Dear Spring Community,
Spring Session MongoDB 2.0.0.M2 is released. It is based on:
Spring Session 2.0.0.M3
Spring Data Kay-RC2
Reactor Bismuth-M3
Spring 5.0.0.RC3
This is the first milestone with Reactor support, making it usable with Spring WebFlux.
In the meantime, you can get the bits today if you visit the project site, get the coordinates, and include the version number in your Spring Boot application.
Dear Spring Community,
Last month, Spring Session lead Rob Winch announced the release of Spring Session 2.0.0.M1 (notice the lack of MongoDB there?) In that post, he pared back Spring Session to officially supporting Redis, JDBC, and Hazelcast. No more MongoDB.
I’m here to announce that I’ve pick up the torch for Spring Session MongoDB. Managing both Spring Session and Spring Security (among other responsibilities), Rob couldn’t maintain high caliber support with too many data stores. Being a member of the Spring Data team, I felt better suited toward providing MongoDB support of Spring Session, so I reinstated it as a separate project…
Greetings Spring community,
I am happy to release the second milestone for Spring Cloud Spinnaker. Spring Cloud Spinnaker bundles up the continuous delivery Spinnaker platform, and provides a 1-click installer to let you install it to any certified Cloud Foundry provider.
UPDATE: This blog post originally cited M2, however one of our early adopters spotted a critical bug, so M3 has been built and released with the fix in hand.
Key features included in this release:
Much more simplified way to login, select your org and space from dropdowns, etc., shooting for as simple an experience as possible.
Ability to manage two CF spaces
Support for Jenkins and Travis CI monitoring.
Configure email and slack notifications
Move to hosted uber JARs, meaning installing the installer is no longer a bugbear
Other enhancements regarding to Spinnaker itself include ability to clone server groups, an upgrade to our Reactor-based cf-java-client 2 library, and also enhance UX showing more CF information than ever.
Greetings Spring community,
Spring Web Services has just released versions 2.3.1.RELEASE and 2.4.0.RELEASE.
2.3.1.RELEASE is a minor patch release.
2.3.1 Release Notes | 2.3.1 Documentation.
2.4.0.RELEASE rebases Spring Web Services to run on Spring Framework 4.2.x & Spring Security 4.0.x, the stable baselines behind Spring 4.3/Spring Security 4.1. At the same time, it remains compatible with Java 7. This version includes changes to the code base making it forward compatible with Spring 4.3 and 5.0, so you are free to move up to whichever version of Spring/Spring Security you wish to use.
Greetings Spring community,
I am happy to release the first milestone for Spring Cloud Spinnaker. Spring Cloud Spinnaker bundles up the continuous delivery Spinnaker platform, and provides a 1-click installer to let you install it to any certified Cloud Foundry provider.
At this year’s SpringOne Platform 2016 conference, there were two talks about Spinnaker. If you have early release access and missed them, you can watch right now. Otherwise you can catch them on the SpringDeveloper YouTube Channel once they are published.
If your team/meetup/JUG is interested in hearing more about Spinnaker, check in with me and we can arrange a…
Greetings Spring community,
There has been a lot of buzz in the past six months over Spring 5 and Reactive Streams support. I personally witnessed the number of questions Rossen received during his Reactive Spring MVC talk at DevNexus back in March. And his reactive talk at Spring I/O conference more recently was VERY popular to attenders.
Based on the huge leaps and bounds Project Reactor has made in the past two years, we are taking two of our guides down:
Creating an Asynchronous, Event-Driven Application with Reactor
Uploading pictures with Reactor
Those guides are over two years old…
Greetings Spring community,
Spring WS has just released version 2.3.0.RELEASE. This is a major upgrade where we have updated several core dependencies such as Apache Wss4j 2 (from 1.6). I recommend upgrading to ensure you have the latest fixes. For a listing of completed issues see the report below:
Release Notes | Project Page | GitHub | Issues | Documentation
The artifacts are staged on maven central, http://repo.spring.io/release, and bintray.
Cheers!
Greetings Spring Community,
I hope you enjoyed my blog series on React.js + Spring Data REST. In that series, you got to build up a rich web app with hypermedia controls, conditional operations, messaging, and security.
To make things even better, that series has been bundled up and converted into a tutorial: https://spring.io/guides/tutorials/react-and-spring-data-rest/
Some key updates made along the way:
| To see updates to this code, visit our React.js and Spring Data REST tutorial. |
In the previous session, you made the app dynamically response to updates from other users via Spring Data REST’s built in event handlers and the Spring Framework’s WebSocket support. But no application is complete without securing the whole thing so that only proper users have access to the UI and the resources behind it.
Feel free to grab the code from this repository and follow along. This session is based on the previous session’s app with extra things added.
Before getting underway, you need to add a couple dependencies to your project’s pom.xml file:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity4</artifactId>
</dependency>This bring in Spring Boot’s Spring Security starter as well as some extra Thymeleaf tags to do security look ups in the web page.
