Welcome to another installment of This Week in Spring! As usual, we've got a lot to cover, so let's get to it!

1. Spring AMQP lead Gary Russell has just announced that Spring AMQP 1.3.0 has just been released!
2. Spring Social lead Craig Walls just announced the first, long-awaited, RC of Spring Social 1.1. Hurray! I'm excited to see this new release.
3. Spring Security lead Rob Winch has just announced a security fix for Spring Security 3.2.2 and 3.1.6.
4. Dr. Dave Syer, co-lead on Spring Boot, among many, many other amazing things, has thrown together a sexy looking Spring Boot wrapper for Ratpack, a toolkit for JVM web applications. That's so awesome.
5. Spring Data lead Oliver Gierke has just announced that the first service release for Spring Data Babbage is now available
6. I put together a post on the various deployment strategies for Spring Boot applications
7. Don't miss Mattias Arthursson on a webinar March 18th, presenting Spring LDAP 2.0.0.
8. Join Juergen Hoeller and the Spring Team for a webinar on Java 8 and Spring Framework 4.0 on March 25!
9. Speaking of Spring Data, check out the replay of this talk introducing Spring Data repository best practices from SpringOne2GX 2013
10. Don't miss John Hann's introduction to pragmatic JavaScript from SpringOne2GX 2013
11. Emanuel Rabina gave a talk at SpringOne2GX 2013 on improving your Spring view layer with natural templates and Thymeleaf: check it out!
12. The More Vaadin blog has a nice, if short, post on the Spring Boot/ Vaadin integration that Vaadin's Petter Holmström and I have been working on . Nice! As always, this is open-source so don't be shy and be sure to send any feedback you have.
13. In related news, snapshots of the Vaadin4Spring integration that Petter and I are working on are now published on Sonatype's repository - enjoy!
14. Our pal Eberhard Wolff is back, and this time he's written up a nice (German-language) post on Spring 4.0 and Spring Boot, among (many) other things
15. David Williams blog, A Time-to-Value Story with Cloud Foundry, is thought-provoking: how quickly can a technology deliver value - measurable value?
16. Martin Fowler has started watching the micro services space. Nothing to report, specifically. This is just a page I'd recommend watching.
17. Layer 7, a CA technologies company, has just released results of a survey focused on API design and deployment. There are many takeaways from the survey, so be sure to read it, but one thing I thought particularly promising: a predicted growth in Hypermedia-aware APIs among API developers. If you're interested in embracing hypermedia, and the design pattern HATEOAS, I would encourage you to check out Spring HATEOAS and - if you'd like to learn more about using Spring HATEOAS and Spring Boot, check out this tutorial and adjoining code.

Dear Spring Community,

I'm happy to announce the availability of Spring Social 1.1.0.RC1 as well as Spring Social Facebook 1.1.0.RC1, and Spring Social Twitter 1.1.0.RC1. These release candidates are the first step toward a GA release coming soon. They include several improvements, bug fixes, and a few new features, including:

• New Thymeleaf 3 and 4 dialects to match Spring Social's JSP tag library.
• A generic connection factory for quick configuration of an API for which there is no formal connection factory support. Provides a RestOperations as the API binding.
• Optimized use of RestTemplate in API bindings when using Spring 3.2+.
• A new streamlined and more flexible Java configuration option.
• SecurityConfigurerAdapter for enabling provider-based authentication with Spring Security's Java configuration.
• A pluggable session-abstraction.
• Support for Facebook's built-in OpenGraph actions in the API binding.
• Capture otherwise unbound data from provider API in a Map in both the Facebook and Twitter API bindings.
• Add a new TwitterTemplate constructor that only requires client credentials. It uses those to obtain a client access token.

Spring Security 3.2.2 (change log) and 3.1.6 (change log) have been released and are available in Maven Central.

Among the highlights, these two releases resolve CVE-2014-0097 which allows a malicious user to impersonate a user with an empty password if ALL of the following hold true:

• The application is using ActiveDirectoryLdapAuthenticator
• The directory allows anonymous binds (not recommended)

NOTE: This does NOT impact users of LdapAuthenticationProvider or <ldap-authentication-provider>

For full details on the releases, please refer to the previously mentioned change logs.

Recorded at SpringOne2GX 2013 in Santa Clara, CA

Speaker: John Hann

So you've been toying around with JavaScript. You have a basic feel for the language but don't quiet feel productive, yet. If so, this talk is for you. We'll peel away the abstractions, libraries, and frameworks to uncover the more interesting fundamentals of JavaScript. Specifically, we'll delve into the following:

• Prototypal inheritance (and alternatives to classical inheritance)
• Closures
• Scope versus context and this
• Public vs privileged vs private variables
• Modules
• Promises / Futures
• Recent improvements from EcmaScript 5 and 6
• Functional programming strategies
• Documentation using JSDoc
• Testing strategies
• and more!

