From Zero to Hero with Spring Boot - Brian Clozel

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

welcome to this talk welcome to from zero to zero from hero to zero to hero with spring with two data so if you're not familiar with spring boot that's the perfect talk but just so you know if you're have some if you have some experience with spring boot it's also not a bad place because I'm going to show you the getting started experience that you can expect with spring boot to dados so compared to 1 5 in previous we changed a few things so you'll see that during the talk and this will be a whole demo oriented presentation just before we start I just wanted to know who's using spring boot already nowadays ok ok and who's not using or not familiar with spring good ok good enough so that that's a good mix perfect so also just so you know everything here is based on the current state of affairs so 2.0 milestone 7 we're still in the milestone phase but it should be the last one so if you're have not tested yet the latest milestone you should definitely do this and if specially if you see something today that you think is strange or doesn't you don't really agree with and just try things out with your existing applications and send us an issue or a note and we'll be happy to take a look at that now if you're wondering the whole presentation and the whole code powering the that application is located there so it's already available there commit by commits explain explanations and all so you can just sit and relax and we can do that application together all right so just like this morning if you want to start a spring good application the best thing is to go to start my spring that IO fill in a few things a few details and in our case for example saying I want to build a web app select here the latest milestone hit generate project you can change a few other things as well but hit generate and you get a zip of that application that is ready to be to be used so it's not only the configuration it comes also with a few opinions and we'll see that right now so if you unzip that what you get is a skeleton application and in that actually in that skeleton what you have is here upon so what we can see is we have a a parent the spring with parent star parent pawn which brings a shell essentially the dependency management so that's why in a spring good application palm you don't usually declare a lot of dependencies is because a lot of those are managed already by the parent so this is pretty useful for applications because you know that the versions of your libraries that you use using they're kind of blessed by the spring blue team or we're running our tests with those integration tests and we're pretty careful to not break public api's through those libraries so you can you can stay on those quite safely not compulsory but you can use it as well the build plugin so that that brings you typically the jar packaging and other things as well so you could do things manually but it's pretty useful to have that so so here we've got a starter application with a web and tests and the goal of our application here is to have a an issues dashboard for for us so let's say you have several projects on github and you'd like to see whatever happens on those projects all the events and if you opened a comment something and you would like to have that on a particular page and you will use that sample use case to build an application and showcase a few a few features and a few things you can do with spin boot so the first thing we'd like to do is start the application and to understand the the essence of screen boot is that most of most most of the times when you when you Express start to express an opinion spring Buddhist is trying to express one as well so here we've we've said this is a web application saying that will bring several dependencies including spring MVC and Tomcat as a default server so as we can see here starting the application will start a tomcat server on port 8080 and if you go to that place you'll see a white label error page so we've got nothing now we just have a 4/4 so we've got this but just so you know as well if you do that in the same way with a common line or curl or something instead of having an HTML page you get a nice error in JSON format so already first opinions nice error a nice error handling and useful messages in your application now what we'd like to do is to have projects so we'd like to have an organization named github organization name and repo name and those are the projects would like to to look at so to do that we'd like to persist those in our you know database because we'd like to choose those and have that in our application so if you want to do that you can express that's one of the ways of adding features to your spring good application you can start to ask for a starter and here we like a spring boot start that data JPA so with that you get spring data JPA and hibernate and other things as well so this is not enough because what you do what you like to have as well is to store those things for now into data store here for our use case we'll use H 2 as an in-memory database let me let me make myself offline for now and once we have that we can we can restart our application so we've got our application started and here we can see that we've got some hibernate stuff happening and we we want to see we'd like to see things actually but there's nothing really here to see we don't have any DS we don't have anything yet so one thing - we could actually have is to use actually - to use dev tools with spring do that with dream dev tools it's it's helping you to have a better experience while you're developing with spring boots yeah questioner sorry oh sorry yeah please remind me of this if I forgot to turn that on so we you can use dev tools and dev tools is super useful for all your Dilton lifecycle so we'll see what it can bring but dev tools will bring several things including here if you start an application with an h2 server embedded it probably means that you're in development mode here we are in development mode and what we do what spring bird is doing