Spring Security Java Config Preview: Readability

Engineering | Rob Winch | July 11, 2013 | ...

In this post, I will discuss how to make your Spring Security Java configuration more readable. The post is intended to elaborate on a point from Spring Security Java Config Preview: Web Security where I stated:

By formatting our Java configuration code it is much easier to read. It can be read similar to the XML namespace equivalent where "and()" represents optionally closing an XML element.


The indentation of Spring Security's Java configuration really impacts its readability. In general, indentation like a bullet list should be preferred.

For a more concrete example, take a…

Eclipse Quick Search

Engineering | Kris De Volder | July 11, 2013 | ...

Are you an Eclipse user? Do you want a fast and easy way to search for text snippets and patterns in your workspace? Then read on!

A new "Quick Search" is included in Spring ToolSuite (STS) 3.3.0 and Groovy Gails Tool Suite (GGTS) 3.3.0 which have just been released. Even if you are not a Spring or Grails developer, you might be interested in this Feature because it can also be installed separately into a vanilla Eclipse.

Introducing the Quick Search Dialog

The Quick Search dialog is designed to do just one thing and do it well: use simple text searches to quickly navigate around your workspace.

You open the dialog by pressing CTRL+SHIFT+L (or CMD+SHIFT+L on Mac):

The Power of Simplicity

Unlike the standard Eclipse search UI, QuickSearch UI is extremely simple. Nothing to configure (e.g. no need to define a search Scope create a workingset etc.). There's just a single search text box. Start typing and see the results appear immediately and update instantly as you type. Use the arrow keys to select a result and press enter to navigate to it. You can also hit enter immediately to open the first result.

Of course you can also use the mouse if you want to, but there's no need for your hands to leave the keyboard

Spring for Apache Hadoop 1.0.1.RC1 released - adding Hadoop 2.0 and Pivotal HD 1.0 support

Releases | Thomas Risberg | July 11, 2013 | ...

We are happy to announce a new release candidate 1.0.1.RC1 for the Spring for Apache Hadoop project. This release candidate introduces support for Apache Hadoop 1.1.2, Hortonworks HDP 1.2, Apache Hadoop 2.0.3-alpha as well as support for Pivotal HD 1.0. The support for these versions are in addition to the already supported versions of Apache Hadoop 1.0.4 and Cloudera CDH 3 and CDH 4. This brings us to support for no less than 7 different Hadoop versions.

To make it easier to configure project builds using these varying versions we will be introducing specific flavors of the Maven artifacts…

Spring Tool Suite and Groovy/Grails Tool Suite 3.3.0 released

Releases | Martin Lippert | July 10, 2013 | ...

Dear Spring Community,

we are happy to announce the next major release of our Eclipse-based tooling today: The Spring Tool Suite (STS) 3.3.0 and the Groovy/Grails Tool Suite (GGTS) 3.3.0.

Highlights from this release include:

  • Eclipse Kepler Release updates (including Mylyn, EGit, m2e, m2e-wtp)
  • updated bundled tc Server to 2.9.2 and bundled Spring Roo to 1.2.4
  • ready for Spring 4
  • support for JavaConfig-driven Spring projects (including navigation support for @Autowired)
  • new and unified "New Spring Project" wizard
  • additional performance improvements for working with Spring projects
  • brand new instant and lightning fast quick search for your workspace
  • GGTS now includes grails 2.2.3

We continue to ship distributions on top of the latest Eclipse release (Eclipse Kelper 4.3) as well as Eclipse Juno 3.8. While the 3.8-based version ships with all the components from Eclipse Juno, only the 4.3-based version ships on top of the just released Eclipse Kepler 4.3 version and is therefore the only distribution that comes with all the latest fixes and…

This Week in Spring - July 9, 2013

Engineering | Josh Long | July 09, 2013 | ...

