17 min read

In this article by Ravi Kant Soni, author of the book Learning Spring Application Development, you will be closely acquainted with the Spring Framework. Spring is an open source framework created by Rod Johnson to address the complexity of enterprise application development. Spring is now a long time de facto standard for Java enterprise software development. The framework was designed with developer productivity in mind and this makes it easier to work with the existing Java and JEE APIs. Using Spring, we can develop standalone applications, desktop applications, two tier applications, web applications, distributed applications, enterprise applications, and so on.

(For more resources related to this topic, see here.)

Features of the Spring Framework

  • Lightweight: Spring is described as a lightweight framework when it comes to size and transparency. Lightweight frameworks reduce complexity in application code and also avoid unnecessary complexity in their own functioning.
  • Non intrusive: Non intrusive means that your domain logic code has no dependencies on the framework itself. Spring is designed to be non intrusive.
  • Container: Spring’s container is a lightweight container, which contains and manages the life cycle and configuration of application objects.
  • Inversion of control (IoC): Inversion of Control is an architectural pattern. This describes the Dependency Injection that needs to be performed by external entities instead of creating dependencies by the component itself.
  • Aspect-oriented programming (AOP): Aspect-oriented programming refers to the programming paradigm that isolates supporting functions from the main program’s business logic. It allows developers to build the core functionality of a system without making it aware of the secondary requirements of this system.
  • JDBC exception handling: The JDBC abstraction layer of the Spring Framework offers a exceptional hierarchy that simplifies the error handling strategy.
  • Spring MVC Framework: Spring comes with an MVC web application framework to build robust and maintainable web applications.
  • Spring Security: Spring Security offers a declarative security mechanism for Spring-based applications, which is a critical aspect of many applications.

ApplicationContext

ApplicationContext is defined by the org.springframework.context.ApplicationContext interface. BeanFactory provides a basic functionality, while ApplicationContext provides advance features to our spring applications, which make them enterprise-level applications.

Create ApplicationContext by using the ClassPathXmlApplicationContext framework API. This API loads the beans configuration file and it takes care of creating and initializing all the beans mentioned in the configuration file:

import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
 
public class MainApp {
 
public static void main(String[] args) {
 
   ApplicationContext context = 
    new ClassPathXmlApplicationContext("beans.xml");
 
   HelloWorld helloWorld = 
    (HelloWorld) context.getBean("helloworld");
 
   helloWorld.getMessage();
}
}

Autowiring modes

There are five modes of autowiring that can be used to instruct Spring Container to use autowiring for Dependency Injection. You use the autowire attribute of the <bean/> element to specify the autowire mode for a bean definition. The following table explains the different modes of autowire:

Mode Description
no By default, the Spring bean autowiring is turned off, meaning no autowiring is to be performed. You should use the explicit bean reference called ref for wiring purposes.
byName This autowires by the property name. If the bean property is the same as the other bean name, autowire it. The setter method is used for this type of autowiring to inject dependency.
byType Data type is used for this type of autowiring. If the data type bean property is compatible with the data type of the other bean, autowire it. Only one bean should be configured for this type in the configuration file; otherwise, a fatal exception will be thrown.
constructor This is similar to the byType autowire, but here a constructor is used to inject dependencies.
autodetect Spring first tries to autowire by constructor; if this does not work, then it tries to autowire by byType. This option is deprecated.

Stereotype annotation

Generally, @Component, a parent stereotype annotation, can define all beans. The following table explains the different stereotype annotations:

Annotation Use Description
@Component Type This is a generic stereotype annotation for any Spring-managed component.
@Service Type This stereotypes a component as a service and is used when defining a class that handles the business logic.
@Controller Type This stereotypes a component as a Spring MVC controller. It is used when defining a controller class, which composes of a presentation layer and is available only on Spring MVC.
@Repository Type This stereotypes a component as a repository and is used when defining a class that handles the data access logic and provide translations on the exception occurred at the persistence layer.

