Giters

faisal-hameed / advance-spring-app

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Base Spring App

A CRUD application to learn and implement spring concepts.

Prerequisits

  1. Install maven and add it in path

  2. Download lombok and install it your eclipse

  3. Spring Boot

  4. IoC aka DI injection

  5. Swagger for Rest API documentation

  6. Spring Security

  7. Spring AOP

Spring Security

Basic Authentication

API's can be accessed by providing Base64 encoded credentials with each request, using HTTP [Authorization] header. Also need to exclude Swagger-UI resources from security configuration in order to be accessible without credentials.

Protecting APIs against user roles

API's can be protected against user roles in WebSecurityConfiguration.java file.

http.antMatchers("/users/*").hasRole("USER")

Methods level security

Method level security can be enabled using

@EnableGlobalMethodSecurity(prePostEnabled = true)

Then you can use @PreAuthorize annotaion on methods.

@PreAuthorize("hasRole('ADMIN')") or @PreAuthorize("hasAuthority('ROLE_ADMIN')")

Spring AOP

AOP addresses the problem of cross-cutting concerns, which would be any kind of code that is repeated in different methods and can't normally be completely refactored into its own module, like with logging or verification. So, with AOP you can leave that stuff out of the main code and define it vertically.
Mostly used for logging and verification. Spring docs

Other Spring Concepts

  1. Validating spring properties on bootstrap and fail fast if any important property is missing.
    BeanFactoryPostProcessor is used in VerifierBean for this purpose.
  2. StartupLoggingBean implemented to log some environment info at application startup

Unit Testing

Automated Testing

Testing Getters/Setters

OpenPojo is used to test getters/setters automatically.
See this tutorial for full capabilities of OpenPojo.

Testing Getters/Setters

EqualsVerifier is used to test equals and hashCode methods.

Swagger configuration

Code Quality Analysis

SonarQube integration with Maven

Prerequisites

  1. SonarQube already installed and running (url=my.sonar.host:9000)

Run following command to analyze project and post results on sonar server

mvn clean install -Psonar sonar:sonar

Code Coverage with JaCoCo maven plugin

Run following command for code coverage and post results on sonar server

mvn clean install sonar:sonar

Note:

Maven Surefire Plugin

It is used to run unit tests.

Maven Failsafe Plugin

It is used to run integration tests. This plugin will not fail build during mvn integration-test phase. Failsafe plugin only executes test classes named */IT.java, **/*IT.java, **/*ITCase.java

  1. Global exception handling
  2. Object mapper

java -jar -Dspring.profiles.active=prod target/spring-boot-profile-1.0.jar

About

Languages

Language:Java 99.3%Language:Dockerfile 0.7%