Why is GuavaCacheConfiguration deprecated in Spring Boot 1.5.3? - caching

I was thinking about replacing custom Guava cache configuration with AutoConfiguration... but found that the latter one is deprecated already.
Tried searching in Spring Boot documentation and GitHub repo, but has not found a clear answer. It's just deprecated in stable version and removed in master.
I respect (and use) both Spring Boot & Guava, so I'd like to understand the reason of this change.

Search for "Guava" in Spring Boot features - Caching and it says that should use Caffeine instead:
Caffeine is a Java 8 rewrite of Guava’s cache and will supersede the
Guava support in Spring Boot 2.0.
It's basically Guava cache on steroids (it has similar interface), so the switch should be straightforward.

Related

Is it possible to write lib for projects using different versions of Spring?

I'm writing a lib for projects using different versions of Spring. The lib itself is based on Spring too ( more precisely, Spring Cloud Sleuth). For now, I use different versions for different projects( version1 for projects using Spring boot 2.0.x, version2 for projects using Spring boot 2.3.x, etc). Apparently, the maintenance took a lot of time and made some confusion. Is there a runtime mechanism like #Conditional but for dependencies?
First, check the Spring Cloud compatibility matrix. As you can see, different Spring Cloud versions support different Boot versions.
I would do the same for your library and maintain different versions of it.
Your can have optional dependencies on Sleuth and set things up using #Conditional annotations (e.g.: #ConditionalOnClass) but I would not recommend that.
Sleuth 2.2.x (Hoxton) uses Brave's API (btw 2.x is not supported anymore, you should upgrade). Sleuth 3.0.x (2020.0.x aka Ilford) and 3.1.x (2021.0.x aka Jubilee) have their own API and they abstract the tracer libraries away. You can use these interfaces/classes to detect the version and configure them differently but when you compile your library you can have classpath issues because you have 2.2.x, 3.0.x, and 3.1.x on your classpath.
Another thing you can do is modularize your library and put all of those things that does not depend on Spring into a "core" module then create smaller adapter/autoconfiguration/starter modules for every version of Spring Cloud you want to support.

Spring 4 support for Caffeine Cache

I was trying to find some examples and evidence if Spring 4.0.3 version support caffeine cache integration? If yes, what caffeine cache version is supported for Spring 4.0.3?
Support was added in Spring Framework 4.3 and in Spring Boot 1.4. Previously you could use the Guava provider, which was the baseline for Caffeine's. That will likely be a good approach until you are ready to upgrade. If you really need to use Caffeine for performance reasons then you might try this alternative integration.

Which version of Spring framework security is compatible with Spring framework 5.3.4

Currently, I am using
<springFramework.version>3.2.3.RELEASE</springFramework.version>
<springFrameworkSecurity.version>3.1.4.RELEASE</springFrameworkSecurity.version>
I want to move to
<springFramework.version>5.3.4.RELEASE</springFramework.version>
<springFrameworkSecurity.version> ? </springFrameworkSecurity.version>
According to the documentation for the latest Spring Security:
Since Spring Security makes breaking changes only in major releases, it is safe to use a newer version of Spring Security with Spring Boot.
The Spring Framework version you're moving to is 5.3.4, so I would assume that any 5.X.X version of Spring Security should work.
If that works, let us know by marking the answer as solved! If not, leave a comment.

Difference between Caching options provided by Spring Boot and Resilience4j cache

Resilience4j version: 1.2.0
Java version: 1.8
Problem description:
I am trying to explore different patterns provided by resilience4j. I am trying to stick to annotations vs functional programming. But when it comes to resilience4j cahce, I am bit confused, as I couldn't find an working example of the same. I was able successfully try out other patterns.
My confusion is around spring boot cache and resilience4j cache. Are they same or functionally different? Can I use them interchangingly? Is there any github repository giving an usecase and explanation for the resilience4j cache? Any input is highly appreciated.
I got an response from the author Robert Winkler on github, who wrote Resiliance4j-cache component. Below is his resonse.
RobWin:
Hi,
You can stick with Spring Caching Abstraction and Annotations.
Resilience4j-cache is currently not part of the Spring Boot starter and there are no plans to add it.
Resilience4j-cache was created by me when I had to use JCache API and Hazelcast and I wanted to protect my application from runtime exception which were thrown by Hazelcast.

Spring Boot and dependency for spring-security-jwt

I'm migrating a Spring Boot project from boot 1.5.x to 2.0.x.
In the 1.5.x project I see that the following dependency is being used:
dependencies {
...
compile("org.springframework.security:spring-security-jwt")
...
}
The version of the spring-security-jwt is managed by Spring and I can verify that here. Namely:
<spring-security-jwt.version>1.0.9.RELEASE</spring-security-jwt.version>
The same dependency fails to resolve when I move to Boot 2 because it is no longer managed by Spring. I can verify that here...
Is this a bug or it is removed and included in another lib? Somehow I can't find clues in the docs... Shall I manage the version manually now?
The spring-security-jwt (and OAuth as well I guess) are now obsolete. Spring Security 5 added that support to the core library instead of an extension of the framework.
See here for a list of tickets related to the core JWT and OAuth support.
So in short you don't need that dependency anymore, although if you have custom filters and functionality build around that it would require using different classes/packages and features.

Resources