In the past session, you have worked with a nice payroll system. It’s handy to declare things on the backend and let Spring Data REST do the heavy lifting. The next step is to model a system where security controls need to be instituted.
If this is a payroll system, then only managers would be accessing it. So kick things off by modeling a Manager object:
@Data
@ToString(exclude = "password")
@Entity
public class Manager {
public static final PasswordEncoder PASSWORD_ENCODER = new BCryptPasswordEncoder();
private @Id @GeneratedValue Long id;
private String name;
private @JsonIgnore String password;
private String[] roles;
public void setPassword(String password) {
this.password = PASSWORD_ENCODER.encode(password);
}
protected Manager() {}
public Manager(String name, String password, String... roles) {
this.name = name;
this.setPassword(password);
this.roles = roles;
}
}
PASSWORD_ENCODER is the means to encrypt new passwords or to take password inputs and encrypt them before comparison.
id, name, password, and roles define the parameters needed to restrict access.
The customized setPassword() ensures that passwords are never stored in the clear.
There is a key thing to keep in mind when designing your security layer. Secure the right bits of data (like passwords) and do NOT let them get printed to console, into logs, or exported via JSON serialization.
@ToString(exclude = "password") ensures that the Lombok-generated toString() method will NOT print out the password.
@JsonIgnore applied to the password field protects from Jackson serializing this field.
Spring Data is so good at managing entities. Why not create a repository to handle these managers?
@RepositoryRestResource(exported = false)
public interface ManagerRepository extends Repository<Manager, Long> {
Manager save(Manager manager);
Manager findByName(String name);
}
Instead of extending the usual CrudRepository, you don’t need so many methods. Instead, you need to save data (which is also used for updates) and you need to look up existing users. Hence, you can use Spring Data Common’s minimal Repository marker interface. It comes with no predefined operations.
Spring Data REST, by default, will export any repository it finds. You do NOT want this repository exposed for REST operations! Apply the @RepositoryRestResource(exported = false) annotation to block it from export. This prevents the repository from being served up as well as any metadata.
The last bit of modeling security is to associate employees with a manager. In this domain, an employee can have one manager while a manager can have multiple employees:
@Data
@Entity
public class Employee {
private @Id @GeneratedValue Long id…
| To see updates to this code, visit our React.js and Spring Data REST tutorial. |
In the previous session, you introduced conditional updates to avoid collisions with other users when editing the same data. You also learned how to version data on the backend with optimistic locking. You got a tip off if someone edited the same record so you could refresh the page and get the update.
That’s good. But do you know what’s even better? Having the UI dynamically respond when other people update the resources.
In this session you’ll learn how to use Spring Data REST’s built in event system to detect changes in the backend and publish updates to ALL users through Spring’s WebSocket support. Then you’ll be able to dynamically adjust clients as the data updates.
Feel free to grab the code from this repository and follow along. This session is based on the previous session’s app with extra things added.
Before getting underway, you need to add a dependency to your project’s pom.xml file:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-websocket</artifactId>
</dependency>This bring in Spring Boot’s WebSocket starter.
Spring comes with powerful WebSocket support. One thing to recognize is that a WebSocket is a very low level protocol. It does little more than offer the means to transmit data between client and server. The recommendation is to use a sub-protocol (STOMP for this session) to actually encode data and routes.
The follow code is used to configure WebSocket support on the server side:
@Component
@EnableWebSocketMessageBroker
public class WebSocketConfiguration extends AbstractWebSocketMessageBrokerConfigurer {
static final String MESSAGE_PREFIX = "/topic";
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/payroll").withSockJS();
}
@Override
public void configureMessageBroker(MessageBrokerRegistry registry) {
registry.enableSimpleBroker(MESSAGE_PREFIX);
registry.setApplicationDestinationPrefixes("/app");
}
}
@EnableWebSocketMessageBroker turns on WebSocket support.
AbstractWebSocketMessageBrokerConfigurer provides a convenient base class to configure basic features.
registerStompEndpoints() is used to configure the endpoint on the backend for clients and server to link (/payroll).
configureMessageBroker() is used to configure the broker used to relay messages between server and client.
With this configuration, it’s now possible to tap into Spring Data REST events and publish them over a WebSocket.
Spring Data REST generates several application events based on actions occurring on the repositories. The follow code shows how to subscribe to some of these events:
@Component
@RepositoryEventHandler(Employee.class)
public class EventHandler {
private final SimpMessagingTemplate websocket;
private final EntityLinks entityLinks;
@Autowired
public EventHandler(SimpMessagingTemplate websocket,
EntityLinks entityLinks) {
this.websocket = websocket;
this…
VMware offers training and certification to turbo-charge your progress.
Learn moreTanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.
Learn moreCheck out all the upcoming events in the Spring community.
View all