Dear Spring Community,

I'm happy to announce the availability of Spring Social 1.1.0.RC1 as well as Spring Social Facebook 1.1.0.RC1, and Spring Social Twitter 1.1.0.RC1. These release candidates are the first step toward a GA release coming soon. They include several improvements, bug fixes, and a few new features, including:

• New Thymeleaf 3 and 4 dialects to match Spring Social's JSP tag library.
• A generic connection factory for quick configuration of an API for which there is no formal connection factory support. Provides a RestOperations as the API binding.
• Optimized use of RestTemplate in API bindings when using Spring 3.2+.
• A new streamlined and more flexible Java configuration option.
• SecurityConfigurerAdapter for enabling provider-based authentication with Spring Security's Java configuration.
• A pluggable session-abstraction.
• Support for Facebook's built-in OpenGraph actions in the API binding.
• Capture otherwise unbound data from provider API in a Map in both the Facebook and Twitter API bindings.
• Add a new TwitterTemplate constructor that only requires client credentials. It uses those to obtain a client access token.

Spring Security 3.2.2 (change log) and 3.1.6 (change log) have been released and are available in Maven Central.

Among the highlights, these two releases resolve CVE-2014-0097 which allows a malicious user to impersonate a user with an empty password if ALL of the following hold true:

• The application is using ActiveDirectoryLdapAuthenticator
• The directory allows anonymous binds (not recommended)

NOTE: This does NOT impact users of LdapAuthenticationProvider or <ldap-authentication-provider>

For full details on the releases, please refer to the previously mentioned change logs.

Recorded at SpringOne2GX 2013 in Santa Clara, CA

Speaker: Emanuel Rabina

With the disconnect between the languages of the web (HTML, CSS, Javascript) and the languages of the server (Java, Groovy, Scala, etc), many libraries and frameworks have been invented over the years to fill this void, often resulting in views filled with back-end code, views filled with specialized syntaxes, or even the invention of completely new view languages abstractions; all for the purpose of transforming our server-side ideas into HTML, and few of which actually look like the HTML that it ends up as. Enter Thymeleaf - a templating framework that uses HTML to create good old HTML. In this presentation, you'll be introduced to Thymeleaf, some of its features, how you can use it in your Spring web projects, the growing ecosystem being developed around it, and how it uses natural templates to keep the web designer on your team, and inside each and every one of us, happy.

I am happy to announce the availability of the last service release of the Spring Data Babbage release train. The release includes the following modules:

• Spring Data Commons 1.6.5 - Changelog - JavaDoc - Artifacts
• Spring Data JPA 1.4.5 - Changelog - JavaDoc - Artifacts
• Spring Data MongoDB 1.3.5 - Changelog - JavaDoc - Artifacts
• Spring Data Neo4j 2.3.5 - Changelog - JavaDoc - Artifacts

The release bundles a bunch of important enhancements and bug fixes and is a recommended upgrade. The release forms the last service release of the Babbage release train. Users are recommended to have a look at the latest releases of Spring Data Codd and upgrade to them going forward.

We are pleased to announce the availability of the Spring AMQP (for Java) 1.3.0.RC1 release candidate. It is expected to be the final candidate before GA.

The release includes some significant new features, including:

• Listener Container

  • The listener container concurrency can be changed without first stopping the container and the listeners will be adjusted accordingly
  • The listener container can dynamically adjust the concurrent consumers, based on workload
  • The listener container now supports consumer priority (with RabbitMQ 3.2.x or greater)
  • The listener container now supports the configuration of an exclusive consumer

• Rabbit Template

  • The RabbitTemplate now has several convenient receiveAndReply methods
  • The RabbitTemplate can now be configured with a RetryTemplate, enabling clients to not have to deal directly with broker connectivity issues.

• Connection Factory

  • The Connection Factory can now cache connections rather than all users sharing the same connection (and, since M2, channels can be cached within cached connections)
  • There is now a SimpleRoutingConnectionFactory to determine which connection factory to use at runtime

• Other Key Features

  • A fluent Java API is now provided to build a Message (and MessageProperties)
  • A fluent Java API is now provided for building a listener container retry interceptor
  • When using a retry interceptor, a new RepublishMessageRecoverer is available to republish failed messages (with stack trace) to another exchange

Spring Boot 1.0 RC4 just dropped and 1.0 can't be too far behind, and there are all sort of cool features coming!

