local development/testing of SSE MCP message streaming","Educational reference for wiring MCP with minimal Spring usage"],"not_for":["Production deployments requiring hardened security, rate limiting, and operational safeguards","Use as-is for handling untrusted client traffic on the public internet","Workloads needing guaranteed uptime/SLA or rigorous error/retry semantics"],"best_when":"For local demos, learning, and early prototypes that need an SSE HTTP transport MCP server in Java.","avoid_when":"When you need enterprise-grade security controls, strong auth, and clearly specified reliability guarantees (retries/idempotency, error codes, rate limits) out of the box.","alternatives":["Other MCP server implementations (stdio/local) using the reference java-sdk","Different MCP transports/servers using community implementations with documented production guidance","Implement MCP with your own backend framework and add OpenAPI/auth/rate limiting as needed"],"af_score":40.8,"security_score":19.2,"reliability_score":17.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T19:39:22.793816+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"http://localhost:8080/sse","has_sdk":true,"sdk_languages":["Java","Python (fast-agent-mcp referenced)"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":[],"oauth":false,"scopes":false,"notes":"No authentication mechanism is described for the SSE endpoint or the message POST endpoint. README shows unauthenticated curl commands to /sse and /mcp/message."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information present; appears to be an open-source demo."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":40.8,"security_score":19.2,"reliability_score":17.5,"mcp_server_quality":55.0,"documentation_accuracy":50.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":0.0,"tls_enforcement":10.0,"auth_strength":5.0,"scope_granularity":0.0,"dependency_hygiene":40.0,"secret_handling":50.0,"security_notes":"Based on README alone, the SSE/POST endpoints appear unauthenticated and are intended for local demonstration. TLS requirements, authn/authz, scope granularity, and rate limiting are not documented. This should be treated as insecure by default for any non-local/untrusted environment.","uptime_documented":0.0,"version_stability":30.0,"breaking_changes_history":20.0,"error_recovery":20.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Repo explicitly states it is not production grade; expect incomplete operational behaviors (auth, rate limits, robust error/retry semantics).","SSE configuration requires sessionId for follow-up message POSTs; agents must propagate/retain that sessionId from the SSE exchange.","No auth described; agents interacting from untrusted networks should not do so without adding external protections."]}}