Recorded at SpringOne2GX 2013 in Santa Clara, CA

Speaker: Emanuel Rabina

With the disconnect between the languages of the web (HTML, CSS, Javascript) and the languages of the server (Java, Groovy, Scala, etc), many libraries and frameworks have been invented over the years to fill this void, often resulting in views filled with back-end code, views filled with specialized syntaxes, or even the invention of completely new view languages abstractions; all for the purpose of transforming our server-side ideas into HTML, and few of which actually look like the HTML that it ends up as. Enter Thymeleaf - a templating framework that uses HTML to create good old HTML. In this presentation, you'll be introduced to Thymeleaf, some of its features, how you can use it in your Spring web projects, the growing ecosystem being developed around it, and how it uses natural templates to keep the web designer on your team, and inside each and every one of us, happy.

I am happy to announce the availability of the last service release of the Spring Data Babbage release train. The release includes the following modules:

• Spring Data Commons 1.6.5 - Changelog - JavaDoc - Artifacts
• Spring Data JPA 1.4.5 - Changelog - JavaDoc - Artifacts
• Spring Data MongoDB 1.3.5 - Changelog - JavaDoc - Artifacts
• Spring Data Neo4j 2.3.5 - Changelog - JavaDoc - Artifacts

The release bundles a bunch of important enhancements and bug fixes and is a recommended upgrade. The release forms the last service release of the Babbage release train. Users are recommended to have a look at the latest releases of Spring Data Codd and upgrade to them going forward.

We are pleased to announce the availability of the Spring AMQP (for Java) 1.3.0.RC1 release candidate. It is expected to be the final candidate before GA.

The release includes some significant new features, including:

• Listener Container

  • The listener container concurrency can be changed without first stopping the container and the listeners will be adjusted accordingly
  • The listener container can dynamically adjust the concurrent consumers, based on workload
  • The listener container now supports consumer priority (with RabbitMQ 3.2.x or greater)
  • The listener container now supports the configuration of an exclusive consumer

• Rabbit Template

  • The RabbitTemplate now has several convenient receiveAndReply methods
  • The RabbitTemplate can now be configured with a RetryTemplate, enabling clients to not have to deal directly with broker connectivity issues.

• Connection Factory

  • The Connection Factory can now cache connections rather than all users sharing the same connection (and, since M2, channels can be cached within cached connections)
  • There is now a SimpleRoutingConnectionFactory to determine which connection factory to use at runtime

• Other Key Features

  • A fluent Java API is now provided to build a Message (and MessageProperties)
  • A fluent Java API is now provided for building a listener container retry interceptor
  • When using a retry interceptor, a new RepublishMessageRecoverer is available to republish failed messages (with stack trace) to another exchange

Spring Boot 1.0 RC4 just dropped and 1.0 can't be too far behind, and there are all sort of cool features coming!

One of the many questions I get around this concerns deployment strategies for Boot applications. Spring Boot builds on top of Spring and serves wherever Spring can serve. It enjoys Spring's portability. Spring Boot lets the developer focus on the application's development first, and removes the need to be overly concerned with every other aspect of its lifecycle, including deployment and management.

Speakers: Oliver Gierke and Thomas Darimont

Slides: https://speakerdeck.com/olivergierke/spring-data-repositories-best-practices

The repository abstraction layer is one of the core pieces of the Spring Data projects. It provides a consistent, interface-based programming model to allow implementing data access layers easily for relational and NoSQL databases. We will have a look at the lessons learned from the application of it in various customer projects and summarize best practices for you to apply in your projects. The session will also discuss advanced features like the Querydsl integration, the integration of custom implementation code as well as hooks into Spring MVC and Spring HATEOAS.

Welcome to another installment of This Week in Spring.

As usual, we've got a lot to cover so let's get to it!

1. Spring Batch and Boot co-founder Dr. Dave Syer has announced that Spring Boot RC4 is now available. Check out the latest cut for all the goodies!
2. There is a new guide that details how to use Spring Data REST
3. Spring Data ninja Christoph Strobl has announced that Spring Data Redis 1.2 is now available.
4. Don't miss Mattias Arthursson on a webinar March 18th, presenting Spring LDAP 2.0.0.
5. Join Juergen Hoeller and the Spring Team for a webinar on Java 8 and Spring Framework 4.0 on March 25!
6. David Turanski has put together a nice post on how to use Groovy for bean configuration
7. Alvaro Videla's and Jan Machacek's talk from SpringOne2GX 2013, RabbitMQ is the new King, is now available online
8. Gary Russell's SpringOne2GX 2013 talk introducing Spring Integration's internals is now online
9. Pance Cavkovski has a nice post demonstrating the web socket support from the JavaWebSocket project, Java EE 7 and Spring 4.
10. Norris Shelton Jr. has a nice post on accessing the Spring Security principal from the currently installed Authentication object using a custom annotation
11. Quinten Krijger has a nice post on how to manage session concurrency with Spring Security and Spring MVC
12. Tomasz Nurkiewicz writes about how to build a custom Spring XML namespace. He makes a great point at the beginning, though: Spring doesn't require XML!
13. The Not Just Another Blog blog looks at how to override the Spring Security filter chain
14. Thys Michels has a short-and-sweet post on how to configure a Spring application using Java configuration to consume an ElasticSearch service on Heroku.