Annotation-based container configuration

For a Spring IoC container to recognize annotation, the following definition must be added to the configuration file:

<?xml version="1.0" encoding="UTF-8"?>
<beans 


xsi_schemaLocation="http://www.springframework.org/schema/beans
   http://www.springframework.org/schema/beans/spring-beans.xsd
   http://www.springframework.org/schema/context
   http://www.springframework.org/schema/context/spring-context-
    3.2.xsd">
 
<context:annotation-config />                            
</beans>

Aspect-oriented programming (AOP) supports in Spring

AOP is used in Spring to provide declarative enterprise services, especially as a replacement for EJB declarative services. Application objects do what they’re supposed to do—perform business logic—and nothing more. They are not responsible for (or even aware of) other system concerns, such as logging, security, auditing, locking, and event handling. AOP is a methodology of applying middleware services, such as security services, transaction management services, and so on on the Spring application.

Declaring an aspect

An aspect can be declared by annotating the POJO class with the @Aspect annotation. This aspect is required to import the org.aspectj.lang.annotation.aspect package. The following code snippet represents the aspect declaration in the @AspectJ form:

import org.aspectj.lang.annotation.Aspect;
import org.springframework.stereotype.Component;
 
@Aspect
@Component ("myAspect")
public class AspectModule {
// ...
}

JDBC with the Spring Framework

The DriverManagerDataSource class is used to configure the DataSource for application, which is defined in the Spring.xml configuration file. The central class of Spring JDBC’s abstraction framework is the JdbcTemplate class that includes the most common logic in using the JDBC API to access data (such as handling the creation of connection, creation of statement, execution of statement, and release of resources). The JdbcTemplate class resides in the org.springframework.jdbc.core package.

JdbcTemplate can be used to execute different types of SQL statements. DML is an abbreviation of data manipulation language and is used to retrieve, modify, insert, update, and delete data in a database. Examples of DML are SELECT, INSERT, or UPDATE statements. DDL is an abbreviation of data definition language and is used to create or modify the structure of database objects in a database. Examples of DDL are CREATE, ALTER, and DROP statements.

The JDBC batch operation in Spring

The JDBC batch operation allows you to submit multiple SQL DataSource to process at once. Submitting multiple SQL DataSource together instead of separately improves the performance:

Learning Spring Application Development

JDBC with batch processing

Hibernate with the Spring Framework

Data persistence is an ability of an object to save its state so that it can regain the same state. Hibernate is one of the ORM libraries that is available to the open source community. Hibernate is the main component available for a Java developer with features such as POJO-based approach and supports relationship definitions. The object query language used by Hibernate is called as Hibernate Query Language (HQL). HQL is an SQL-like textual query language working at a class level or a field level. Let’s start learning the architecture of Hibernate.

Hibernate annotations is the powerful way to provide the metadata for the object and relational table mapping. Hibernate provides an implementation of the Java Persistence API so that we can use JPA annotations with model beans. Hibernate will take care of configuring it to be used in CRUD operations. The following table explains JPA annotations:

JPA annotation Description
@Entity The javax.persistence.Entity annotation is used to mark a class as an entity bean that can be persisted by Hibernate, as Hibernate provides the JPA implementation.
@Table The javax.persistence.Table annotation is used to define table mapping and unique constraints for various columns.

The @Table annotation provides four attributes, which allows you to override the name of the table, its catalogue, and its schema. This annotation also allows you to enforce unique constraints on columns in the table. For now, we will just use the table name as Employee.

@Id Each entity bean will have a primary key, which you annotate on the class with the @Id annotation.

The javax.persistence.Id annotation is used to define the primary key for the table.

By default, the @Id annotation will automatically determine the most appropriate primary key generation strategy to be used.

@GeneratedValue javax.persistence.GeneratedValue is used to define the field that will be autogenerated.

It takes two parameters, that is, strategy and generator.

The GenerationType.IDENTITY strategy is used so that the generated id value is mapped to the bean and can be retrieved in the Java program.

@Column javax.persistence.Column is used to map the field with the table column.

We can also specify the length, nullable, and uniqueness for the bean properties.

