This Week in Spring - February 3rd, 2015

Welcome to another installment of This Week in Spring! We’ve got a lot to cover, so without further ado, let’s get to it!

  1. Spring XD co-lead Dr. Mark Pollack’s just announced that Spring XD 1.1 RC1 is now available! Now’s the time to get the bits, try it out and see if there any gaps!
  2. If you’ve been reading the amazing Dr. Syer’s blogs of late, you’ll know that he’s been introducing people to how to use expose and secure REST services for a UI client. The fourth post looks at how to insert an API gateway between the clients and the backend service. The fifth post then introduces OAuth as a drop-in replacement for the bespoke authentication session tokens being used. If you’re not following this series, do go back and reread them. This series treats a subject that I get asked about all the time.
  3. Sabby Anandan is joining us for the Spring XD 1.1 launch webinar on Tuesday, Feb 17th - Spring XD: A Platform for data at scale and developer productivity
  4. I hope you’ll join me for a fresh look at the HTTP session with the Spring Session project on Tuesday, February 24th, 2015
  5. The Simplicity Itself blog has a nice treatment of the topic of service discovery and registration and includes a nice look at various service registries, Consul, Eureka, and Zookeeper. Spring Cloud includes support for Consul, Eureka, and ZooKeeper.
  6. This week, we’re lucky to have the founder of the Spring Social Slideshare project, Tadaya Tsuyukubo (@ttddyy), introduce the project to us in this guest post.
  7. The good Dr. Syer (@david_syer) has just announced Spring Cloud 1.0.0 RC2 is now available! The new release improves the security integrations, and cleans up some of the starters. This ship is saling to 1.0 quickly! Check out the bits while you can!
  8. Speaking of Dr. Syer (@david_syer), he also just announced Spring Security 2.0.6.
  9. Check out Dr. Paul King’s SpringOne2GX 2014 talk on manipulating databases with Groovy
  10. Disid have announced Spring Roo 1.3.1, including numerous bug fixes and some tweaks.
  11. Check out Grails project lead Graeme Rocher’s SpringOne2GX 2014 talk, Making Spring Boot Even Groovier
  12. Spring Data ninja Thomas Risberg’s SpringOne2GX 2014 post. Introduction to Spring for Apache Hadoop, is also now available online. This is a great place to get started with Spring and big-data.
  13. Groovy project lead Guillaume LaForge’s talk, Groovy in the Light of Java 8, is now available online. Check this out to understand where the two languages are similar and where Groovy leaves Java 8 in the dust
  14. Spring Data lead Oliver Gierke just announced that Spring Data Evans SR2 and Spring Data Dijkstra SR5 are now available! This release includes a lot of improvements, so an upgrade is recommended!

SSO with OAuth2: Angular JS and Spring Security Part V

Note: the source code and test for this blog continue to evolve, but the changes to the text are not being maintained here. Please see the tutorial version for the most up to date content.

In this article we continue our discussion of how to use Spring Security with Angular JS in a “single page application”. Here we show how to use Spring Security OAuth together with Spring Cloud to extend our API Gateway to do Single Sign On and OAuth2 token authentication to backend resources. This is the fifth in a series of articles, and you can catch up on the basic building blocks of the application or build it from scratch by reading the first article, or you can just go straight to the source code in Github. In the last article we built a small distributed application that used Spring Session to authenticate the backend resources and Spring Cloud to implement an embedded API Gateway in the UI server. In this article we extract the authentication responsibilities to a separate server to make our UI server the first of potentially many Single Sign On applications to the authorization server. This is a common pattern in many applications these days, both in the enterprise and in social startups. We will use an OAuth2 server as the authenticator, so that we can also use it to grant tokens for the backend resource server. Spring Cloud will automatically relay the access token to our backend, and enable us to further simplify the implementation of both the UI and resource servers.


Introducing Spring Social Slideshare

This post is a guest post by community member Tadaya Tsuyukubo (@ttddyy), creator of the Spring Social Slideshare project. Thanks Tadaya! I’d like to see more of these guest posts, so - as usual - don’t hesitate to ping me! -Josh

Spring Social Slideshare is one of the community modules in Spring Social ecosystem. It is a Java binding built on top of the Spring Social framework to interact with the SlideShare REST API.

Spring Social modules provide an implementation of the ApiBinding interface that binds Java interfaces and concrete implementation classes to a REST API. By convention, an interface is named as target service, e.g. GitHub, LinkedIn, Facebook, etc. The implementation class is of the form *Template, e.g.: GitHubTemplate, LinkedInTemplate, and FacebookTemplate. In Spring Social Slideshare, there is a Slideshare interface and SlideshareTemplate implementation class. You can use spring to inject the SlideshareTemplate to your service. Or, if you choose to, you can directly instantiate SlideshareTemplate and interact with SlideShare API outside of DI from spring.