DEV Community: Javed Khan

Springing Forward: A Smooth Transition to Spring Boot 3

Javed Khan — Mon, 11 Mar 2024 15:43:16 +0000

Introduction

In this article, we will delve into the essential steps and challenges involved in upgrading an existing application from Spring Boot 2 and Java 8 to Java 17 and Spring Boot 3. We will explore the solutions we implemented to overcome these issues, offering insights into potential stumbling blocks that may arise during your migration process.

Step 1: JDK 17 Installation

Begin the upgrade process by ensuring your system is equipped with Java Development Kit (JDK) 17. This version is the minimum requirement for Spring Boot 3 compatibility.

Step 2: Gradle Upgrade

Align your Gradle version with the prerequisites of Spring Boot 3. Upgrade to Gradle 7.5 or 8.x to optimize integration and performance.

Step 3: Build Configuration Updates

In your build.gradle file, update the build configuration to match the requirements of Spring Boot 3:

id 'org.springframework.boot' version '3.1.7'
id 'io.spring.dependency-management' version '1.1.4'

sourceCompatibility = '17'

Overcoming Challenges

Package Name Changes from ‘javax’ to ‘jakarta’

Spring Boot 3 has embraced Jakarta EE, necessitating updates to package names. Here are the key changes:

javax.persistence.* → jakarta.persistence.*
javax.validation.* → jakarta.validation.*
javax.servlet.* → jakarta.servlet.*
javax.annotation.* → jakarta.annotation.*
javax.transaction.* → jakarta.transaction.*
java.mail.* → jakarta.mail.*

Note: Packages like javax.sql.* and javax.crypto.* remain unchanged, as they are part of Java 17 JDK.

Handling Spring Security

In Spring Security version 5.7.0-M2, the WebSecurityConfigurerAdapter class underwent changes. Deprecated elements like authorizeRequests() and antMatchers() were replaced with authorizeHttpRequests() and requestMatchers().

@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {

    http
        .csrf()
        .disable()
        .authorizeHttpRequests()
        .requestMatchers("/api/v1/auth/**")
        .permitAll()
        .anyRequest()
        .authenticated()
        .and()
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
        .and()
        .authenticationProvider(authenticationProvider)
        .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);

    return http.build();
}

Refer to Spring Security Documentation for more details.

Mail Service Dependency Update

Replace the deprecated javax.mail dependency with the Spring Boot provided dependency:

implementation 'org.springframework.boot:spring-boot-starter-mail'

JPA Specification and Database Query

Address the generic error involving JPA Specification with a solution provided in this Stack Overflow thread.

Handling Duplicate Key Errors

If encountering duplicate key errors after calling an API, adjust your entity class annotations from @GeneratedValue(strategy = GenerationStrategy.AUTO) to @GeneratedValue(strategy = GenerationType.SEQUENCE) and include @SequenceGenerator for each entity.

Hibernate 6.0 now creates a sequence per entity hierarchy.

Deprecated Hibernate Annotation

If using @Type(type = “org.hibernate.type.PostgresUUIDType”), remove it as it is no longer required in Hibernate 6.0.

Conclusion

Navigating the upgrade to Spring Boot 3 might present challenges, yet addressing these issues ensures that your application remains up-to-date and takes full advantage of the latest features. Sharing our experiences fosters a collective understanding of potential hurdles in the migration process. We encourage you to share your challenges and solutions in the comments section below.

Comprehensive Guide to OpenAPI Swagger Integration in Spring Boot with Spring Security JWT

Javed Khan — Sun, 03 Dec 2023 11:09:29 +0000

Introduction:

This comprehensive guide walks you through the process of integrating OpenAPI Swagger with a Spring Boot 3 project, while seamlessly incorporating Spring Security JWT for enhanced security. OpenAPI Swagger serves as a powerful tool for API documentation, aiding developers in understanding, testing, and interacting with your API effortlessly.

What is OpenAPI Swagger?

OpenAPI Swagger is an industry-standard specification for building APIs. It provides a language-agnostic interface to describe the functionality of your RESTful services. Swagger tools allow developers to generate interactive documentation, client SDKs, and even server stubs based on your API specifications.

