Here is a brief of the frameworks I read about:
- JMatter - This one I already use a few months back. The UI is pretty decent, but the lack of production quality web-based view technology.. makes it very far behind others. It currently only has production-grade Swing viewer, making it a two tier application platform. Security-wise, two-tier platforms are not good -> each client must have a database connection to the db server, which potentially could be abused. Has no authorization code built in. Actions on the entity written in the domain model, encapsulating business logics.
- OpenXava - Web-based GUI with some AJAX parts. Has no authorization code built in. Separates actions from domain model, the concept is that actions must be contained in controllers.
- Jspresso - Has multiple view (GUI) technology implemented - ULC, Flex, and WingS. Flex is Adobe's RIA technology, WingS is AJAX Web-based view technology. ULC I have no experience. The Reference manual somewhat not completed. Domain model not written in Java, it was written in spring beans XML. I havent figure out how to write business logic, but entity relationship stuffs seems to be complete. Class-based authorization and dynamic authorization (The docs were very hazy about this one - seems that this is authorization based on object's state but I havent' found out how to implement authorization based on object's owner).
- Nakedobjects - Currently only has Swing/AWT viewer (sorry, haven't got time to find out which is which) and HTML (web-based) viewer. Domain model written in Java, contains business logic (similar to JMatter). Class-based authorization.
- Trails - only has Tapestry viewer, which generates Web-based GUI. Domain Model in Java. Seems to be the only one that implement class based authorization and association-based authorization.