Object-relational mapping (ORM, O/RM, and O/R mapping)

ORM stands for Object-relational Mapping. ORM is the process of persisting objects in a relational database such as RDBMS. ORM bridges the gap between object and relational schemas, allowing object-oriented application to persist objects directly without having the need to convert object to and from a relational format:

Learning Spring Application Development

Hibernate Query Language (HQL)

Hibernate Query Language (HQL) is an object-oriented query language that works on persistence object and their properties instead of operating on tables and columns. To use HQL, we need to use a query object. Query interface is an object-oriented representation of HQL. The query interface provides many methods; let’s take a look at a few of them:

Method Description
public int executeUpdate() This is used to execute the update or delete query
public List list() This returns the result of the relation as a list
public Query setFirstResult(int rowno) This specifies the row number from where a record will be retrieved
public Query setMaxResult(int rowno) This specifies the number of records to be retrieved from the relation (table)
public Query setParameter(int position, Object value) This sets the value to the JDBC style query parameter
public Query setParameter(String name, Object value) This sets the value to a named query parameter

The Spring Web MVC Framework

Spring Framework supports web application development by providing comprehensive and intensive support. The Spring MVC framework is a robust, flexible, and well-designed framework used to develop web applications. It’s designed in such a way that development of a web application is highly configurable to Model, View, and Controller. In an MVC design pattern, Model represents the data of a web application, View represents the UI, that is, user interface components, such as checkbox, textbox, and so on, that are used to display web pages, and Controller processes the user request.

Spring MVC framework supports the integration of other frameworks, such as Struts and WebWork, in a Spring application. This framework also helps in integrating other view technologies, such as Java Server Pages (JSP), velocity, tiles, and FreeMarker in a Spring application.

The Spring MVC Framework is designed around a DispatcherServlet. The DispatcherServlet dispatches the http request to handler, which is a very simple controller interface.

The Spring MVC Framework provides a set of the following web support features:

  • Powerful configuration of framework and application classes: The Spring MVC Framework provides a powerful and straightforward configuration of framework and application classes (such as JavaBeans).
  • Easier testing: Most of the Spring classes are designed as JavaBeans, which enable you to inject the test data using the setter method of these JavaBeans classes. The Spring MVC framework also provides classes to handle the Hyper Text Transfer Protocol (HTTP) requests (HttpServletRequest), which makes the unit testing of the web application much simpler.
  • Separation of roles: Each component of a Spring MVC Framework performs a different role during request handling. A request is handled by components (such as controller, validator, model object, view resolver, and the HandlerMapping interface). The whole task is dependent on these components and provides a clear separation of roles.
  • No need of the duplication of code: In the Spring MVC Framework, we can use the existing business code in any component of the Spring MVC application. Therefore, no duplicity of code arises in a Spring MVC application.
  • Specific validation and binding: Validation errors are displayed when any mismatched data is entered in a form.

DispatcherServlet in Spring MVC

The DispatcherServlet of the Spring MVC Framework is an implementation of front controller and is a Java Servlet component for Spring MVC applications. DispatcherServlet is a front controller class that receives all incoming HTTP client request for the Spring MVC application. DispatcherServlet is also responsible for initializing the framework components that will be used to process the request at various stages.

The following code snippet declares the DispatcherServlet in the web.xml deployment descriptor:

<servlet>
<servlet-name>SpringDispatcher</servlet-name>
<servlet-class>
   org.springframework.web.DispatcherServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
 
<servlet-mapping>
<servlet-name>SpringDispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>

In the preceding code snippet, the user-defined name of the DispatcherServlet class is SpringDispatcher, which is enclosed with the <servlet-name> element. When our newly created SpringDispatcher class is loaded in a web application, it loads an application context from an XML file. DispatcherServlet will try to load the application context from a file named SpringDispatcher-servlet.xml, which will be located in the application’s WEB-INF directory:

<beans 

 
 
xsi_schemaLocation=" http://www.springframework.org/schema/beans 
 http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
 http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-
 3.0.xsd http://www.springframework.org/schema/mvc 
 http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd">
 
<mvc:annotation-driven />
 
<context:component-scan base-
 package="org.packt.Spring.chapter7.springmvc" />
 
<beanclass="org.springframework.web.servlet.view.
 InternalResourceViewResolver">
   <property name="prefix" value="/WEB-INF/views/" />
   <property name="suffix" value=".jsp" />
</bean>
 
</beans>

Spring Security

The Spring Security framework is the de facto standard to secure Spring-based applications. The Spring Security framework provides security services for enterprise Java software applications by handling authentication and authorization. The Spring Security framework handles authentication and authorization at the web request and the method invocation level.

