Use of Spring 5.3 with Servlet 3.0 - spring

I'm working on application which uses Spring Core in version 4.3.14 and Spring Web in version 4.2.13. We don't use Spring MVC. Also, from Spring Web we use just very limited set of classes:
XmlWebApplicationContext (so classes from org.springframework.web.context)
RestTemplate (so classes from org.springframework.web.client, here i expect some problems)
some util classes which probably can be refactored to use something else
My question is:
We want to migrate to Spring 5.x. Is such a migration really possible? Or should i expect some severe problems with application startup (class incompatibilites etc). This source for example: https://github.com/spring-projects/spring-framework/wiki/What%27s-New-in-Spring-Framework-5.x#whats-new-in-version-50 says that Servlet 3.1 is required
From the other side, here https://spring.io/blog/2015/06/10/feedback-welcome-spring-5-system-requirements JUERGEN HOELLER wrote that migration to Spring 5 will be a soft one. So i assume that if Application uses only features from JEE6 + Servlet 3.0, then it can be that it will also work on Spring 5.x with JEE6-compatible appserver
Does anyone have an experience in that?

As always, Spring Framework upgrades its baseline with new major versions. In this case, we're requiring JDK8+ and Java EE7+.
In practice, this means that the compiled code depends on those APIs and doesn't use reflection anymore to adapt to them. In your case, this is not only about Servlet, but also JPA, JMS, bean validation and other specs.
Your application might work fine with the arrangement you're mentioning, but the Spring team will not guarantee support for this setup.

Related

Convert project from Spring framework to Spring boot

I have a set of projects in Spring framework and I have to Find the ones which can be converted to Spring boot.
Is there anything that is related to Spring framework and cannot be converted to spring boot ? In my research, I Could not Find something like that.
But does anyone know something, like a dependency, which would force the project to stay in Spring framework ?
Spring Boot uses the Spring Framework as a foundation and improvises on it. It simplifies Spring dependencies and runs applications straight from a command line. Spring Boot provides several features to help manage enterprise applications easily. Spring Boot is not a replacement for the Spring, but it’s a tool for working faster and easier on Spring applications. It simplifies much of the architecture by adding a layer that helps automate configuration and deployment while making it easier to add new features.
Most of the changes for migrating Spring Framework application to Spring Boot are related to configurations.This migration will have minimal impact on the application code or other custom components.Spring Boot brings a number of advantages to the development.
It simplifies Spring dependencies by taking the opinionated view.
Spring Boot provides a preconfigured set of technologies/framework to reduces error-prone configuration so we as a developer focused on building our business logic and not thinking of project setup.
You really don’t need those big XML configurations for your project.
Embed Tomcat, Jetty or Undertow directly.
Provide opinionated Maven POM to simplify your configurations.
Application metrics and health check using actuator module.
Externalization of the configuration files.
Good to refer this for migrating from Spring to Spring Boot application: https://www.javadevjournal.com/spring-boot/migrating-from-spring-to-spring-boot/

What is meant by Spring boot follows “Opinionated Defaults Configuration” Approach?

I have just started learning spring boot . In its official page I found out this term and I did not understand that what actually it meant in Spring boot context.
Spring Boot just decides on a set of default configured beans which you can override if you want.
For example if you include the spring boot starter pom for jpa, you'll get autoconfigured for you an in memory database, a hibernate entity manager, and a simple datasource. This is an example of an opinionated (Spring's opinion that it's a good starting point) default configuration that you can override.
See https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#using-boot-replacing-auto-configuration
Spring Boot, is Spring on steroids if you will. It's a great way to get started very quickly with almost the entire Spring stack. I'll try to summarize as what "Opinionated Defaults Configuration" would mean in practice from a programmer's perspective below:
Helps you to setup a fully working application(web app or otherwise) very quickly by providing you intelligent default configurations that you are most likely to be satisfied to start with.
It does so by something called "AutoConfiguration", where capabilities from the Spring ecosystem of products are "auto-magically" enabled in your application by adding certain dependencies to your classpath; adding such dependencies via maven or gradle is super easy.
Most auto-configuration respects your own configuration, and backs off silently if you have provided your own configuration via your own beans.
You would benefit most if you take the java config approach of configuring your Spring application.
Super silky integration of new capabilities in your application by developing your own auto-configuration components (via annotations!).
Tons of auto-configaration components available ranging from Databases(h2, derby etc.), servlet containers(tomact, jetty etc.) to email and websockets are available. It is easy to develop your own. The important thing is that others can use those technology enablements in their own components. Please feel free to contribute.
Helps write very clean code with all the heavy lifting taken care of you, so that you can focus more on your business logic.
Hope you have fun with Spring Boot; its absolutely among the very best of frameworks to have hit the market in the last decade or so.
It follows opinionated default configuration so it reduces the developer efforts. Spring boot always uses sensible opinions, mostly based on the class path contents. So it overrides the default configuration.

