The Spring Blog

Engineering
Releases
News and Events

This Week in Spring - June 18, 2019

Hi Spring fans! Welcome to another installment of This Week in Spring! This week I’m in delightful Des Moines, Iowa; and then it’s off to the twin cities of DescriptionMinneapolis–Saint Paul for the epic SpringOne Tour event there.

We’ve got tons to look at this week so let’s get to it!

Read more...

Spring Session Corn-M2 and Spring Session Bean-SR6 Released

This post was authored by Vedran Pavić

On behalf of the community I’m pleased to announce the releases of Spring Session Corn-M2 and Bean-SR6. These releases will be picked up by Spring Boot 2.2.0.M4 and 2.1.6.RELEASE, respectively.

Spring Session Corn-M2

The Corn-M2 release is based on:

  • Spring Session core modules 2.2.0.M2

  • Spring Session Data Geode 2.2.0.M2

  • Spring Session Data MongoDB 2.2.0.M3

Some of the highlights of Spring Session 2.2.0.M2 are:

  • simple Redis-based implementation of SessionRepository

  • reworked @Configuration classes are now compatible with proxyBeanMethods=false

  • migration of project’s tests to JUnit 5

  • simplified project structure

Complete details of these releases can be found in the changelog.

SimpleRedisOperationsSessionRepository

The biggest highlight of the release is the new, simple, Redis-based implementation of SessionRepository that’s offered as an alternative to the well known RedisOperationsSessionRepository.

The original RedisOperationsSessionRepository, on top of core SessionRepository functionality, provides support for session events (that are translated to HttpSessionEvent instances) and also implements FindByIndexNameSessionRepository (that allows retrieval of sessions for a given principal). The support for these two features comes at a cost, as there’s some complexity around how the sessions need to be persisted in Redis.

For many applications, support for session events and principal index isn’t essential and this was the main motivation for providing an alternative in SimpleRedisOperationsSessionRepository. The new SessionRepository does not yet have a first-class support in Spring Session’s configuration infrastructure, so it can be configured as follows:

@EnableSpringHttpSession
public class RedisSessionConfiguration {

    @Autowired
    private RedisConnectionFactory redisConnectionFactory;

    @Bean
    public RedisOperations<String, Object> sessionRedisOperations() {
        RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
        redisTemplate.setConnectionFactory(this.redisConnectionFactory);
        redisTemplate.setKeySerializer(new StringRedisSerializer());
        redisTemplate.setHashKeySerializer(new StringRedisSerializer());
        return redisTemplate;
    }

    @Bean
    public SimpleRedisOperationsSessionRepository sessionRepository(
            RedisOperations<String, Object> sessionRedisOperations) {
        return new SimpleRedisOperationsSessionRepository(sessionRedisOperations);
    }

}

Consider giving Corn-M2 release and SimpleRedisOperationsSessionRepository a spin, and let us know of your feedback!

Read more...

Spring Cloud Open Service Broker 3.0.2 Released

We are pleased to announce the 3.0.2 release of Spring Cloud Open Service Broker. This is a maintenance release that includes the following updates:

  • Return correct HTTP status when the X-Broker-API-Version header doesn’t exist
  • Return correct HTTP status when missing certain required fields and query parameters
  • Fix support for service instance binding getLastOperation
  • Return correct HTTP status when attempting to retrieve non-existant service instance or service instance binding

Include the following Spring Boot starter:

Read more...

Getting Started with Spring Cloud Gateway

Microservice architectures are great, but as your application programming interfaces (APIs) start to grow, so do the challenges related to their maintenance.

For example, as an existing API matures and adds new features it will need to take its clients along with it on the journey. When the details of an API change, clients need to adjust in order to work with these changes. This process takes time and can really slow your APIs evolution and interfere with your ability to iterate quickly.

Offering multiple APIs brings with it its own set of challenges. How do you route requests and responses to the correct API? How do you manage any message disparity? How do you support clients when your endpoints can move around?

Read more...

Spring Boot for Apache Geode & Pivotal GemFire 1.0.1.RELEASE & 1.1.0.M2 Available

On behalf of the Spring and Apache Geode communities, it is my pleasure to announce the release of Spring Boot for Apache Geode & Pivotal GemFire (SBDG) 1.0.1.RELEASE and 1.1.0.M2.

New in SBDG 1.0.1.RELEASE

SBDG 1.0.1.RELEASE builds on:

  • Spring Framework 5.0.14.RELEASE

  • Spring Boot 2.0.9.RELEASE

  • Spring Data Kay-SR14

  • Spring Session for Apache Geode & Pivotal GemFire 2.0.9.RELEASE

Additionally, SBDG now supports the ability configure and bootstrap a Locator process, which disables the auto-configuration supplying a ClientCache instance, by default.

See the complete changelog for further details.

Read more...

Spring Session for Apache Geode & Pivotal GemFire 2.1.4.RELEASE & 2.2.0.M2 Available

On behalf of the Spring and Apache Geode communities, it is my pleasure to announce the release of Spring Session for Apache Geode and Pivotal GemFire (SSDG) 2.1.4.RELEASE and 2.2.0.M2 releases.

Both SSDG 2.1.4.RELEASE and 2.2.0.M2 now support the ability to turn off client subscriptions. No longer does SSDG require client subscriptions to be enabled to use either Apache Geode or Pivotal GemFire to manage your HTTP Session state. However, if client subscriptions are not explicitly enabled, then the client will no longer receive notifications of Session events that may have originated from other clients accessing the same (HTTP) Session. This is entirely possible in a load balanced, non-sticky Session, environment.

Read more...

Spring Security 5.2.0.M3 Released

On behalf of the community, I’m pleased to announce the release of Spring Security 5.2.0.M3! You can find the complete details in the changelog and the highlights below:

OAuth 2.0

gh-6727 - Support for Multi-tenancy in Reactive Resource Server
gh-6798 - Support for custom parameters in Opaque Token
gh-6239 - Finer variables for OAuth2 redirectUriTemplate expansion
gh-6863 - OAuth2 login has configurable authentication success handler
gh-6832 & gh-6849 - JWT and opaque token have configurable authentication manager
gh-6634 - Support for mock JWT in tests

Similar to other request post processors, jwt() can be used to establish a SecurityContext with a JwtAuthenticationToken.

mockMvc.perform(get("/")
       .with(jwt(jwt -> jwt.claim("scope", "message:read"))));
Read more...

Spring Data Moore RC1 and Lovelace SR9 released

On behalf of the team I am pleased to announce Spring Data releases Moore RC1 and Lovelace SR9. The new bits build on the most recent Spring Framework releases and will be picked up by Spring Boot 2.2 M4 and 2.1.6 respectively.

Notable new features amongst others are:

  • An EntityCallback API for modifying entities before convert or save.
  • Multiple OUT parameters in the stored procedure support of Spring Data JPA.
  • Declarative aggregations in Spring Data MongoDB.
  • Enhanced SSL support and dynamic client port configuration for Gemfire and Apache Geode.
Read more...

Spring Cloud Finchley SR4 Released

On behalf of the community, I am pleased to announce that the Service Release 4 (SR4) of the Spring Cloud Finchley Release Train is available today. The release can be found in Maven Central. You can check out the Finchley release notes for more information.

Notable Changes in the Finchley Release Train

Spring Cloud Commons

Bug Fixes

Spring Cloud Vault

Bug Fixes

Spring Cloud Config

Bug Fixes

Spring Cloud Gateway

Bug Fixes

Spring Cloud Netflix

Bug Fixes

Spring Cloud Sleuth

Bug Fixes

Spring Cloud Consul

Bug Fixes

Read more...