is that it's starting the h2 console as well in as a servlet in your application so this is super useful you can see your database when you've got things already set up so here we've got nothing yet obviously so we can start to add things here I'd like to add here under an events package because we'll look at the events going on in spring in our repositories github repositories so here right what we can add is a github project entity I've got that already project so this is a simple entity with a generate value as an ID and the organization name in the repo name in github so we'd like to have that persistent in a database so with spring data JPA we definitely need a repository so we'll add a github project repository as an interface what we need is to have a repository to tell what we'd like to have so we're persisting get up projects and with long as IDs and if you've not seen that on the github project we've had we have a unique constraint on the repo name because we are under the assumption that we'll look at only one named project with a particular name and will not look at several projects with the same name under several organizations so to simplify things we'll I would like to have this unique constraint so because we have that we can add a specific method in our in our interface so if you don't know about Spring data here just by the sheer virtue of adding a new method in in an interface if we follow some rules and some constraints you can define some methods you can define methods and they'll be automatically implemented for you so here we'd like to have a fine bye repo name and with the repo name and we know that we'll get a getter project because we know it's unique and we'll get only one so just with that and here the thing we could do is okay if I just recompile my application we'll get restarted not the whole JVM just the just the spring context so that that's one thing I'd like to discuss with you first so dev tools is doing something something nice so whenever you have dev tools on classpath and you're running your application in your IDE so not you have a dash jar because that's supposed to be production like so if you're running an application like this Deftones will detect that and will start the application with to the floor with different class loaders one class over for your libraries and stuff in one class or for your application code and whenever something changes in your application class path here your code right the screen context will be restarted if you added a class or change something to a class and restoring that is super quick and you can see changes live on your application you don't need to restart your your server all the time and if you're changing only static resources or things like this you don't need the the process won't even restart at all it'll be reflected live so here we can see that we are back to into the dh2 console and we see that we've got our github project table with ID or name repo name and with that table was generated by by JP a but here what we'd like to do as well is to to manage the schema of our database ourself we we won't we don't want that to be generated by the ORM because we'd like to have a for example migrations and would like to run my migrations in production so changing your schema adding adding columns things like this so for that we can use a library that's called Flyway and the spring Buddha as an integration for that so here we can add a dependency which is flyweight core so I think that dependency will will add a few things to into the mix and we see that if we restart our application right away and I'll explain you why I'm restarting so here we get an error message saying that we're waiting for something in our class path in database migration that's because Flyway with Playaway we you're expected to provide migration scripts to to take care of your database schema and every started because dev tools because I told you that dev tools is separating things in to class loaders whenever you do something to your Gradle build or maven pond you should restart your application because dev tools won't look at the library change it won't see it so whenever you change something to your build make sure just to restart and all the other changes you should be taken care of automatically so here would like to take care of this and would like to add a migration script so with a migration script the usual way to name those is to have a version name and then underscore underscore and then a name for your migration and here we'll call it in it and sequel and here we'll just like to describe what our schema will look like so here we're just describing a schema database schema for a get a project putting an index and you know so if I restarted then we can take another look at our database and this time we still get the getup project thing but we get an additional table and the schema version is a table that's managed by flyweight and that's where you basically see all the migrations that happens in your application so here we run the version 1 script and it's and that's the checksum and it was installed on etc etc same thing we'd like to add a new one to add some data from the demo so obviously this is all an in-memory database but I could do that with a local my sequel install and that's actually the use case for that kind of stuff is to run against an existing database with existing data so here we can add another script to insert some data and this time I'll insert some things so a few projects so spring boots initializer in sagen a few a few projects like this so again if I recompile my application is restarting and if I look at the schema this time we see two migrations and if I look at the get up project I see all those projects persisted already in our database so cool we've got our starting point we've got a few data with some data in our database with with a few get up projects and now we got to deal with a hard part which is fetching data from from the github API and with with for those projects so for that we need to add a few things I'll first add a github package and we will track a few things from the github