Share and remember the things that I have learned
Developing WebSocket server for your Spring Boot app is fairly simple and well described and documented. However when it comes to making sure that it 'actually works' is done manually in most cases. Below I will show how I do the automated integration tests for Websocket server using Spring's StompClient. I assume that you are … Continue reading Automated tests for Spring Boot WebSocket server
Relatively short article explaining fairly complex idea of spring app architecture was published on codebeach: http://www.codebeach.com/2008/06/spring-mvc-application-architecture.html View, Controller, Service and Model layer explained in few sentences each. That helped me a lot when beginning Spring development
Security best practices requires all Authentication related events to be logged in defined format and sometimes event should be handled in special way. Spring security has its own Security Event log implementation and default repository (in memory repository) If you need to provide your own implementation you need to add custom configuration class. The class … Continue reading Spring Boot Security: Custom AuditEvent listener configuration
Think of users using your web application from mobile phones when their internet connection breaks down. Native mobile app would still work and cache all user actions, synchronizing them afterwards. HTML5 web apps can also work offline. Basically it is done by listing the resource files (html, js, images) that browser should cache immadietly and use the … Continue reading HTML 5 Offline Web Application with Spring Boot
If your Spring Boot app is running on embedded Tomcat, you need to use the TomcatConnectionCustomizer class to set up the HTTPS in Tomcat. Get the source code Source Code for this tutorial is available on my github under the SpringBootHttps tag: https://github.com/yacekmm/looksok/tree/SpringBootHttps 1. Prepare keystore and certificate First you need to have your certificate. If you … Continue reading Spring Boot: SSL/HTTPS for embedded Tomcat
User authenticated with username and password can access web pages. The second step is to authorize him - decide whether or not he is authorized to access certain resources or not. Spring supports role based authorization. In this tutorial I will show how to assign users a role and how to authorize them. Use case … Continue reading Spring Security Tutorial: Authorization and user roles
In most cases when you create a web application you need to restrict it to certain groups of users with login and password, manage their roles and sessions. Spring Security helps to develop secured apps supporting all of the AAA aspects: authentication, authorization and accounting. This post will teach you basics about the login & … Continue reading Spring Security: Securing your MVC app with basic login and password authentication
Spring 'Convention over configuration' routine makes it easy to implement basic use cases. But when it comes to advanced configuration, sometimes it can be difficult (see post about authenticating SOAP requests). Another case is when you need to add SOAP Header to the SOAP message. This time it is however much easier than authenticating requests. Sending … Continue reading SOAP request in Spring 4: Add Header to SOAP message
Looks OK! 