Key Features:

Interactive Documentation: Swagger UI provides an interactive and user-friendly interface, allowing developers to explore and test API endpoints in real-time.
Code Generation: Generate client libraries and server stubs in various programming languages directly from your API specifications.
Consistency: Ensure consistency and alignment between API design and implementation by maintaining a single source of truth.

Step-by-Step Guide:

Step 1: Add the springdoc-openapi Dependency

Include the springdoc-openapi library in your project’s dependencies to enable seamless integration with Spring Boot.

implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.2.0'

Step 2: Create OpenApiConfig Class

Create a configuration class (SwaggerConfig) to customize OpenAPI documentation and handle Spring Security JWT. Here we are implementing using java.

@Configuration
public class SwaggerConfig {
String schemeName = "bearerAuth";
String bearerFormat = "JWT";
String scheme = "bearer";
@Bean
public OpenAPI caseOpenAPI() {
        return new OpenAPI()
                  .addSecurityItem(new SecurityRequirement()
.addList(schemeName)).components(new Components()
                                  .addSecuritySchemes(
                                        schemeName, new SecurityScheme()
                                        .name(schemeName)
                                        .type(SecurityScheme.Type.HTTP)
                                        .bearerFormat(bearerFormat)
                                        .in(SecurityScheme.In.HEADER)
                                        .scheme(scheme)
                                  )
                  )
                  .info(new Info()
                              .title("Case Management Service")
                              .description("Claim Event Information")
                              .version("1.0")
                  );
        }
}

We can also implement the config using annotations provided by swagger.

@OpenAPIDefinition(
        info = @Info(
                title = "Claims Service",
                version = "1.0",
                description = "Claims Information"
        ),
        security = {
                @SecurityRequirement(name = "bearerAuth")
        }
)
@SecurityScheme(
        name = "bearerAuth",
        description = "JWT authentication",
        scheme = "bearer",
        type = SecuritySchemeType.HTTP,
        bearerFormat = "JWT",
        in = SecuritySchemeIn.HEADER
)
public class SwaggerConfig {
}

Step 3: Configure Swagger UI Optionally, customize the path to Swagger UI in your application.properties or application.yml file.

springdoc.swagger-ui.path=/custom/swagger-ui

Step 4: Configure Spring Security to Ignore Swagger UI URLs
Exclude specific URLs from Spring Security to allow public access to Swagger UI and API documentation.

// ... existing security configurations

@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
    return web -> web.ignoring().requestMatchers(
            "/swagger-ui/**", "/v3/api-docs/**"
    );
}

With this update, the specified URLs (“/swagger-ui/” and “/v3/api-docs/”) will be ignored by Spring Security, allowing public access to the Swagger UI and API documentation.

Step 5: Run the Application

Start your Spring Boot application and access the Swagger UI to explore and test your API.

http://localhost:8080/custom/swagger-ui.html

Step 6: Explore API Documentation

Utilize the power of Swagger UI to interactively explore API endpoints, request parameters, and responses.

Conclusion:

By following these steps, we have successfully integrated OpenAPI Swagger with Spring Boot project, configured it to work with Spring Security JWT, and provided an interactive API documentation platform for development team.

Spring Boot Feature Flag

Javed Khan — Sat, 03 Sep 2022 05:57:06 +0000

What is a feature flag?

A feature flag is a software development process used to enable or disable functionality remotely without deploying code. New features can be deployed without making them visible to users. Feature flags help decouple deployment from release letting you manage the full lifecycle of a feature.

Feature flags go by many names:

Feature toggle
Feature flipper
Conditional feature
Feature switch
Feature controls
Release toggle

Docker

Docker is a software platform that allows you to build, test, and deploy applications quickly. Docker packages software into standardized units called containers that have everything the software needs to run including libraries, system tools, code, and runtime. Using Docker, you can quickly deploy and scale applications into any environment and know your code will run.

Dockerfiles are text documents that allow you to build images for Docker

You will find the project here

Below command to build image

docker build -t spring-docker:latest .

Below command to run container

docker run --name spd -d -p 8080:8080 spring-docker:latest