API so I need first to write a few classes and to deserialize data from the JSON rest JSON API and get of is providing so we'll track repository events so those events those events here so this is a simple class that's tailored for for Jackson so here we've got for each event we got a type of event the creation when it was created and additional data like the actor who did that that actions and if there's an issue related to that event which issue it is so we don't want to spend too much time here but we know that we need a nectar and director got ready so we'll have a logging avatar etc and if we go back here we've got as well issue and issue here okay good enough so we have all of this and we're ready to just utilize data from the github API so now we need to create a get up client something to fetch data from the github API and we'll get to we'd like to fetch those events and at first expose those as a you rest endpoint to see if we were on the right track so let's do this so we can create now it's okay so we can create a get up client which is a component and we'll see how spring boot can can help us as well writing that type of that kind of code so we want to fetch data from an existing github API so we'll use this URL which is the events usually issues events in the github API and we like to use that one to to fetch our events so I know I'll need a rest template here but it it's not something that I want to create as a bean I'll use the rest template builder so a rest m5 builder is something that booth is providing as well so let's say you want to have all the nice configuration things that that screen would provide so including for example with rest template Springwood is providing the type of client that powers the rest template so if it is the JDK one or apache HTTP or https so depending on what you have on classpath we'll configure things differently because you expressed an opinion we'll try to go ahead with it so the type of client and as well the visualization options so if you write something in your application properties about jackson properties or jackson configuration we'll riff like that in the distillation process that will take place with the rest template so the builder is quite useful because let's say you don't want necessarily to expose that rest template as a bean in your application you probably want to still have that opinion in boots so the builder is definitely this it's it's just a builder API that you can use to just build if you're happy with it or you can do more more things in it and customize the that builder and we'll do that later so here we'd like to have the response the response from the the API from github so let's say we want response entity with the repository events as an array and we'll call that fetch events with a string or name and repo name so to fetch that it's quite easy we can use our rest and plate and ask for an entity about that URL the events issues one we know that we want an array of repository event and we want to replace the parts with owner and repo we want to replace that with the arguments of that methods so if we do that we have directly that response that response entity and we're already ready to have that so we can definitely expose data as a controller and let's say we want to create an events controller as a rest as a controller like that and here too because we haven't seen much of the the power of dev tools I'll show you something else as well so here if we go to the root page of our application we've got a for for but here I'll just show you this here I've got a little extension in my browser which is live reload so if you install that it's not specific to spring boot it's a standard protocol you can have with many applications so it's just a web socket server running into the spring good applications when dev tools in is enabled and that's a way to tell any client here are browsers that that's something changed on the web page so whenever you change something in your application something is triggered use something the server is sending in events to the browser and the page refreshes automatically so it's not really fancy but it's super useful whenever you're writing your application you don't have to refresh things all the time so here we're connected because the dot is it's like and I can start to have a I can create a new endpoint for the mapping so let's say here I want to create a response body and I'll call it I'd say events with a repo name something like this and our stream repository events fetch events with a repo with a repo name that I'll fetch from the actual URL so this is a path far variable okay to show you something first we'll we need to fetch that data from using data the getup client and the actual repository that we've got with all the projects so because we just have a repo name we'd like to get the org name and the repo name so for that we need to get the getup project repository injected in our application and we also need to get our getup client as well also final so let's add that to as constructor constructor parameters and we're ready to have something here so let's say I looking in my repository and I'm looking at the repo name and I want to know if there's a project name like this so let's say if my work will see that will say that our project is not null but we could do like we could send it for 4 or something like this but here we just like to return our getup client and fetch the events for the project that we found with its org name and the projects with repo name and we'll get the body of this directly so refreshing this and going to the events here we should get the information from github so I've got an extension going on with my browsers and that's why it's it's displayed properly so here we can see what happens on the spring do projects recently so some some issue got and labeled and we're seeing things here just utilized so we've got we've got the basics running for application and we're fetching data from github so right one thing that is not really displayed here is that whenever you're using the the github API the the github API is rate limited so basically from