Difference between Spring and Spring Boot

There are many people who advised me to use Spring Boot instead of Spring to develop REST web services.
I want to know what exactly the difference between the two is?
In short
Spring Boot reduces the need to write a lot of configuration and boilerplate code.
It has an opinionated view on Spring Platform and third-party libraries so you can get started with minimum effort.
Easy to create standalone applications with embedded Tomcat/Jetty/Undertow.
Provides metrics, health checks, and externalized configuration.
You can read more here http://projects.spring.io/spring-boot/
Unfortunately and I mean this out of personal frustration with Spring boot, I have yet to see any real quantified list, where the differences are explicitly outlined.
There is only qualifications such as the rubbish sentence "...opinionated view..." which are bandied about.
What is clear, is that SpringBoot has wrapped up groups of Spring annotations into its own set of annotations, implicitly.
Further obfuscating, and making the need for anyone starting out in SpringBoot to have to commit to memory what a particular SpringBoot annotation represents.
My reply therefore is of no quantifiable benefit to the original question, which is analogous to that of the SpringBoot authors.
Those behind Spring IMO deliberately set-out to obfuscate, which reflects the obtuseness of their JavaDoc and API's (see SpringBatch API's as an example, if you think I am flaming) that makes one wonder the value of their open-source ethos.
My quest for figuring out SpringBoot continues.
Update. 22-08-2022
Read this (https://docs.spring.io/spring-boot/docs/current/reference/html/using.html#using.auto-configuration) and you will figure out for yourself what "opinionated" means.
There are over 140 Config classes that Springboot can use for this opinionated view, depending on what is on your classpath.
yes, on your classpath.
Finally and bizzarely, the annotation #SpringBootApplication is a configuration annotation as it includes it.
Go figure :=)
Basically, Spring Boot is an opinionated instance of a Spring application.
Spring Boot is a rapid application development platform. It uses various components of Spring, but has additional niceties like the ability to package your application as a runnable jar, which includes an embedded tomcat (or jetty) server. Additionally, Spring Boot contains a LOT of auto-configuration for you (the opinionated part), where it will pick and choose what to create based on what classes/beans are available or missing.
I would echo their sentiment that if you are going to use Spring I can't think of any reasons to do it without Spring Boot.
Spring Boot is opinionated view of Spring Framework projects.Let's analyse it through one program taken from Spring Boot Documentation.
#RestController
#EnableAutoConfiguration
public class Example {
#RequestMapping("/")
String home() {
return "Hello World!";
}
public static void main(String[] args) throws Exception {
SpringApplication.run(Example.class, args);
}
}
It's a very basic REST API and you need to add Spring-boot-starter-web in your POM.xml for the same. Since you have added starter-web dependency, the annotation
#EnableAutoConfiguration guesses that you want to develop a web application and sets up Spring accordingly.
Spring Boot auto-configuration attempts to automatically configure your Spring application based on the jar dependencies that you have added. For example, if HSQLDB is on your classpath, and you have not manually configured any database connection beans, then Spring Boot auto-configures an in-memory database.
It's opinionated like maven. Maven creates a project structure for you which it thinks is the general pattern of projects like it adds src/main/java folder or resource folder for you.
Spring boot helps in faster development. It has many starter projects that helps you get going quite faster. It also includes many non functional features like: embedded servers, security, metrics, health checks etc. In short, it makes, spring based application development easier with minimally invading code(Less configuration files, less no of annotations).
Reference: https://docs.spring.io/spring-boot/docs/current-SNAPSHOT/reference/htmlsingle/#boot-documentation-about
For developing common Spring applications or starting to learn Spring, I think using Spring Boot would be recommended. It considerably eases the job, is production ready and is rapidly being widely adopted.
Spring Boot is supposedly opinionated, i.e. it heavily advocates a certain style of rapid development, but it is designed well enough to accommodate exceptions to the rule, if you will. In short, it is a convention over configuration methodology that is willing to understand your need to break convention when warranted
For Spring Framework, you need to configure your project using XML configuration or Java configuration.
But for Spring Boot, these are preconfigured according to Spring team's view for rapid development. That is why Spring Boot is said to be an "opinionated view" of Spring Framework. It follows Convention over Configuration design paradigm.
Note: These configurations include view resolvers for MVC, transaction managers, way of locating container managed beans (Spring beans) and many more. And of course you can override any of these preconfigurations according to your need.
Spring Boot supports embedded servlet containers like Tomcat, Jetty or Undertow to create standalone applications, which Spring Framework doesn't.
Spring eliminate boilerplate code.
Spring-boot eliminates boilerplate configurations.
more

