Welcome to another installment of This Week in Spring!

This is the last installment of TWiS before SpringOne2GX 2014 kicks off next week! I, personally, am very excited! I can't wait to see you all there. This is going to be so much fun. So, let's get on to it!

• Spring Data lead Oliver Gierke has just announced the release of Spring Data Dijkstra SR4, filled with bug-fixes and all sorts of upgrade-now-worthy stuff. Check it out!
• Spring and Groovy & Grails Tool Suite lead Martin Lippert just announced 3.6.1. The new release updates tcServer to 3.0.0, includes build performance improvements, annotation processors for AspectJ and AJDT, and more. Download now, and have the latest and greatest IDE to follow along all the guides and follow the examples at SpringOne2GX 2014!
• I hope you'll …

If you remember last year, we rolled out a powerful new website built top-to-bottom with Spring. It was fresh, new, and loaded with gobs of getting started guides.

Since then, the feedback has been overwhelmingly positive. We've had record traffic with a large portion visiting the guides. So what's new?

We recently added the ability to hide/show the build steps. Many people expressed the desire to skip project setup steps and instead jump to the core content. We listened and responded.

After reading over a guide, do you need Gradle or Maven build steps? No problem! Just click on the…

Spring Security OAuth 2.0.3 is available now in all the usual Maven repositories. It's a bug fix release, nothing major, so upgrading from 2.0.x should be painless (and is recommended). Some people were having issues getting JWT tokens to work properly, and those should be fixed. The only noteworthy functional change is that Resource Servers (if configured with @Configuration) will now check the validity of the client and scopes before allowing access to protected resources. This means that client privileges can be revoked quickly, but may also lead to a performance penalty (so caching the …

Dear Spring Community,

I am happy to announce the new release of our Eclipse-based tooling today: The Spring Tool Suite (STS) 3.6.1 and the Groovy/Grails Tool Suite (GGTS) 3.6.1.

Highlights from this release include:

• updated to tc Server 3.0.0
• performance improvements for building Spring projects
• AspectJ/AJDT now support annotation processors

To download the distributions, please go visit:

• Spring Tool Suite: https://spring.io/tools/sts/all
• Groovy/Grails Tool Suite: https://spring.io/tools/ggts/all

NOTE: Both tool suites ship on top of the latest Eclipse Luna 4.4 release as 64bit and 32bit based zip files only. There will be no native installers for STS/GGTS anymore.

With the 3.6.0 release we shifted towards a slightly changed release schedule, shipping minor releases more frequently. Therefore 3.6.2 is scheduled to ship…

On behalf of the Spring Data team I am pleased to announce the availability of the fourth service release of the Dijkstra release train. It includes 36 fixes overall for the following modules:

• Spring Data Commons 1.8.4 - Artifacts - JavaDocs - Documentation - Changelog
• Spring Data JPA 1.6.4 - Artifacts - JavaDocs - Documentation - Changelog
• Spring Data MongoDB 1.5.4 - Artifacts - JavaDocs - Documentation - Changelog
• Spring Data Neo4j 3.1.4 - Artifacts - JavaDocs - Documentation - Changelog
• Spring Data Solr 1.2.4 - Artifacts - JavaDocs - Documentation - Changelog
• Spring Data Couchbase 1.1.4 - Artifacts - JavaDocs - Documentation - Changelog
• Spring Data Cassandra 1.0.4 - Artifacts - JavaDocs - Documentation - Changelog
• Spring Data Elasticsearch 1.0.4 - Artifacts - JavaDocs - Documentation - …

Holy cats! Can you believe how close we are to SpringOne2GX? Last year we made a huge splash with the announcements of Spring Boot and Spring XD, both of which have recently hit 1.0 releases. I happen to know the next level looks like, and you're going to want to see it. Register now if you haven't already!

• Spring ninja Greg Turnquist wanted to replace one of the services used in the guides with something more family-friendly and so stood up a bespoke substitute using Spring! This is a really nice read, check it out!
• I hope you'll join me September 16th for a webinar looking at building microservices with Spring
• On September 23rd, join Joram Barrez and I for a webinar looking at how to build process-centric Spring applications with the open-source BPMN2 engine, Activiti
• Patrick Grimard did a really nice job introducing how to build Spring Boot applications using IntelliJ IDEA…

[callout title=Updated Dec 11 2014]Although originally about Spring Security 4.0.0.M2, the blog has been updated to reflect improvements found in Spring Security 4.0 RC1.[/callout]

Introduction

Previously, an application could use Spring Security to perform authentication in a WebSocket application. This worked because the Principal of an HttpServletRequest will be propagated to the WebSocket Session.

The problem is that authorization was limited to handshake. This means that once the connection was made, there was no way to provide any granularity to authorization of the WebSocket application…

I was recently made aware that a public API we were using for one of our guides contained objectionable material. After confirming this, I immediately responded that we would pick another source. Wishing to avoid such an issue in the future, I decided the best solution was to build our own RESTful quote service. So I decided to use the best tools to do so, the Spring stack, and was able to migrate the very next day.

Picking your tools

To kick things off, I made a check list of what I knew would be the right tools for the job of creating a RESTful web service.

• Spring Data JPA - quickly pre-load, fetch, and potentially update content
• Spring MVC - solid REST support since Spring 3
• Spring Boot - create all the needed components with little to no effort
• http://start.spring.io - assemble a project by simply checking the desired items on a form
…

Welcome to another installment of This Week in Spring! It's a few weeks before SpringOne2GX 2014, already! Time sure flies when you're having fun! The beginning of 2015 will mark the 4th year of This Week in Spring, and it's more exciting every week! I'm hoping to see as many of you as possible at SpringOne2GX 2014. This is sure to be an amazing event.

Anyway, with that out of the way, let's get on to this week's roundup!

1. Spring Security lead Rob Winch just announced Spring Security 4.0.0.M2, which

provides a lot of great features, including improved Security-aware testing support, Spring Data integration, support for websocket security, and ties into the nascent Spring Session projet that was derived from the work for this release. Check it out! Rob also announced Spring Security 3.2.5 and 3.1.7…