a given IP you you're allowed to make roughly 60 calls per hour which is not not a lot so that application if run in production that one we work after a few queries so we definitely want to have something to some authentication token in our application to send that off on the occasion token to the github API so we can have a better rate limit something more comfortable so that our application doesn't explode at runtime so we'd like to have a configuration key and have that into our get up client to send that token with all the requests but this can be a bit tedious if you if you try to do that yourself you'd have to manage the environment and create configuration configuration yourself etc so here get up so here a spring booties providing a nice infrastructure nice mechanism which is the configuration properties and you already see that when you use the application properties and you go like server dot port something like this you already have auto completion within your ID favorite ID and you can get information about what it does and this is automatically computed in the right place so you can use that already to express opinions in spring good applications but if you would like to do that yourself as well for your own application you can definitely do that so here what I'd like to have is a github properties class so defining your own properties is not hard at all it's just a simple pojo to start with so here we'd like to have a token so token and that will be our main property that we'll have with our getter properties so this is we're almost there I'm starting with this so we'd like to have our a github though that token configuration key so for this we need to express to tell to tell Spring good that we need to be in the github namespace in our application so to do that you can add a configuration properties annotation and say I want to be under the github namespace in my application and as soon as you do that you see that in your ID you have a red banner saying that you should definitely do something and we'll do that a bit later so once you have that you can also you need to tell Springwood that that configuration class exists so what how Springwood works with our own configuration in spring boots we we're not enabling all the configurations for everything we're enabling those whenever it's useful in your application so whenever the Associated configuration will run so in this case we're not running web flex so we want a parson enable all the websites related configuration and that's the same thing for our application so we need to tell Spring boot that you need to look at that configuration class so usually you want to do that either in your own local auto configuration if you're writing your own and if you'd like to know more about this you can come to a talk tomorrow given by Stefan and I about the Under the cover of the spring booth how screen-readers is working internally and how things work so you can see it's not magic at all but here we can just say that we want to enable the configuration properties for our get up properties gate properties class so just doing this we have now our application that will take care of spring food will take care of that key and we can reuse it somewhere but as you can see if I if I go to the application properties and if I write github nothing happens and that's where the reddish banner here is really useful if you click on it it will bring you to the reference documentation of spring boot and this will tell you that if you want to have the nice Auto completion supporting your ID you can have that really easily it's just about adding a dependency to your project so that will be the annotation configuration processor so this is an annotation processor so it will at compile time it will look at the at your project and it will look at all the classes in your project and it will generate metadata based on the configuration classes that you that you wrote so if I compile here what happens is not only I get something new in my target classes made a tenth here so you can see it created the metadata associated with whatever we wrote so here it's in get up properties we've got a token property but it's not enough so let's say we want to document that and we won't say this is the github API token and it should look like user and sample token something like this so if we recompile we can see that the description has been added already to to the to the metadata and IDs know about this so if you go in application properties and you start writing I get up again we can see all the nice information already displayed in you no idea about this so we could configure the token right there one thing that bothers me is that like in the documentation of that property I said it should look like user Colin something but I if I if I do something like this this will work nothing will complain about this the application will restart and I'll just have a problem at runtime whenever I try to send a request it won't be taken into account so I'd like to add something more to to make sure that it's working properly that format is is respected so for this I'd like to add some data here so we can tell it that it's a pattern and we can add validation so it's a red X and we'll have a word and then Colin and then another word and if we tell it that it's validated that way Springwood notice that you want that property class to be validated and all the values and that it should expect the validation rules to be to be right so if I rerun this time I get a nice application error saying that if you'll just start because the value test that I provided is definitely not the right one and that should have that matching reg X working with with my properties so this is a bit better right so we should definitely now use that property and stop having this so if you want to use it you can inject it anywhere in your as a component in your application so we definitely want to inject here so now we've got a we want the properties here and we want to get that token information already in our project so we'd like to add an interceptor so that every time we send a request to the github