The Spring Blog

Engineering
Releases
News and Events

Spring Boot 2.0.4 available now

It is my pleasure to announce that Spring Boot 2.0.4 has been released and is is now available from repo.spring.io and Maven Central.

Spring Boot 2.0.4 includes 90 fixes, improvements and dependency updates. Thanks to all that have contributed with issue reports and pull requests.

If you haven’t already upgraded to Spring Boot 2, now is a great time to do so as the end of life announcement for 1.x’s has just been made.

How can you help?

If you’re interested in helping out, check out the “ideal for contribution” tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter.

Read more...

Spring Boot 1.5.15 available now

On behalf of the team, I am pleased to announce that Spring Boot 1.5.15 has been released and is is now available from repo.spring.io and Maven Central.

Spring Boot 1.5.15 includes 35 fixes, improvements and dependency updates. Thanks to all that have contributed with issue reports and pull requests.

If you haven’t already upgraded to Spring Boot 2, now is a great time to do so as the end of life announcement for 1.x’s has just been made.

How can you help?

If you’re interested in helping out, check out the “ideal for contribution” tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter.

Read more...

Spring Boot 1.x EOL Aug 1st 2019

All good things must come to an end, and for the 1.x line of Spring Boot that means we will need to cease maintenance twelve months from today, on Aug 1st 2019.

We will keep publishing occasional 1.5.x maintenance releases up until that point and will then end the branch.

Existing Spring Boot 1.x users should plan accordingly to ensure that they have upgraded to the latest 2.x version before that date. Please also note that Spring Boot 2.0 and above requires Java 8+, so if you’re running Java 6 or 7 you should also plan on upgrading your JDK.

Read more...

Spring Security 5.1.0.M2 Released

On behalf of the community I am pleased to announce the release of Spring Security 5.1.0.M2. This release comes with 100+ tickets closed.

As always we look forward to hearing your feedback! You can find the highlights below:

OAuth2

OAuth2 Resource Server

Basic support for OAuth2 Resource Servers has been added. See oauth2resourceserver

Authorization Code Flow

User’s can now obtain an access token using the OAuth 2.0 Authorization Code grant. See the authcodegrant sample.

WebClient and OAuth2 Support

There is now built in support for OAuth2 and WebClient support. The support allows:

  • Adding the access token to the request

  • Automatic refreshing of the access token when it expires

  • Resolving the access token to use

For example, in a Servlet environment you can configure a Bean like this:

@Bean
WebClient webClient(OAuth2AuthorizedClientRepository repository) {
    ServletOAuth2AuthorizedClientExchangeFilterFunction filter =
        new ServletOAuth2AuthorizedClientExchangeFilterFunction(repository);
    return WebClient.builder()
        .filter(new OAuth2AuthorizedClientExchangeFilterFunction())
        .apply(filter.oauth2Configuration())
        .build();
 }

Now you can add the OAuth token in a number of different ways. If you want you can resolve the OAuth2AuthorizedClient using the Spring MVC support. If the authorization server returned a refresh token and the access token is about to expire, Spring Security will transparently update the access token and submit the updated access token instead.

@GetMapping("/users")
Mono<String> users(@RegisteredOAuth2AuthorizedClient("client-id")
        OAuth2AuthorizedClient authorizedClient) {
    return this.webClient.get()
        .uri("https://api.example.com/user")
        .attributes(oauth2AuthorizedClient(authorizedClient))
        .retrieve()
        .bodyToMono(String.class);
}

You can also resolve the access token through the WebClient. Fore example:

Mono<String> users() {
    return this.webClient.get()
        .uri("https://api.example.com/user")
        .attributes(clientRegistrationId("client-id"))
        .retrieve()
        .bodyToMono(String.class);
}

If you authenticated using OAuth2 Log In or OIDC, then a default access token can be applied with no user interaction.

Mono<String> users() {
    // if Authenticated with OIDC
    // OAuth2 Log In use the access token associated to log in
    return this.webClient.get()
        .uri("https://api.example.com/user")
        .retrieve()
        .bodyToMono(String.class);
}
Read more...

Spring Data Ingalls SR14 and Kay SR9 released

On behalf of the Spring Data team, I’d like to announce the availability of the Ingalls SR14 and Kay SR9 release. Kay SR9 ships on top of the just-released Spring Framework 5.0.8. Spring Boot 2.0.4 is going to pick up Kay SR9 for your convenience. Ingalls SR14 will be picked up by Spring Boot 1.5.15. Both releases ship with mostly bugfixes and a few dependency upgrades.

Ingalls SR14 ships with 28 tickets fixed and Kay SR9 contains 59 tickets fixed.

To round things off, here are the links to the changelogs, documentation, and artifacts:

Read more...

Spring Data Lovelace RC1 available

On behalf of the Spring Data team, it is my pleasure to announce the availability of the Lovelace RC1 release. The first release candidate ships on top of the just-released Spring Framework 5.1 RC1 and in preparation of the upcoming Spring Boot 2.1 M1 release.

This release candidate ships with 194 tickets fixed and contains the following notable changes:

  • Support for immutable objects.
  • Upgrade of Querydsl for MongoDB to use the Document API, letting you publish lifecycle events and participation in managed transactions.
  • Reactive Slice query support for Apache Cassandra.
  • Kotlin extension for Apache Cassandra.
  • Reactive SCAN support for Redis.
Read more...

Spring Framework 5.1 goes RC1

Dear Spring community,

It is my pleasure to announce that a feature-complete Spring Framework 5.1 release candidate is available from our milestone repository now! Find a comprehensive list of new features and refinements and corresponding upgrade notes on our GitHub wiki.

Spring Framework 5.1 requires JDK 8 or higher and specifically supports JDK 11 as the next long-term support release. We strongly recommend an upgrade to 5.1 for any applications targeting JDK 11, delivering a warning-free experience on the classpath as well as the module path. Beyond that, initial refinements for GraalVM compatibility made it into this release, automatically adapting to the runtime constraints of native images in core Spring facilities.

Read more...

This Week in Spring - July 24th, 2018

Hi Spring fans! Welcome to another installment of This Week in Spring! This week I’m in San Francisco in studio with Spring Security lead Rob Winch filming our new Spring Security Livelessons video. There is so much to cover that, as you can imagine, it’s a tall order even for the two of us!

I’m also busily preparing for my talk with my buddy and Googler Ray Tsang at this week’s Google Cloud NEXT event on all things Pivotal and Google Cloud. We’re going to look at the bootiful Spring Cloud GCP project and, importantly, the new project jointly announced between Google and Pivotal just this morning, KNative, which serves as the platform on which we at Pivotal have built and deployed our Project Riff serverless function-as-a-service runtime. Do not miss it if you’re around!

Read more...