Welcome to another installment of This Week in Spring. There's a lot of good stuff this week, including content on Apache Tomcat, Spring Security's new Java configuration updates, Spring Batch's Java configuration support, and so much more! We're fast approaching the August price increase for SpringOne2GX 2013 so register now and lock in the lower rate. Ok -- Let's get to it!

  1. Craig Walls has announced that Spring Social 1.1.0.M3 (including revs to Spring Social, Spring Social Facebook, and Spring Social Twitter) is now available. The new release has a lot of compelling features including a new ReconnectFilter, support for OAuth 2's 'state' parameter to prevent CSRF attacks, and initial support for Twitter's streaming API.
  2. Spring Security lead Rob Winch never sleeps. Also, he's just put together several very interesting posts on the brand new Spring Security Java configuration support. He starts the series with an introductory post. The second post covers the details of method-level security (fine-grained access control at the level of individual method invocations). The third post covers the details of web-based security (intercepting HTTP requests). The last post looks at how to use Java configuration to configure Spring Security OAuth. These posts are definitely worth a read! If you love these posts as much as I do, would you please upvote them on DZone?
  3. Have you guys been following Spring XD's development? It's really coming along nicely! One thing that caught my eye recently? The amazing Andy Clement, designer and implementer of the amazing Spring Expression Language (SpEL), and a major contributor to the amazing tooling in the Spring Tool Suite and Grails Tool Suite, is now putting his amazing talents to work building a DSL for Spring XD jobs. To learn more, and to feedback on use cases that might be valuable to you, check out the JIRA.
  4. Upcoming Webinar: Join Mattias Severson & Johan Haleby on July 18th for a talk on Functional Programming without Lambdas.
  5. Upcoming Webinar: Join Hemant Joshi on July 30th for a talk on Spring with Cucumber for Automation.
  6. The replay of last week's webinar, Resistance Is Not Futile: How To Talk Spring And Influence People, is now available on the SpringSourceDev YouTube channel! This webinar provides soft-skills required to help introduce the Spring framework in your organization.
  7. Petri Kainulainen is back at it, this time with a post on to unit test regular Spring MVC @Controllers.
  8. News for Groovy & Grails, SpringSource changed the 3-day class to a new 4-day developer class. The first opportunity to attend will be Groovy & Grails in San Francisco.
  9. Tobias Flohre is back at it again! The last two parts of his awesome series Spring Batch Java Configuration are available. The first post has to do with modular configuration with Java configuration. The second post has to do with job partitioning and multi-threaded steps
  10. Apache Tomcat ninja Mark Thomas has announced the release of Apache Tomcat 7.0.42, which contains a number of bug fixes and improvements compared to version 7.0.41.
  11. Stuart Williams (or @pidster, to those who know him) has recently put together a nice Spring Shell-powered console for working with MQTT messaging systems. Spring Integration also features nice support for MQTT in the Spring Integration Extensions repository.
  12. Speaking of Apache Tomcat, did you guys see Mark Thomas' presentation introducing some of the upcoming Apache Tomcat 8 from last year?

Webinar: Resistance Is NOT Futile: How to talk Spring and Influence People

News | Pieter Humphrey | July 08, 2013 | ...

Sure the new features coming out in Spring Framework 4.0 are super exciting, but what about those of us that are still explaining dependency injection to our junior developers? And while Spock, Geb, and spring-test-mvc are revolutionizing our ability to test applications, what about the senior developers that are still justifying the value of unit testing to their managers. Strong technical leadership can overcome the organizational inertia that often resists your team's adoption of Spring technologies. Improve your leadership skills by drawing from lessons that were learned during the process of migrating Liberty University's software development department from "cut-and-paste coding" in ColdFusion to enterprise grade application development on the Spring Framework. Learn to plan an effective technology adoption strategy that avoids "new technology overload" and balances the pace of technology improvement with the necessity to continue production. Relationships with managers, junior developers, and production system administrators will all be important. Gain a better xtunderstanding of nontechnical managers and explore strategies for providing the conte they need to make the right decisions. Examine ways to build mentoring plans for your junior developers that include but extend beyond training and certifications from SpringSource University so that you can spend less time teaching and more time coding.