API we'd like to send that information that authentication token along our request to make sure that the rating doesn't and the low-level writing doesn't apply to us so for that I can create a interceptor so that's a basic rest template interceptor as you can see where we are looking at the token if the gate token information is there we'll create a null value from it with basic and we'll base64 it that value and we'll send it in the authorization header and that should be enough to github so we can create a new instance for this and that's where the builder is quite handy because we definitely don't want that information to leak to any other part or any other API that we might be using in our application we just want this to be useful for our github client so that's where we can add an interceptor which will be the new get up API app token interceptor and we can use the properties get token here and compile and oh I got a connection timeout and that must be the Wi-Fi behaving a bit otherwise I new not yeah cool okay so now we still have our application running and we still have that on that endpoint working but we still don't know if the token is centered properly and then that's a bit that's a bit strange and we don't even know if the value is set properly where it comes from we're missing a bit of context to know which is which and that brings a another question is we don't know much of our application when it's running if that application was running and we didn't have it running locally we wouldn't know much about our application and this is this is often something we want to have them both with most applications we want to have non-functional requirements for our application something that is not strictly related to our core business but something that is very useful when you're running the application in production so for this you've probably seen that already we've got an actuator so actuator is pack is a jar that spring provides with tons of features in it and actuators provides a lot of things I will see what so when you restart your application you see that you get additional additional endpoints configured with your application so we can try to hit those so here we've got three endpoints itself health and info so if you look at elf we know that the and the application is up everything's fine and in foam we've got no specific information display here so have you seen if you already know about spring boots you know that in 1 5 by default we expose much more and for spring boot to toe we did a few things including setting the actuator under a different path so it's not under the root path it's under a slash actuator so you can absolutely change that with properties or even set it to root if you want but it's pretty useful if you don't want to run into collision issues with your own application if you've got already existing endpoints with the same name it's it's really hard so here we've got less risk of collisions and as well you don't have security issues because it's pretty easy to add actuator and forget about setting the right security measures on your application and finally expose a lot of things in your application over the internet that you didn't want exposed in the first place so the new choice here is to secure by default everything I have just all those two exposed by default and and now it's up to you to make the right choice about security or exposing things so here because it's a demo I'd like to show you more so I'll show you the the way to expose more so if you use the management endpoint expose here you can see that by default value is health and info and that's what we actually see but if you want you can list more or just say star and I didn't have that yeah cool ok refresh is automatically so you know the end we start you have everything so if you don't know about those you have many super useful endpoints including bins with the full list of all the bins where they come from which class and all in your application the conditions this one is as well super useful if you if you'd like to know more about spring boot why something behaves like this and why that that was configured or not configured as I expected the condition is conditions is super useful it's more or less the equivalent of using the - - debug flag when you start your application so we get a full list of everything that's been good auto configured and not a lot of configured for you so you get a positive positive matched matches so everything that we saw that you probably wanted us to auto configure so you get everything here from here probably the Tomcat server to actor actuator features etc etc so you can see if something is here that you didn't expect or something is missing you can see why that that configuration was applied and and why it applied or not so it can be a configuration property that was set to true or it could be a class being there on your class path it could be many things so with this you can see why and why not things were set up in the way they were configuration properties is pretty useful here as well so here if we look at github we can see that we've got our configuration properties taken into account with the prefix and and the basic stuff and we've got new values set for now if you want to know more about about that you can directly look at the environment and if you let's say we want to know just more about the token that we have here we can see that we've got nothing but let's say if I say using the right format here so you'd see that that value so because it's named token so if it's named token or passwords passwords of things like this by default we don't expose the actual value we replace it by stars so you're sure that not to not expose secrets without without knowing it and in new in spring Mbutu we also tell you pinpoint the exact source of a given application property so here the line and the actual position in the in the file so to know more even to know more about this I'd like to do two things I'd like to have a indicator because let's say the github API is not available that we will obviously break my IP in my application so I'd like to embed in