One of the many questions I get around this concerns deployment strategies for Boot applications. Spring Boot builds on top of Spring and serves wherever Spring can serve. It enjoys Spring's portability. Spring Boot lets the developer focus on the application's development first, and removes the need to be overly concerned with every other aspect of its lifecycle, including deployment and management.

Speakers: Oliver Gierke and Thomas Darimont

Slides: https://speakerdeck.com/olivergierke/spring-data-repositories-best-practices

The repository abstraction layer is one of the core pieces of the Spring Data projects. It provides a consistent, interface-based programming model to allow implementing data access layers easily for relational and NoSQL databases. We will have a look at the lessons learned from the application of it in various customer projects and summarize best practices for you to apply in your projects. The session will also discuss advanced features like the Querydsl integration, the integration of custom implementation code as well as hooks into Spring MVC and Spring HATEOAS.

Welcome to another installment of This Week in Spring.

As usual, we've got a lot to cover so let's get to it!

1. Spring Batch and Boot co-founder Dr. Dave Syer has announced that Spring Boot RC4 is now available. Check out the latest cut for all the goodies!
2. There is a new guide that details how to use Spring Data REST
3. Spring Data ninja Christoph Strobl has announced that Spring Data Redis 1.2 is now available.
4. Don't miss Mattias Arthursson on a webinar March 18th, presenting Spring LDAP 2.0.0.
5. Join Juergen Hoeller and the Spring Team for a webinar on Java 8 and Spring Framework 4.0 on March 25!
6. David Turanski has put together a nice post on how to use Groovy for bean configuration
7. Alvaro Videla's and Jan Machacek's talk from SpringOne2GX 2013, RabbitMQ is the new King, is now available online
8. Gary Russell's SpringOne2GX 2013 talk introducing Spring Integration's internals is now online
9. Pance Cavkovski has a nice post demonstrating the web socket support from the JavaWebSocket project, Java EE 7 and Spring 4.
10. Norris Shelton Jr. has a nice post on accessing the Spring Security principal from the currently installed Authentication object using a custom annotation
11. Quinten Krijger has a nice post on how to manage session concurrency with Spring Security and Spring MVC
12. Tomasz Nurkiewicz writes about how to build a custom Spring XML namespace. He makes a great point at the beginning, though: Spring doesn't require XML!
13. The Not Just Another Blog blog looks at how to override the Spring Security filter chain
14. Thys Michels has a short-and-sweet post on how to configure a Spring application using Java configuration to consume an ElasticSearch service on Heroku.

Spring Data Redis 1.2.0 has been released and is now available from Maven Central. This release sums up the fixes and enhancements from 1.1.1 and RC1 plus an updated documentation. The release has been tested against Redis 2.4.6, 2.6.17, 2.8.6 as well as the recent 3.0-beta1 using the latest Spring framework 3.2 and 4.0 versions.

Reference Documentation | Changes | JavaDoc

Up next SD Redis will join the Spring Data release train Dijkstra. We are looking forward to your feedback on Twitter or in the issue tracker.

Recorded SpringOne2GX 2013 in Santa Clara, CA

Speaker: Gary Russell

A comprehensive review of message routing within a flow - including

• exactly how and when replyChannel and errorChannel headers are used
• how and when these headers apply in an error flow
• differences between synchronous and asynchronous processing (with task executors and pollers)
• Use of SpEL (for messagemethod mapping as well as certain "dynamic" config attributes)
• Type conversion (via SpEL, datatype channels, etc) Implicitly created channels
• How chains work How messages are mapped to methods when a message arrives at a component
• How gateway methods are mapped to messages (and a first look at some enhancements we are considering)
• Options for synchronous and asynchronous flows simple multi-threading aggregation aggregating messages from different sources
• How to debug Spring Integration applications Advanced configuration techniques and more...