Book Image

Learning Spring Boot 2.0 - Second Edition

By : Greg L. Turnquist, Greg L. Turnquist

Book Image

Learning Spring Boot 2.0 - Second Edition

By: Greg L. Turnquist, Greg L. Turnquist

Overview of this book

Spring Boot provides a variety of features that address today's business needs along with today's scalable requirements. In this book, you will learn how to leverage powerful databases and Spring Boot's state-of-the-art WebFlux framework. This practical guide will help you get up and running with all the latest features of Spring Boot, especially the new Reactor-based toolkit. The book starts off by helping you build a simple app, then shows you how to bundle and deploy it to the cloud. From here, we take you through reactive programming, showing you how to interact with controllers and templates and handle data access. Once you're done, you can start writing unit tests, slice tests, embedded container tests, and even autoconfiguration tests. We go into detail about developer tools, AMQP messaging, WebSockets, security, and deployment. You will learn how to secure your application using both routes and method-based rules. By the end of the book, you'll have built a social media platform from which to apply the lessons you have learned to any problem. If you want a good understanding of building scalable applications using the core functionality of Spring Boot, this is the book for you.

Preface

What this book covers

What you need for this book

Who this book is for

Reader feedback

Customer support

Free Chapter

Quick Start with Java

Quick Start with Java

Getting started

Spring Boot starters

Running a Spring Boot application

Delving into Spring Boot's property support

Bundling up the application as a runnable JAR file

Deploying to Cloud Foundry

Adding production-ready support

Reactive Web with Spring Boot

Reactive Web with Spring Boot

Creating a reactive web application with Spring Initializr

Learning the tenets of reactive programming

Introducing Reactor types

Switching from Embedded Netty to Apache Tomcat

Comparing reactive Spring WebFlux against classic Spring MVC

Showing some Mono/Flux-based endpoints

Creating a reactive ImageService

Creating a reactive file controller

Why use reactive programming?

Interacting with a Thymeleaf template

Illustrating how going from async to sync can be easy, but the opposite is not

Reactive Data Access with Spring Boot

Reactive Data Access with Spring Boot

Getting underway with a reactive data store

Solving a problem

Creating a reactive repository

Pulling data through a Mono/Flux and chain of operations

Creating custom finders

Querying by example

Querying with MongoOperations

Logging reactive operations

Testing with Spring Boot

Testing with Spring Boot

Test dependencies

Slice-based testing

Testing WebFlux controllers

Fully embedded Spring Boot app tests

Testing your custom Spring Boot autoconfiguration

Developer Tools for Spring Boot Apps

Developer Tools for Spring Boot Apps

Using Spring Boot's DevTools for hot code reloading

Using Spring Boot's autoconfiguration report

Making local changes and seeing them on the target system

Writing a custom health check

Adding build data to /application/info

Creating custom metrics

Working with additional Actuator endpoints

AMQP Messaging with Spring Boot

AMQP Messaging with Spring Boot

Getting started with RabbitMQ

Adding messaging as a new component to an existing application

Creating a message producer/message consumer

Adding customized metrics to track message flow

Peeking at Spring Cloud Stream (with RabbitMQ)

Microservices with Spring Boot

Microservices with Spring Boot

A quick primer on microservices

Dynamically registering and finding services with Eureka

Introducing @SpringCloudApplication

Calling one microservice from another with client-side load balancing

Implementing microservice circuit breakers

Monitoring circuits

Offloading microservice settings to a configuration server

WebSockets with Spring Boot

WebSockets with Spring Boot

Publishing saved comments to a chat service

Creating a chat service to handle WebSocket traffic

Consuming WebSocket messages from the web page

Moving to a fully asynchronous web client

Handling AJAX calls on the server

Introducing user chatting

Sending user-specific messages

Checking out the final product

JSR 356 versus Spring WebFlux messaging

Securing Your App with Spring Boot

Securing Your App with Spring Boot

Securing a Spring Boot application

Using Spring Session

Securing the chat microservice

Sharing session details with other microservices

Securing the images microservice

Wiring in image ownership

Tailoring the UI with authorization checks

Securing WebSockets

Securing the Config Server

Securing the Eureka Server

Taking Your App to Production with Spring Boot

Taking Your App to Production with Spring Boot

Profile-based sets of beans

Creating configuration property beans

Overriding property settings in production

Pushing app to Cloud Foundry and adjusting the settings

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Securing WebSockets

So far, we have secured the chat service and the images service.

Or have we?

Well, we configured chat as the Gateway API for our microservices using Spring Cloud Gateway. To do that, we made it the sole source of HTTP session creation. Given that the session details were also included in forwarded web requests, our Gateway API is nicely buttoned up.

However, the chat microservice's critical function is brokering WebSocket messages. And we haven't lifted a finger to secure that component. Time to roll up our sleeves and get to work.

Since our WebSocket handlers are stream oriented, we merely need to slip in a parent class that authorizes things when the WebSocket session is configured, as follows:

    abstract class AuthorizedWebSocketHandler 
     implements WebSocketHandler { 
 
       @Override 
       public final Mono<Void> handle(WebSocketSession...