the health and point more information in the health actuator health so right now we only no no it's up but I'd like to know a bit more about this so if you want to expose all the information you can ask to show all the details about health so you get a endpoint by endpoints configuration property for this so if I recompile this we can see that I get in additional information about the health of my application so whenever you add something to your application so here I've only got a disk in a database but let's say if you had a different another database or if you add a readies connection or something will automatically add more health indicators to that list so you can see that the global status is up that I've got enough disk space in that my database is running properly and that I used a test querying to that database and that the database returns us up so I'd like to have one like this but for my github API because I'm using that as an external API and it's pretty important to my application so I'd like to know if things aren't working properly so for this we can provide more opinions to spring boot so like many things I told you whenever you want to add more to application you can add a starter if you want to customize things you can do things in your application properties or you can express more opinions and even leverage the existing infrastructure in spring boots because in many places we provide customizers or ways to extend the existing infrastructure we provide for you so we've seen that for example for the application properties we can reuse the same stuff we're using internally so here I'd like to have a github health indicator and that health indicator just has to implement the health indicator interface that we've got in in spring boots and have that as a compliment so if you implement that method we need basically are a good client and to send some requests and see if the if the results is looks right so for that I can inject a get up client that already have and I can use it so I can try to fetch some events for spring boots that'll be spring projects for the org spring projects in spring boots get that as a response and if I go if that response if the status status is 200 something then I'm happy and I return health up otherwise I can return health down with you can add details and stuff no problem and in that case if I can't even connect I'll get an IO exception from that previous call so I can catch that and say if you have have an exception because I can't connect or something I can just return health down and this time provide an exception I can add that exception it'll be provided inside the response so here it will make that call and we can see that we get a new a new detail object in our in our array and we've got to get up so with the status up and we could add more details like this so we could add like the time it took to respond or things like this if it's if we feel it's it's useful so now it's time it's time to build the actual UI so for this I'll use fine leaf any few libraries that'll be the starter family and if you were jars so if you don't know that if you add web jars to your application so those are CSS and JavaScript libraries publish to maven central under the what jars projects so if you add those directly Springwood will configure those and serve jobs serve those directly aesthetics and static resources in your application so if I'd add them now i've got a web application with time leaf and i can create a templates folder and add my dashboard template that i prepared previously so dashboard so the dashboard is is a time life time finally template where you can see that i'm using the web jars that that i'm prepared and that i have a template listing the projects and and the events going on so we can do that in our even controller and add that new endpoint so with that endpoint we need a to map that on the routes and call it dashboard so several things we want to get all the projects we've got in our database fetch all the events from github for each of those and then we want to return that in the model before rendering the dashboard so we want we know we want to render that dashboard entry template one add things to the model and then we can start start things so here we can use the repository and get all get all the projects and now for each project we'd like to send a request to get up and fetch things as they as a list so because i want to get those as a list i'll add a new and i'll add a new method here and you'll see why a bit later so instead of getting their full response entity i'd like to have a list a lists of response here fetch events list and same thing or name repo name and this time I want to get the array fetch evens and ordinary per name get body no no that's so I want to fetch the events here and get the body here directly okay so I'll use that one in my controller so I can because this this is a an iterable I want to use the stream support and stream the project's directly with its splitter Raider so for each project I want to map I want to do that as well in parallel so I want to map and for each project I want to return a some object that is a dashboard entry so dashboard entry I don't have that yet I've prepared that so it's here so a dashboard entry is basically it's basically one thing that contains two projects in the associated events so for each project will return state a a new dashboard entry with the project and the fetch even lists for the project the org with its org and the repo knee so we want to collect that to a list and have that as a local variable with all the entries right away so we can add that to our model we can add entries to our model and that's it so we can take a look at our basic dashboard it's available yeah so we've got our dashboard with all the entries and all the queries that we did so here for spring boots we've got some entries for initializer and for Sagan so we've got the basic stuff running for our for our application with time leaf and and all the entries demonstrated but let's say that I want to something here like this so we saw that we already have that has a default error