I have a really simple question, that I just can't find the answer.
If I want to use only Spring Security, do I need Spring core or any other dependency?
In this link, in the bottom I see only spring security jars as dependencies, but still I couldn't get it to work. I only got it to work when I used a lot more of spring jars (core, context, and more).
So, what are the minimal dependencies I need for using Spring Security? All I need is an authorization and authentication framework, and I want as little dependencies as possible.
Thank you!
For every spring extension you need to use Srping core, because every extension is build on top of spring core
Related
I have a set of projects in Spring framework and I have to Find the ones which can be converted to Spring boot.
Is there anything that is related to Spring framework and cannot be converted to spring boot ? In my research, I Could not Find something like that.
But does anyone know something, like a dependency, which would force the project to stay in Spring framework ?
Spring Boot uses the Spring Framework as a foundation and improvises on it. It simplifies Spring dependencies and runs applications straight from a command line. Spring Boot provides several features to help manage enterprise applications easily. Spring Boot is not a replacement for the Spring, but it’s a tool for working faster and easier on Spring applications. It simplifies much of the architecture by adding a layer that helps automate configuration and deployment while making it easier to add new features.
Most of the changes for migrating Spring Framework application to Spring Boot are related to configurations.This migration will have minimal impact on the application code or other custom components.Spring Boot brings a number of advantages to the development.
It simplifies Spring dependencies by taking the opinionated view.
Spring Boot provides a preconfigured set of technologies/framework to reduces error-prone configuration so we as a developer focused on building our business logic and not thinking of project setup.
You really don’t need those big XML configurations for your project.
Embed Tomcat, Jetty or Undertow directly.
Provide opinionated Maven POM to simplify your configurations.
Application metrics and health check using actuator module.
Externalization of the configuration files.
Good to refer this for migrating from Spring to Spring Boot application: https://www.javadevjournal.com/spring-boot/migrating-from-spring-to-spring-boot/
I am new to Spring and Couchdb. I have made a login interface in Spring that authenticates the user using Spring-Security.
Can anybody tell how to add user information at the time of log-in in a Couchdb Database ?
Well, there is no defintion of "spring-mvc annotation" based project.
In this case, someone is trying to differentiate between the usage of annotations and xml-configuration based dependency injection and project configuration.
In case you are not familiar with the old way of using spring-mvc, you might take a look on this example.
If you are planning to use spring-mvc in a new project, i would strongly recommend to use spring and spring-mvc with an annotation based style, as described in the spring reference.
i created a maven project, and added all dependencies i need.
i have some repositories using the spring-data-jpa, and i added some integration tests.
now i need to add ontop of it spring-data-rest, if i understand it is based on springmvc.
but all examples i found, i need to add spring boot to start the app.
i noticed also all new spring projects use spring boot.
this means that i have to learn and use it for my projects?
how can i use spring-data-jpa+spring-data-jpa with an existing servlet3 project
The reason all examples are written using Boot is that Boot is indeed the way you should start a new Spring project these days. It free's from a lot of the tedious work of setting up the infrastructure, finding dependencies in the right version etc.
To use Spring Data REST without Boot, simply add the necessary dependencies to your project. The easiest way to do this is to use the Spring Data Release Train BOM (which will help you pulling in the correct matching versions) along side the version-less dependency declarations for Spring Data REST WebMVC and - in your case - Spring Data JPA.
Then go ahead and either register RepositoryRestMvcConvfiguration as Spring bean (either through XML configuration or JavaConfig).
All of this is also documented in the reference documentation.
Right now, I have been facing so much issue running some parts of the Spring Framework, like I have no problems running my Appengine web app with Spring MVC however have so many issues running Spring Data on top of Appengine.
I wan't to know which part of the framework have been tested to work with Appengine (AE)?
Does Spring Security work with AE?
Does Spring Data work with AE?
I'm guessing that there is no planned support for these frameworks at all for AE. However, hopefully I'm wrong.
I would suggest looking here: https://code.google.com/p/googleappengine/wiki/WillItPlayInJava
Spring Security is listed as SEMI-COMPATIBLE.
As for Spring Security, it works great. You'll just have to enable sessions. And if you want to apply the SPring filter on static files, make sure to exclude them from the static resources in appengine-web.xml.
As for Spring Data, I've never tried it but you might be able to use the JPA and REST sub-projects at least.
Ive been working now with the Spring Framework 3.0.5 and Spring Security 3.0.5 for several time. I know that Spring Framework uses DI and AOP. I also know that Spring Security uses DI, for example when writing custom handlers or filters. Im not sure whether Spring Security also uses AOP - so my first question is: does it?
Well, Id also like to know how Spring Security can be used for non-spring-based applications. Its written in their documentation that this is possible. Well, I wonder how - it seems like it uses DI, so how should it work in a simple java web application? I guess at least a web container which supports dependency injection is needed, correct? (Which one could that be?)
Thank you for answering :-)
[EDIT]
documentation says:
"documentation says: "Spring Security provides comprehensive security services for J2EE-based enterprise software applications. There is a particular emphasis on supporting projects built using The Spring Framework, which is the leading J2EE solution for enterprise software development. If you're not using Spring for developing enterprise applications, we warmly encourage you to take a closer look at it. Some familiarity with Spring - and in particular dependency injection principles - will help you get up to speed with Spring Security more easily.""
j2ee-based enterprise software applications......... emphasis on supporting projects using spring framework...... well this means it should be possible to work with it without Spring Framework itself!
?
AND:
Even though we use Spring to configure Spring Seurity, your application doesn't have to be Spring-based. Many people use Spring Security with web frameworks such as Struts, for example.
This is from the spring security homepage. well....
Does it use AOP ?
Yes spring-security uses AOP for its method security (you'd have to search the page to find it).
Can you use spring-security without spring ?
Generally no.
As you need to define spring beans for several spring-security elements.
But! You can use Acegi security without spring as far as I know. Which should give you close to the same functionality.
Can you secure a non-J2EE application
Definitely.
Anything that can run in a servlet container can be secured with spring-security. You just need Spring's IoC/DI.
This answer can help you on the minimal spring-security dependencies.