Tag Archives: spring

No code REST services with Spring Boot and Spring Data REST

CRUD REST services are the backbone of a microservice architecture. If we want to use microservices rather than monolithic applications, it’s essential that we can create a basic service with a minimum of effort. Spring Boot can be used to quickly create and deploy a new web service. Spring Data REST can be used to build out the REST interface based on a database entity model. Using both together allows us to create a running RESTful web service with zero custom Java code and no tricky XML.

This how-to describes how to build a RESTful web service as an executable JAR that provides CRUD operations against a single MySQL database table.

Hashing and Salting passwords with Spring Security PasswordEncoder

Getting the details right when implementing password storage is critical. Some hash algorithms are vulnerable or just not suited to password hashing. If the salt is too short or predictable, it may be possible to retrieve the password from the hash. Any number of subtle bugs in coding could result in a password database that is vulnerable in one way or another. Fortunately, Spring Security includes password hashing out of the box. What’s more, since version 3.1, Spring Security automatically takes care of salting too.

Testing with mock users in Spring / Spring MVC

A common unit test scenario for Spring / Spring MVC applications is to verify behavior when logged in as a particular user. The new spring-security-test library available with Spring Security version 4 makes testing user access controls in Spring and Spring MVC applications far simpler.

Spring MVC Maven Archetype

In less than five minutes and just three Maven commands, I was able to create, compile and run a fully working example Spring MVC application.

Protecting Service Methods with Spring Security Annotations

Any class or method can be protected with Spring Security using either AOP interceptors or expression based annotations on the class or method.

Spring-WS and Security

Security mechanisms are notoriously difficult to implement. By their nature they’re designed to prevent something from working unless it is used exactly correctly. Having Spring-WS do the heavy lifting makes our application far more likely to work and far more likely to be secure.

DbUnit

DbUnit is a JUnit extension targeted at database-driven projects that, among other things, puts your database into a known state between test runs.

Spring-WS SAAJ problem in JBoss

If you want to make Spring-WS work against multiple JDK / JBoss environments, you may need to create multiple distributions to deal with the idiosyncrasies of each environment.

JUnit testing Hibernate and Spring

A nice recipe for unit testing Spring configured Hibernate.

Bean introspection

Have a naming convention or don’t. But if you do have one, don’t stick some obscure fudge in there. Hacks and fudges will catch up with you and bite you in the bottom.