page so Springwood provides not only that default error handling in your application but it also provides you a way to provide nice error pages in case you're building an application like this so here let's say that I've got that for Ford and I'm not really happy with and I can add a new template under an error folder and I can say all the 4-xx errors should be rendered as templates here so I prepare the templates a real template and instead of seeing that a different error page you can have anything you want so as you can see because it was a for for this is dynamic so this is a real template so here in my template I'm using variables that are provided by spring boot for every error page so here we've got the the default error page for our application but we're still missing something with our application because I've said that get a token but we know that it's there we know it's configured we know it's being used because probably the application with a failed already but at one point one specific point we don't know where we are if we have still a lot of queries or if we are almost very close to the limit so with actuator we've got something called metrics and we've got already quite a few metrics provided for you so this is new in spring Butera though previously we had metrics built into spring boots and we tried to to be compatible with several ways of collecting metrics and and displaying them but here we're there's a new project in the spring family or related to the spring family it's called micro meter there is a talk about this tomorrow or the day after I don't remember if you're into metrics I definitely encourage you to see that one because previously the metrics were quite uni dimensional you have just one metric and for any given metric you you could see only one way to to see the data and here it's much more powerful so let's say we've got here something about our HCP client requests or let's say the server requests so we would like to know more here about the server requests you can see that I have five five requests that in that we had four we had gets we had a four for the four four was not found and let's say that even sweeper name you see that it wasn't those were counted again against the specific routes and here we'd like to have a metric but for our own stuff for a github our github API so for that you can just like a health indicator you can leverage the existing the existing infrastructure and we use that to provide that information so in how you know our getup client we know that we're getting that information back whenever we send a request we'd get that information of the remaining calls in as a header in our applique HTTP in the HTTP response so to show you that then so if we make a call and we don't have anything set up let's say I want information being and I just want to display the headers here we're getting here the information about the the response and here you can see that we get the right limit remaining 46 so because I don't have a specific token I've got 60 per hour and I get only 46 left so I'd like to get that information and display that as a metric so I can keep track of that in my application and to see if something wrong is going wrong so just like the same the previous one were building an interceptor and that interceptor is doing two things it's using something called the meter rich registry which is new which is which belongs to a micrometer and we use that to create a new meter which is a gauge we'll call it get up rate limit remaining and we'll create a new atomic integer for this and this will be the value that keeps track of the remaining calls so whenever we get a new request we're in our interceptor we execute that request get the response back return it but before we return it we used the value we get from the rate limit remaining header and we'll set that metric directly so here by default we get zero but I could go you could do 60 for example me for 60 per hour so now that that I've gotten that in interceptor which is not super hard to write I can ask to be injected with the meter registry and add another interceptor to my client registry and have my clients working with this so here let's say I want to send a few requests to get that information spring boots that's hard yeah so here I'll get a new getup rate limit remaining metric if I look at that it's 45 because I haven't set a specific a specific token but I've prepared a different configuration where I've said a token in as an environment variable so if I restore my application good if I send another requests and if I even go on my dashboard which should send like three or more requests actually and if I look this here you can see much more and if that one will go get back or not it'll should be less or Wi-Fi slow okay so you get that value as a metric so it's much more comfortable because you know at any point you know where you are at that limiting you can collect that and have that into a specific back-end as a metric for your application so and what one thing that we can take a look at as well for for changes is the the new security defaults and the new way we deal with with security so previously if you had security we had a lot of opinion but it was quite hard to express your own and to into our own your own opinion into the mix so here let's say I want to have a landing page and that admin page I've prepared so this so that ending page here it's called admin no it doesn't exist because I didn't create that in my controller so is it yeah so here in my controller I can create a simple get mapping on slash admin and I want to have a default view and I want to add a few things here for example my projects so here I know that I want to use the amine view and I want to add the projects all the projects to my model so here I've got my basic admin page where you can add and delete and do things about my own projects but I don't want I definitely don't want this to be public I'd like this to be secured and properly set in properly secure in my application so for that I can add a new starter which is starter security and restart my application so whenever you do that you