CDI-like conversation scope in Spring

I've been developing Spring 3 + JSF 2.0 applications for some time. They run on simple Tomcat or Jetty container. Looking ad CDI I envy a conversation scope.
Are you aware of simple conversation scope implementation for Spring? I don't want to use full-blown SpringMVC + WebFlow + SpringFaces stack. I just need a web filter that enables conversation scope and lets me inject conversation object and start or stop it. Like in CDI.
Not exactly on your question, but since you're asking for a solution in order to avoid using Spring Webflow, Spring Faces, etc ... it looks like you're using Spring just for DI (i mean you're not so dependent on the Spring ecosystem). Well, maybe in this case it would worth the effort to think about migrating to a Java EE 6 stack. I don't think the migration would be that difficult, since you're using not that much from Spring, and in case you have beans in spring you still need, you could write some CDI producers for them. You can google for some migration paths from Spring to Java EE 6.
And if you're afraid of the "heavy Java EE containers", well jboss 7.1, Glassfish 3.1.2 and TomEE all start on my notebook in under 2 seconds, and I bet your tomcat + spring container don't start much faster.
Just my opinion.
you should give a look to Apache TomEE + CODI project (subject of Apache MyFaces) and/or Apache Deltaspike (not sure the doc is up to date because it is pretty young)
TomEE gives you the strength of CDI and CODI adds a small integration layer between cdi and jsf to make it very powerful (it will be integrated in deltaspike but that's still a bit in progress)
MyFaces Orchestra (also works with Mojarra) is currently the best conversation scope implementation for JSF 2.0 on top of Spring.
Use the JSF #ViewScoped annotation on your managed bean that gives you the same conversation-like semantics as the CDI conversation scope. One difference between CDI's conversation scope and JSF's view scope is that CDI gives you explicit and straightforward control over the conversation while the JSF viewscope is pretty much canned for use. But with JSF's ViewScope, you know exactly where the boundaries of a conversation are: A conversation starts when you load a page backed with a #ViewScoped bean and ends when the page is closed. This is convenient for many use cases
Cagatay of primefaces also has this hack to simulate the CDI scope in Spring.
This tutorial by Max Katz from the the Richfaces team also gives a good intro the JSF ViewScope

Spring Framework, Spring Security - possible to use Spring Security without Spring Framework?

Ive been working now with the Spring Framework 3.0.5 and Spring Security 3.0.5 for several time. I know that Spring Framework uses DI and AOP. I also know that Spring Security uses DI, for example when writing custom handlers or filters. Im not sure whether Spring Security also uses AOP - so my first question is: does it?
Well, Id also like to know how Spring Security can be used for non-spring-based applications. Its written in their documentation that this is possible. Well, I wonder how - it seems like it uses DI, so how should it work in a simple java web application? I guess at least a web container which supports dependency injection is needed, correct? (Which one could that be?)
Thank you for answering :-)
[EDIT]
documentation says:
"documentation says: "Spring Security provides comprehensive security services for J2EE-based enterprise software applications. There is a particular emphasis on supporting projects built using The Spring Framework, which is the leading J2EE solution for enterprise software development. If you're not using Spring for developing enterprise applications, we warmly encourage you to take a closer look at it. Some familiarity with Spring - and in particular dependency injection principles - will help you get up to speed with Spring Security more easily.""
j2ee-based enterprise software applications......... emphasis on supporting projects using spring framework...... well this means it should be possible to work with it without Spring Framework itself!
?
AND:
Even though we use Spring to configure Spring Seurity, your application doesn't have to be Spring-based. Many people use Spring Security with web frameworks such as Struts, for example.
This is from the spring security homepage. well....
Does it use AOP ?
Yes spring-security uses AOP for its method security (you'd have to search the page to find it).
Can you use spring-security without spring ?
Generally no.
As you need to define spring beans for several spring-security elements.
But! You can use Acegi security without spring as far as I know. Which should give you close to the same functionality.
Can you secure a non-J2EE application
Definitely.
Anything that can run in a servlet container can be secured with spring-security. You just need Spring's IoC/DI.
This answer can help you on the minimal spring-security dependencies.

Resources