About the speaker

Tony Erksine, Liberty University

Designed and developed Java web applications using Spring, Hibernate, and Oracle. Coached teams of developers during every stage of the SDLC. Supervised the vetting, hiring, and training of new software developers. Helped transition the organization to agile software development using Scrum. Pioneered the adoption of new technologies and methodologies at Liberty (i.e. Spring, TDD) Participated in various interdepartmental efforts for architecture, crisis resolution, etc. More About Tony

Spring Social 1.0.0.M3 Released (07/2013)

Releases | Craig Walls | July 05, 2013 | ...

Dear Spring Community,

I'm happy to announce the 1.1.0.M3 release of Spring Social, Spring Social Facebook, and Spring Social Twitter. At the same time, I'm also pleased to include Spring Social LinkedIn 1.0.0.RC2 along with these releases.

Spring Social is an extension of the Spring Framework that enables you to connect your Java applications to Software-as-a-Service (SaaS) providers such as Facebook and Twitter.

In these four releases, you'll find several improvements and new features, including:

  • New ReconnectFilter to automatically handle invalid/expired connections and attempt to reestablish a new connection.
  • Support for OAuth 2's 'state' parameter to prevent CSRF attacks.
  • Support for non-standard, provider-specific parameters during provider sign-in.
  • Several API updates in the API bindings for Facebook, Twitter, and LinkedIn.
  • Initial support for Twitter's streaming API.
  • Support for application-only Twitter authorization.

In addition, several bugs were fixed. See the changelog (Core|Facebook|Twitter|LinkedIn) for details.

To get the software, download the release distribution (Core|Facebook|Twitter|LinkedIn) or change the dependencies in your build file to reference version 1.1.0.M3 (or 1.0.0.RC2 for Spring Social LinkedIn).

These releases represent a step toward a Spring Social 1.1.0 release later this year. We have planned one more milestone release of Spring Social, Spring Social Facebook, and Spring Social Twitter that will include a few more small improvements and features.

We invite you to discuss this release as well as the continuing work toward Spring Social 1.1.0 in the Spring Social Forum and to report any bugs or improvements in the Spring Social issue tracker.

Spring Security Java Config Preview: OAuth

Engineering | Rob Winch | July 05, 2013 | ...

This is the fourth post in my five part blog series that introduces Spring Security Java configuration. In this post, we will discuss how Spring Security Java configuration can be extended by walking through Spring Security OAuth Java configuration support.

Proof of Concept

While the Spring Security Java configuration works well for very basic configuration, it is just a proof of concept. We have not ensured that all the functionality available in the XML namespace is present within its Java configuration support. It was important to ensure that Spring Security's Java configuration would work…

Spring Security Java Config Preview: Method Security

Engineering | Rob Winch | July 04, 2013 | ...


Users should refer to the Spring Security Reference which contains more up to date information.

Original Blog Post

This is the third installment of a four part blog series. In my first post, I introduced Spring Security Java configuration and discussed some of the logistics of the project. In my previous post, we walked through a few examples of configuring web based security.

In this post, I will discuss how to configure method based security using Spring Security Java configuration. Like our previous post, we will start off with a very basic example and follow it up with an example…

Spring Security Java Config Preview: Web Security

Engineering | Rob Winch | July 03, 2013 | ...


Users should refer to the Spring Security Reference which contains more up to date information.

Original Blog Post

In my previous post, I introduced Spring Security Java configuration and discussed some of the logistics of the project. In this post, we will start off by walking through a very simple web security configuration. We will then spice things up a bit with configuration that has been customized some.

Hello Web Security

In this section we go through the most basic configuration for web based security. It can be broken into four steps:

Get the Spring newsletter

Thank you!

Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Spring Runtime offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all