book

Learning Spring Boot 3.0 - Third Edition

by Greg L. Turnquist

December 2022

Beginner to intermediate

270 pages

6h 13m

English

Packt Publishing

Read now

Unlock full access

Third EditionForewordsContributorsAbout the authorAbout the reviewer
Who this book is forWhat this book coversTo get the most out of this bookDownload the example code filesDownload the color imagesConventions usedGet in touchShare Your ThoughtsDownload a free PDF copy of this book
Technical requirementsInstalling Java 17Installing a modern IDECreating a GitHub accountFinding additional supportAutoconfiguring Spring beansUnderstanding application context Exploring autoconfiguration policies in Spring BootAdding portfolio components using Spring Boot startersCustomizing the setup with configuration propertiesCreating custom propertiesExternalizing application configurationConfiguring property-based beansManaging application dependenciesSummary
Using start.spring.io to build appsCreating a Spring MVC web controllerUsing start.spring.io to augment an existing projectLeveraging templates to create contentAdding demo data to a templateBuilding our app with a better designInjecting dependencies through constructor callsChanging the data through HTML formsCreating JSON-based APIsHooking in Node.js to a Spring Boot web appBundling JavaScript with Node.jsCreating a React.js appSummary
Adding Spring Data to an existing Spring Boot applicationUsing Spring Data to easily manage dataAdding Spring Data JPA to our projectDTOs, entities, and POJOs, oh my!EntitiesDTOsPOJOsCreating a Spring Data repositoryUsing custom findersSorting the resultsLimiting query resultsUsing Query By Example to find tricky answersUsing custom JPASummary
Adding Spring Security to our projectCreating our own users with a custom security policySwapping hardcoded users with a Spring Data-backed set of usersSecuring web routes and HTTP verbsTo CSRF or not to CSRF, that is the questionSecuring Spring Data methodsUpdating our modelTaking ownership of dataAdding a delete buttonLocking down access to the owner of the dataEnabling method-level securityDisplaying user details on the siteLeveraging Google to authenticate usersPros of using OAuthCons of using OAuthCreating a Google OAuth 2.0 applicationAdding OAuth Client to a Spring Boot projectInvoking an OAuth2 API remotelyCreating an OAuth2-powered web appSummary
Adding JUnit 5 to the applicationCreating tests for your domain objectsTesting web controllers with MockMVCTesting data repositories with mocksTesting data repositories with embedded databasesAdding Testcontainers to the applicationTesting data repositories with TestcontainersTesting security policies with Spring Security TestSummary

Creating custom propertiesCreating profile-based property filesSwitching to YAMLSetting properties with environment variablesOrdering property overridesSummary
Creating an uber JARBaking a Docker containerBuilding the “right” type of containerReleasing your application to Docker HubTweaking things in productionScaling with Spring BootSummary
What is GraalVM and why do we care?Retrofitting our application for GraalVMRunning our native Spring Boot application inside GraalVMWhy do we want GraalVM again?Baking a Docker container with GraalVMSpring Boot 3.0 versus Spring Boot 2.7 and Spring NativeGraalVM and other librariesSummary
What is reactive and why do we care?Introduction to ReactiveReactive Stream detailsCreating a reactive Spring Boot applicationServing data with a reactive GET methodConsuming incoming data with a reactive POST methodScaling applications with Project ReactorQuick history on Java concurrent programmingServing a reactive templateCreating a reactive web controllerCrafting a Thymeleaf templateCreating hypermedia reactivelySummary
Learning what it means to fetch data reactivelyPicking a reactive data storeCreating a reactive data repositoryTrying out R2DBCLoading data with R2dbcEntityTemplateReturning data reactively to an API controllerReactively dealing with data in a templateSummary
Other Books You May EnjoyPackt is searching for authors like youShare Your ThoughtsDownload a free PDF copy of this book

Content preview from Learning Spring Boot 3.0 - Third Edition

4 Securing an Application with Spring Boot

In the previous chapter, we learned how to query for data using Spring Data JPA. We figured out how to write custom finders, use Query By Example, and even how to directly access the data store custom JPQL and SQL.

In this chapter, we’ll see how to keep our application secure.

Security is a critical issue. I have said, multiple times, that your application isn’t real until it’s secured.

But security isn’t just a switch we flip and we’re done. It’s a complex problem that requires multiple layers. It requires careful respect.

If there is one thing to appreciate as we dive into this chapter, it’s to never attempt to secure things on your own. Don’t roll your own solution. Don’t assume it’s easy. The person ...