The Spring Blog

News and Events

Spring Security 4.0.0.RC2 Released

We are please to announce the release of Spring Security 4.0.0.RC2.

We were very keen on doing a GA release, but due to community feedback we decided that another RC was necessary. Ultimately, this release resolved nearly 50 tickets.

A summary of changes can be seen below:

Assuming everything goes smoothly, the plan is to do a GA release in approximately two weeks. In the meantime, make sure to try everything out and give us feedback!


This Week in Spring - February 24th, 2015

Welcome to another installment of This Week in Spring! We’ve got a lot to cover so let’s get to it!

  1. Our pal Adam Koblentz (from ZeroTurnaround) put up this great post introducing building a websocket application with Spring Boot and JRebel. Check it out!
  2. Check out this replay of Mark Fisher, Dr. Mark Pollack, and Sabby Anandan’s webinar introducing Spring XD - A Platform for data at scale and developer productivity
  3. A huge part of the Pivotal Data Suite, of course, is Spring XD. Last week I surfaced some of the amazing Spring XD wiki content on the new stream processing supports in Spring XD 1.1. Check out the Wiki page for a more detailed look by Spring XD ninja Ilayaperumal Gopinathan.
  4. Spring Cloud co-lead Spencer Gibb has been improving the Spring Cloud Netflix integration. Check out this example demonstrating using RxJava’s Observable<T> return-values from Spring MVC. Here are the changes.
  5. March Webinars are here, and it’s packed with Javascript, Spring Boot and Spring Cloud.
    This killer lineup starts with Dr. Dave Syer’s epic VII part blog series on Angular - lightweight API gateway - Spring Security - made into a webinar on March 10th. Then Scott Deeg will examine the same thing, except with Google’s Polymer on the frontend, on a webinar March 24th. Lastly, Julien Dubois will introduce the AngularJS+Boot application generator, JHipster on March 17th, 2015.
  6. Alvin Reyes’s posts introducing how to configure Apache Tomcat’s server.xml and users.xml are wonderful resources.
  7. Reactor project-lead Jon Brisbin has just announced Reactor RC1!
  8. Spring ninja Stéphane Nicoll has just announced the Spring framework maintenance release, 4.1.5
  9. Last week, we at Pivotal announced some big changes; we’ve open-sourced our Pivotal Data Suite! Check out this InfoQ post on the subject
  10. Spring IO Platform lead Andy Wilkinson has just released improved support for Maven Bill-of-Material dependency management using Gradle
  11. Eclipse foundation member John Arthorne and Spring Tool Suite lead Martin Lippert’s talk, Eclipse IDE to the Cloud-Based Era of Developer Tooling from JavaOne 2014 is available online and well worth a watch!
  12. The SD Times article on the open-sourcing of the Pivotal Data Suite is worth a read, too.
  13. Not related but still awesome: HTTP2 is now a thing!
  14. Check out Rick Hightower’s post on using the QBit framework with Spring Boot. Interesting..
  15. Hubert Klein Ikkink put together a quick look at using Spring Boot’s OutputCapture JUnit @Rule in a Spock test.
  16. Our pal Eugen Paraschiv put together a great look at using the venerable JdbcTemplate
  17. Disid’s Enrique Ruiz put together a nice post on using Spring Roo from STS.
  18. Check out this week’s SpringOne2GX 2014 replays:
    SpringOne2GX 2014 Replay: Panel Session: Real World Boot-up sequences
    SpringOne2GX 2014 Replay: Spring Data REST - Data Meets Hypermedia
    SpringOne2GX Replay: Spring Batch Performance Tuning
    SpringOne2GX 2014 Replay: Artistic Spring Data Neo4j 3.x with Spring Boot

Webinar: Building a secure Polymer app with Spring backend

Speaker: Scott Deeg

Polymer is the latest web framework out of Google. Designed completely around the emerging Web Components standards, it has the lofty goal of making it easy to build apps based on these low level primitives. Along with Polymer comes a new set of Elements (buttons, dialog boxes and such) based on the ideas of "Material Design". These technologies together make it easy to build responsive, componentized "Single Page" web applications that work for browsers on PCs or mobile devices. But what about the backend, and how do we make these apps secure? In this talk Scott Deeg will take you through an introduction to Polmyer and its related technologies, and then through the build out of a full blown cloud based app with a secure, RESTful backend based on Spring REST, Spring Cloud, and Spring Security and using Thymeleaf for backend rendering jobs. At the end he will show the principles applied in a tool he's currently building. The talk will be mainly code walk through and demo, and assumes familiarity with Java/Spring and JavaScript.


Webinar: JHipster for Spring Boot

Speaker: Julien Dubois

JHipster focuses on generating a high quality application with a Java back-end using an extensive set of Spring technologies; Spring Boot, Spring Security, Spring Data, Spring MVC (providing a framework for websockets, REST and MVC), etc. an Angular.js front-end and a suite of pre-configured development tools like Yeoman, Maven, Gradle, Grunt, Gulp.js and Bower. JHipster creates a fully configured Spring Boot application with a set of pre-defined screens for user management, monitoring, and logging. The generated Spring Boot application is specifically tailored to make working with Angular.js a smoother experience. Join Julien for a quick-live coding session to build a simple application, and deploy it to Cloud Foundry.


Webinar: A Single-Page Application with Spring Security and Angular JS

Speaker: David Syer

Pivotal Spring Security, Spring Boot and Angular JS all have nice features for making it really easy to produce modern applications, so there is potentially a lot of value in making them work together very smoothly. Things to consider are cookies, headers, native clients, various security vulnerabilities and how modern browser technology can help us to avoid them. In this session we show how nice features of the component frameworks can be integrated simply to provide a pleasant and secure user experience. We start with a very basic single-server implementation and scale it up in stages, splitting out backend resources and authentication to separate services. The final state includes a simple API Gateway on the front end implemented declaratively using Spring Cloud, and using this we are able to neatly sidestep a lot of the problems people encounter securing a javascript front end with a distributed back end.


SpringOne2GX 2014 Replay: Spring Data REST - Data Meets Hypermedia

Recorded at SpringOne2GX 2014

Speakers: Roy Clarkson, Greg Turnquist


Spring Data REST bridges the gap between the convenient data access layers provided by Spring Data's repository abstraction and hypermedia-driven REST web services, effectively taking out the boilerplate needed during implementation. This talk will give a quick overview of the project, explain fundamental design decisions and introduce new features of the latest version (namely service documentation and discoverability). We will then look at the Spring-A-Gram sample application (built using Spring Data REST), focusing on the implementation of the frontend bits and pieces.


SpringOne2GX Replay: Spring Batch Performance Tuning

Recorded at SpringOne2GX 2014.

Speakers: Gunnar Hillert, Chris Schaefer Slides: Data / Integration Track


In this presentation we will examine various scalability options in order to improve the robustness and performance of your Spring Batch applications. We start out with a single threaded Spring Batch application that we will refactor so we can demonstrate how to run it using: * Concurrent Steps * Remote Chunking * AsyncItemProcessor and AsyncItemWriter * Remote Partitioning Additionally, we will show how you can deploy Spring Batch applications to Spring XD which provides high availability and failover capabilities. Spring XD also allows you to integrate Spring Batch applications with other Big Data processing needs.