express an opinion which is I'd like to secure things in my opinion in my application so if we if you do that by default we can we not only configure the default user which which is called user with a with a default password that you can change so that's the basic stuff working for you but we also secure things by default secure everything so that's still the default and in spring boots but this time we add more things to help you express your own opinion about security and I'll do that quite quickly so let's say I want to add a security configuration or a web security configuration and so it's a configure configuration class and that is using the web security adapter of spring security and so this is basically hands-on this is what you'd expect with with raw spring security but here we help you a lot to configure to configure this so here I want to add my user details so here I created a user called user with this password password role user another one admin with more roles an actor the actuator role and admin in a user role so here you can override things configure the HTTP security so with HTTP you can you can you can say that you want to authorize requests for for example the endpoint requests to any endpoints so here this is something new in spring Mutulu so instead of saying I'd like to to make those actuator endpoints public and those protected and you don't necessarily know the the paths and depending on what things are how things are secured so here you can do things yourself so let's say I want to secure I want to know that I don't know yeah health or just info for example I just want to have info as public and I want only others to require the role actuator cool and same thing and I want to have the static all the static resources so all the common locations that are I show you the static resources in boot including if you change the property so I want that to be allowed to everyone and you can do more things like and mathematical etc etc and I would say everything else is allowed and I want HTTP basic for everything so this time if I go back here I'll go and I'll get a 4/4 here I still get my dashboard but if I go to slash admin I'll get a HTTP basic authentication and here that was admin admin so if I go admin admin I know that I'll get access to to the right page so I've got the security configuration runnin with my opinion and everything that was required for this so one last thing that I wanted to show you as well is new as well as in HTTP - in this in spring boot - it's a HTTP to support so let's say until now what you could do with with your Springvale application is configure SSL so that's what we'll do I've got a ski store ready so this is where you store your your certificate and TLS certificate so if you if you add that to your resources in your application you've got a key store available here in your application you can configure TLS in your application quite easily so let's say first I want to have that on poor ports 8 for ya here ok and then I'd like to have more things so let's say the key store is located in my class path and it's called key store like this what does it think I'm something else Elaine okay and then server the key password then so I've set a key stored password and a keys password and the keystore password is password and the server the key password is secrets so if I do that I can go to local hosts here and I've got my application using HTTP so quite simple one thing that I did that you probably didn't see is that a locally installed native library which is a tomcat native so Tomcat native is quite useful if you want to add a native support for open SSL and and and have a super efficient SSL SSL infrastructure for serving TLS and TLS requests so I've got that and if you have that it you you have HTTP support possible with with JDK 8 + + and Tomcat 8 5 + + so if I just have that and configured as a as a library for my application then I can go server CP 2 enabled let me show you something first so you don't believe me here so here it's HTTP 1 1 and if I just mark it as enabled my application should we start and you shouldn't refresh the whole thing and here I'm on I'm using HTTP 2 right away so you should know that you can use that with Tomcat 8 5 with native support or Tomcat 9 + j TK 9 because JDK 9 in subcat night support the have the the right TLS support for HTTP 2 or you can just use undertone for any versions of JDK 8 9 and what not known a native required and with the next version of spring boot we should also add jetty support with HP - with also a native library so you know that you don't need to do strange things with the with the with the JVM or with an agent or something else you can have that out-of-the-box and quite easily set up with your application so I had a few more things but it's quite all of this yeah that that'll be all so I hope you have you liked everything here here's the code again so you can take a look at the repository everything you'll have all the steps described with each commit and you'll see all the changes so you can take a look and that'll be it don't hesitate to reach out to me on Twitter or right now and if you're interested in a bit more of this then there was the the what's new in spring with today though this morning but it's recorded and I encourage you to take a look at micrometer as well if you're interested in metrics and there'll be a another presentation about spring buta dalawa stefan and i tomorrow if you've got questions ok thank you you

Info

Channel: SpringDeveloper

Views: 177,303

Rating: undefined out of 5

Keywords: Web Development (Interest), spring, pivotal, Web Application (Industry) Web Application Framework (Software Genre), Java (Programming Language), Spring Framework, Software Developer (Project Role), Java (Software), Weblogic, IBM WebSphere Application Server (Software), IBM WebSphere (Software), WildFly (Software), JBoss (Venture Funded Company), cloud foundry, spring boot, microservice, microservices, microservice architecture, tomcat, jetty, undertow, liberty

Id: aA4tfBGY6jY

Channel Id: undefined

Length: 69min 18sec (4158 seconds)

Published: Thu Dec 14 2017