The two major operations provided by Spring Security are as follows:

  • Authentication: Authentication is the process of assuring that a user is the one who he/she claims to be. It’s a combination of identification and verification. The identification process can be performed in a number of different ways, that is, username and password that can be stored in a database, LDAP, or CAS (single sign-out protocol), and so on. Spring Security provides a password encoder interface to make sure that the user’s password is hashed.
  • Authorization: Authorization provides access control to an authenticated user. It’s the process of assurance that the authenticated user is allowed to access only those resources that he/she is authorized for use. Let’s take a look at an example of the HR payroll application, where some parts of the application have access to HR and to some other parts, all the employees have access. The access rights given to user of the system will determine the access rules. In a web-based application, this is often done by URL-based security and is implemented using filters that play an primary role in securing the Spring web application. Sometimes, URL-based security is not enough in web application because URLs can be manipulated and can have relative pass. So, Spring Security also provides method level security. An authorized user will only able to invoke those methods that he is granted access for.

Securing web application’s URL access

HttpServletRequest is the starting point of Java’s web application. To configure web security, it’s required to set up a filter that provides various security features. In order to enable Spring Security, add filter and their mapping in the web.xml file:

<!—Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.
 DelegatingFilterProxy</filter-class>
</filter>
 
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

Logging in to a web application

There are multiple ways supported by Spring security for users to log in to a web application:

  • HTTP basic authentication: This is supported by Spring Security by processing the basic credentials presented in the header of the HTTP request. It’s generally used with stateless clients, who on each request pass their credential.
  • Form-based login service: Spring Security supports the form-based login service by providing a default login form page for users to log in to the web application.
  • Logout service: Spring Security supports logout services that allow users to log out of this application.
  • Anonymous login: This service is provided by Spring Security that grants authority to an anonymous user, such as a normal user.
  • Remember-me support: This is also supported by Spring Security and remembers the identity of a user across multiple browser sessions.

Encrypting passwords

Spring Security supports some hashing algorithms such as MD5 (Md5PasswordEncoder), SHA (ShaPasswordEncoder), and BCrypt (BCryptPasswordEncoder) for password encryption.

To enable the password encoder, use the <password-encoder/> element and set the hash attribute, as shown in the following code snippet:

<authentication-manager>
<authentication-provider>
   <password-encoder hash="md5" />
   <jdbc-user-service data-source-
    ref="dataSource"
   . . .
 
</authentication-provider>
</authentication-manager>

Mail support in the Spring Framework

The Spring Framework provides a simplified API and plug-in for full e-mail support, which minimizes the effect of the underlying e-mailing system specifications. The Sprig e-mail supports provide an abstract, easy, and implementation independent API to send e-mails.

The Spring Framework provides an API to simplify the use of the JavaMail API. The classes handle the initialization, cleanup operations, and exceptions. The packages for the JavaMail API provided by the Spring Framework are listed as follows:

Package Description
org.springframework.mail This defines the basic set of classes and interfaces to send e-mails.
org.springframework.mail.java This defines JavaMail API-specific classes and interfaces to send e-mails.

Spring’s Java Messaging Service (JMS)

Java Message Service is a Java Message-oriented middleware (MOM) API responsible for sending messages between two or more clients. JMS is a part of the Java enterprise edition. JMS is a broker similar to a postman who acts like a middleware between the message sender and the receiver.

Message is nothing, but just bytes of data or information exchanged between two parties. By taking different specifications, a message can be described in various ways. However, it’s nothing, but an entity of communication. A message can be used to transfer a piece of information from one application to another, which may or may not run on the same platform.

The JMS application

Let’s look at the sample JMS application pictorial, as shown in the following diagram:

Learning Spring Application Development

We have a Sender and a Receiver. The Sender is responsible for sending a message and the Receiver is responsible for receiving a message. We need a broker or MOM between the Sender and Receiver, who takes the sender’s message and passes it from the network to the receiver. Message oriented middleware (MOM) is basically an MQ application such as ActiveMQ or IBM-MQ, which are two different message providers. The sender promises loose coupling and it can be .NET or mainframe-based application. The receiver can be Java or Spring-based application and it sends back the message to the sender as well. This is a two-way communication, which is loosely coupled.

Summary

This article covered the architecture of Spring Framework and how to set up the key components of the Spring application development environment.

Resources for Article:


Further resources on this subject:


LEAVE A REPLY

Please enter your comment!
Please enter your name here