Support for Hystrix metrics aggregation via an annotation
@EnableTurbineAmqp(for an AMQP-based collector)
A rehaul of the Ribbon configuration making it more friendly for Spring users. You can now configure each Ribbon client in its own
@RibbonClientand override various bits, like the
LoadBalancer, or the
ServerListFilter, by providing
DiscoveryHealthIndicatoris now a composite that users can add information to by declaring
Discovery is now abstracted away from Eureka into a new spring-cloud-commons library, and enabled via new annotations like
@EnableDiscoveryClient(instead of the old
@EnableEurekaClient). The same pattern also applies to circuit breakers
Several improvements to the Zuul proxy, including automatic updates when the Eureka catalog changes, support for form-encoded POSTs, external configuration of the routes and authentication scheme for each client.
Declarative configuration of which routes require OAuth2 authentication in Spring Cloud Security.
Support for labels (like git branches) in the “native” profile of the Config Server (looks in subdirectory of the search locations).
Fail fast option in Config Server and Client if the required URI to locate config data is invalid.
Out of the box support for JSON messages in the Spring Cloud Bus.
A nice framework for Feign configuration based on a new
@FeignClientannotation (a bit like Spring Data repositories).
Spring Security OAuth 2.0.5.RELEASE is available now in all the usual Maven repositories. This is a bugfix release but nothing critical. We recommend upgrading if you are having trouble with customizing the Java config, since most of the issues resolved relate to that (for instance it is much easier to customize the password encoder for client secrets). There is a small breaking change for anyone using the
AuthorizationServerEndpointsConfigurer directly to configure a
ClientDetailsService (it doesn’t work that way, so you would be failing to configure it anyway).
Spring Cloud 1.0.0.M3 is available now in the repo.spring.io repository. The following projects all had a 1.0.0.M3 release:
Spring Cloud Config: centralized key-value (or YAML) configuration management. Now supports the config server being fully embedded in another application.
Spring Cloud Netflix. Also has better support for embeddability of the server components. Now also properly records load balancer statistics in Ribbon-enabled Spring
Spring Cloud for Amazon Web Services. Has new Spring Boot integration points, externalizing configuration for AWS metadata.
Spring Cloud Security: super simple OAuth2 in a declarative style.
Spring Cloud Bus: broadcasts framework-level events to Spring Cloud components. Big news here is that we now have a RabbitMQ-based aggregator for Hystrix metrics (based on Turbine 2), so you don't have to rely on having direct HTTP access to all service instances.
Spring Cloud CLI: Groovy CLI for writing microservices in self-contained scripts.
Spring Cloud for Cloud Foundry: now bridges between Spring Cloud Security and Cloud Foundry service bindings, making it super easy to do Single Sign On and OAutth2 protected resources in Cloud Foundry.
Spring Security OAuth 2.0.4.RELEASE is available now in the usual repositories. It's a bug fix release, so upgrading is recommended, but there is also a small set of new features:
OAuth2Authentication) can now be queried explicitly to find the grant type for the associated token. If the token is being refreshed the grant type in the
OAuth2Requestpresented to a
TokenEnhanceris the original grant type, not "refresh_token".
The client authorities are exposed in the "/check_token" endpoint
Password grants are more flexible and open to extension because both client and server can add additional parameters to the request. A custom
AuthenticationManageron the server side should still expect a
UsernamePasswordAuthenticationToken, but the additional parameters will be available in the
AuthenticationDetails. Multi-factor authentication for mobile devices could be implemented in this way, for instance.
Keystore support for JWT token signing and verification. User provides a Resource and a password and can then lift the keys out of the store by name. As long as they are RSA keys they can be injected into a
JwtAccessTokenConverter(using a new setter).
If you are building microservices with Spring you will be interested to see that Spring Cloud 1.0.0.M2 hit the streets yesterday and today, and can now be found in the Spring repository. Visit the individual project pages links in the main umbrella page or look at their github repositories for detailed instructions about how to get started using the individual components. There is also a Reference Guide covering the core modules.
Since Spring Cloud is an umbrella project we have a "release train" of related updates to all the sub-projects (like with Spring Data). The 1.0.0.M2 release has updates to spring Cloud Config, Spring Cloud Netflix, Spring Cloud Bus, Spring Cloud Security and Spring Cloud CLI.
Spring Cloud (the new umbrella project announced in September) has reached a milestone, its first, and fresh jars are available in the repo.spring.io repository. Spring Cloud is going to follow a "release train" model for releases, a bit like Spring Data, but we haven't got a cool name for this one yet, so it's just 1.0.0.M1. The modules that are part of this release are
Spring Cloud Config: Centralized external configuration management backed by a git repository. The configuration resources map directly to Spring
Environmentbut could be used by non-Spring applications if desired.
Spring Cloud Netflix: Integration with various Netflix OSS components (Eureka, Hystrix, Zuul, Archaius, etc.).
Spring Cloud Bus: An event bus for linking services and service instances together with distributed messaging. Useful for propagating state changes across a cluster (e.g. config change events).
Spring Cloud Security: A set of primitives for building secure applications and services with minimum fuss.
Spring Cloud CLI: Spring Boot CLI plugin for creating Spring Cloud component applications quickly in Groovy.
Spring Cloud Starters: Spring Boot-style starter projects to ease dependency management for consumers of Spring Cloud.
Spring Security OAuth 2.0.3 is available now in all the usual Maven repositories. It's a bug fix release, nothing major, so upgrading from 2.0.x should be painless (and is recommended). Some people were having issues getting JWT tokens to work properly, and those should be fixed. The only noteworthy functional change is that Resource Servers (if configured with
@Configuration) will now check the validity of the client and scopes before allowing access to protected resources. This means that client privileges can be revoked quickly, but may also lead to a performance penalty (so caching the
ClientDetailsService results would be recommended).
Spring Boot 1.1.3 is available now in Maven Central. This was primarily a bugfix release for Windows users needing the executable JAR features of Spring Boot, but several other issues were resolved, and there are plenty of documentation and third-party version updates too.
Thanks again to all the people who contributed (84 committers now and rising)!
Spring Boot 1.1.0.RC1 is available now in the Spring repositories. There are some new features and some new documentation:
Autoconfiguration support for Spring Data Elastic Search, HornetQ messaging, Spring Social
@IntegrationTestin the Groovy CLI
Upgrades to Tomcat, Spring Integration, Reactor and Groovy
We are on schedule for a GA release some time in the next 2 weeks, so please try out the RC1 and get feedback onto github as soon as you have time.
Spring Boot 1.1.0.M2 is available now in the Spring repositories. There are quite a few new features and plenty of new documentation:
Big changes to the
HealthIndicatorinterface and the existing implementations, e.g. all database backends (like Mongo etc.) have a default
HealthIndicatorand the Actuator aggregates them all up into a single readout.
Support for Spring Data Solr and Spring Data Gemfire, and upgrade to the Spring Data Dijkstra release train
Support for multiple
DataSourcesthrough a convenient
DataSourceBuilderabstraction, plus a similar feature for JPA
Upgrades to various new versions of existing dependencies, e.g. Spring Batch 3.0, Spring Security 3.2.4