I am working on building an oAuth2 application using spring boot. However, there are various sample projects in Github using spring-security-oauth2 and spring-cloud-starter-oauth2.
Do we have specific scenarios where we can use a specific jar among both for an application?
Though Spring cloud is mainly used for distributed systems. There are a lot of implementations on Github using spring-cloud-starter-oauth2 for even non-distributed applications. Thanks.
To resolve complex dependency management, Spring Boot starters were introduced. Starter POMs are a set of dependency descriptors (combines multiple commonly used dependencies into one POM) which otherwise you could also manually include in your application individually. Starters are available for web, test, data jpa, security, mailing and more. If it is not starter, it is a module: a simple artifact.
If you want to work with web, you could include tomcat, mvc and jackson all by yourself (manually) - a lot of dependencies for a single simple application. Instead, you just introduce one starter dependency:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
Coming to your question:
spring-security-oauth2 is an artifact of group org.springframework.security.oauth which supports oAuth2 (only) for Spring Security (not cloud), whereas spring-cloud-starter-oauth2 is a set of multiple dependencies like a starter web dependency above. This is OAuth2 starter for Spring Cloud that is only if you are working with Spring cloud. This starter comes with bundle of out-of-the-box dependencies underneath the OAuth2 framework for Spring Cloud like SSO, OAuth2 client.
Spring initially moved oauth2 to spring cloud started but as of version 2.4.0.M1 it was moved to spring security. You will be able to verify on start.spring.io that oauth2 cloud dependency is only in version >=2.0.0.RELEASE and <2.4.0.M1
Related
Spring Boot contains loads of dependencies: Spring Framework, Spring Data, etc. How do the Spring maintainers accomplish releasing everything while different teams work on different Spring projects?
We have a similar situation, we have 4-5 teams each making different libraries which are used by other teams. We prefer to be able to allow teams to release independently but this is a huge undertaking to ensure binary compatibility of interface and behaviour.
Each release of Spring Boot provides a curated list of dependencies it supports. In practice, you do not need to provide a version for any of these dependencies in your build configuration as Spring Boot is managing that for you. When you upgrade Spring Boot itself, these dependencies will be upgraded as well in a consistent way.
The curated list contains all the spring modules that you can use with Spring Boot as well as a refined list of third party libraries. The list is available as a standard Bills of Materials (spring-boot-dependencies) and additional dedicated support for Maven and Gradle are available as well.
URL: https://docs.spring.io/spring-boot/docs/1.3.8.RELEASE/reference/html/using-boot-build-systems.html
I have a set of projects in Spring framework and I have to Find the ones which can be converted to Spring boot.
Is there anything that is related to Spring framework and cannot be converted to spring boot ? In my research, I Could not Find something like that.
But does anyone know something, like a dependency, which would force the project to stay in Spring framework ?
Spring Boot uses the Spring Framework as a foundation and improvises on it. It simplifies Spring dependencies and runs applications straight from a command line. Spring Boot provides several features to help manage enterprise applications easily. Spring Boot is not a replacement for the Spring, but it’s a tool for working faster and easier on Spring applications. It simplifies much of the architecture by adding a layer that helps automate configuration and deployment while making it easier to add new features.
Most of the changes for migrating Spring Framework application to Spring Boot are related to configurations.This migration will have minimal impact on the application code or other custom components.Spring Boot brings a number of advantages to the development.
It simplifies Spring dependencies by taking the opinionated view.
Spring Boot provides a preconfigured set of technologies/framework to reduces error-prone configuration so we as a developer focused on building our business logic and not thinking of project setup.
You really don’t need those big XML configurations for your project.
Embed Tomcat, Jetty or Undertow directly.
Provide opinionated Maven POM to simplify your configurations.
Application metrics and health check using actuator module.
Externalization of the configuration files.
Good to refer this for migrating from Spring to Spring Boot application: https://www.javadevjournal.com/spring-boot/migrating-from-spring-to-spring-boot/
I want to create a simple program based upon oauth2 authentication including Auth server, resource server and client. I found there are various of dependencies used by online tutorials. I am confused why spring provides so many dependencies for oauth2. What is difference between below dependencies and when to use them. And which oauth2 dependency comes with springboot.
The First line is group-id and next line is artifact-id
org.springframework.security
spring-security-oauth2-client
org.springframework.security
spring-security-oauth2-jose
org.springframework.security
spring-security-oauth2-core
org.springframework.security
spring-security-oauth2-resource-server
org.springframework.security.oauth
spring-security-oauth2
org.springframework.security.oauth.boot
spring-security-oauth2-autoconfigure
org.springframework.cloud
spring-cloud-starter-oauth2
If you want to create a simple program based upon oauth2, then you can use the dependency from the point 7 and spring-cloud-starter will pick up the dependency itself under your version of Spring & Spring Cloud :)
The last point (7) contains all of the above. But if you don't need all dependencies from the 7, then import it into the project separately (1-6).
fair warning: I am new to Spring and maven.
The project:
The client has provided us with a web project that uses jsp to render front ends and uses spring-context only to manage some of their classes as Spring Beans. This project uses xml configuration. Here is the maven section that includes the spring-context:
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>3.2.8.RELEASE</version>
</dependency>
Our job is to create an api layer for this project to open up access to the project's resources. The plan is to create a modern Spring Boot api using the spring-boot-web starter.
The problem:
The jsp project is split up into sub-modules. We are trying to take their business logic submodule as a maven dependency in our api project (it defines it's own spring context). The first problem that we have faced occurs when we simply add the module from the jsp project as a dependency in our api project. The spring boot initialization process provides no log feedback and hangs but does not exit (It runs fine when the dependency is not included). When crawling through with a debugger I have found that it is loading configuration files that are in the business module. My thinking is that one of the api's configuration files are getting overwritten which is breaking spring's logging and other behaviors.
The other more general problem is that I don't know if I can use the beans provided in the business logic module in my modern version of spring.
So the question is:
Is there a proper way to use beans defined in a dependent spring project?
As the spring documentation states the crasshd will be removed in spring boot 2.0.
What will be the replacement?
The previous shell you mentions was a port inside spring-boot 1 and it seems not very active.
In spring Boot 2.0 you can use the spring-shell that you can use in an existing spring-boot app or a specific spring-boot shell that can be deployed as standalone.
After, which option to take would depends on your needs.
On my side, I just created a specific shell for publishing messages in ActiveMQ, you get the whole power of Spring-Boot for automatic configuration of any connectivity with external systems (JMS, JDBC, LDAP, SMTP, etc...).
For doing this, I just added the following pom dependency:
<dependency>
<groupId>org.springframework.shell</groupId>
<artifactId>spring-shell-starter</artifactId>
<version>2.0.0.RELEASE</version>
</dependency>
in my Spring Boot project.
Note that I was able to integrate it in Spring Boot 1.5.15 and 2.1.2 RELEASES.
There is no replacement to be provided by the Spring team.
https://github.com/spring-projects/spring-boot/issues/7044
Sorry, not at the moment. Based on the stats we have, it would appear that the remote shell isn't very widely used. For example, comparing Maven Central downloads for August, the remote shell starter had 2% of the downloads that the web starter had. That means that it's unlikely to be worth investing significant effort in a replacement.
There is a third party replacement, from the ticket,
https://github.com/anand1st/sshd-shell-spring-boot