SpringOne 2008 - Inside SpringSource Application Platform by Rob Harrop

The S2AP builds on OSGI and enriches it with a lot of functionality: e.g. combining relating bundles in libraries.

See SpringSource for details.

SpringOne 2008 - What's new in Spring MVC 2.5 and beyond by Keith Donald

@MVC (=Spring MVC 2.5)
The @Controller is now the recommended way to build a controller in Spring-MVC. It allows any pojo to act as a MultiActionController, but without the need to extend any class. In a @Controller class you can group all logical actions together. The classes with the @Controller are found automatically through classpath scanning.

The @Controller maximally relies on naming-conventions for your classes and methods to intercept URL-patterns (e.g. "Hotels.index()" is accessible through "/hotels/index"). Of course, this is customizable. All action methods have plain java types, but can also, if needed, ask for special parameters like Request, Response,... etc. @MVC detects those parameter types and injects them automatically.

If the action-methods return a String, then this is assumed to be the view-identifier. If it's a non-string, the returned object is then made available for the view. The modelobject is named by using generics: e.g. List<hotel> will be called 'hotelList' in the view.

Spring JS

• enhance or decorate existing elements
• render subfragments --> uses Apache Tiles for composition
• use dojo query() to decorate multiple elements on a page.
  

WebFlow 2 (+ 'Deep Dive' session)

• lighter, more consise syntax: e.g. first state is start-state by default.
  
• Ajax enabled through: ViewScope
• extensive Expression Language use
• abstract flows that can be extended
• better JSF support
• (new) best practice: put flow with associated template (e.g. jsp), messages and resources and in same directory --> relies on simpler defaults
• Spring Security
  

WebFlow 3
Will add a site-definition language to mix non-webflow pages with webflows.

SpringOne 2008 - Using Spring Web Services 1.5 by Arjen Poutsma

Contract-first is considered best practice for designing a WebService:

1. create a sample xml message
2. generate the xsd based on the xml: use trang or XmlSpy
3. tweak the xsd
   

Define your Spring-WS endpoints as a POJO with @EndPoint:

• input message
• start a business service
  
• result message

Let Spring generate the WSDL-boilerplate around your existing xsd and @Endpoints. For the xml parsing/generation, you can use SAX, DOM or Trax or use a more advanced (un)marshaller with the Spring OXM module: e.g. Jaxb2 or XmlBeans.

For testing your WS, use soapUI.

Other Spring WS features are:

• pluggable interceptors: logging, optional validating,...
• client WS: WebServiceTemplate
• WS over JMS or SMTP
  
• OSGI Bundles
• WS Security (see ws.apache.org/wss4j/)
• WS-Addressing
  

SpringOne 2008 - Keynote 2 by Adrian Colyer and Rob Harrop

Spring Dynamic Modules (formerly called Spring OSGI) extensively builds on OSGI.

• Bundles can be loaded/replaced dynamically at runtime
• multiple versions of bundles can coexist
  
• with the import-library extension, you can import a collection of bundles
• most common OSGI bundles are available at http://springsource.com/repository
• it provides IDE integration through Spring IDE

The SpringSource Application Platform builds further on the Dynamic Modules concept.
Through 'personalities', the platform only loads what you really need:

• batch: no web / servlet api needed; only jar
  
• online: servlet api , but perhaps no JMS etc...

--> startup time / footprint is minimized.

SpringOne 2008 - Decorating Web Pages with AJAX using Spring JavaScript by Jeremy Grelle

Spring JS provides a javascript layer above Dojo. The Dojo javascript files are provided by Spring JS in a gzipped format. The dojo-integration is pluggable and will be enhanced with other javascript tool sets (e.g. jQuery).

The basic idea is to start from a fully-functional 'classical' webapp and progressively enhance the application with AJAX. But: even with javascript disabled, the page must remain functional, degrading back to it's basic behavior - really interesting, since I'm a big noscript fan :-). The Ajax page-elements are defined with Apache Tiles and served as a whole or through fragments depending on the request-type. WebFlow support serving separate 'fragments' in one state to allow for example pagination without page-refresh.

Spring JS also provides a basic CSS from Mike Stenhouse that provides a good basic look and feel that can be easily overridden.

The Spring JS provides a JavaScript syntax to enhance existing page elements with e.g. client-side validation, tool tips or partial page-refreshes. Again, the idea is that even without Javascript, the page is still OK.

SpringOne 2008 - Spring Transaction choices for Performance by Jürgen Höller

Tune with the @Transactional annotation:

• propagation: "requires", "requires-new" or, the spring-specific, "nested" (=uses save points)
  
• isolation level: default: read committed
  
• set the readonly flag --> hint for runtime optimization.

Prefer native JDBC transactions over XA transactions:

• XA is difficult to setup

run a transaction coordinator

XA JDBC driver


XA Message Broker

put the XA recovery log to a reliable log storage

• XA has a significant run time overhead

two phase commit

state tracking

recovery

on restart: complete pending commits/rollbacks --> read the "reliable recovery log"

Check if you really need XA! Prefer the use of a native transaction or combine two native transaction, with some small extra safety provisions. E. g. Usually the "exactly once" guarantee of an XA JMS can be relaxed --> use a native JMS transaction and detect duplicate messages. --> much higher throughput.

SpringOne 2008 - Using Spring Security 2 by Mike Wiesner

What?

• formerly Acegi security -- Acegi is an abbreviation for AbCdEfGhI :-)
  
• Authentication: URL (coarsegrained) or method (finegrained) authentication
• ACL
• LDAP support
• SSO

How?

• pluggable filters (through 1 delegating servletfilter); config in security.xml.
  Eg: LDAP, JAAS, OpenID plugins
• repository for storing (e.g.) additional user details
  --> implemented in e.g. JDBC or LDAP
  --> combine multiple data sources
  
• SecurityInterceptor (AOP) for method-based security
• @RolesAllowed annotation (JSR-250)

gotcha: The RBAC pattern decouples users from permissions through roles: users >-<roles>-< permissions! Test on permissions and let the repository associate your user with the correct permissions through the assigned roles. Never test on roles in your code.

Spring security also provides a authz-taglib for querying security-permissions while building a web page. This is helpful, but you still have to secure the basic URLs and methods.

SpringOne 2008 - Persistence Tuning for the Spring Environments by Tomas Risberg

a few best practices:

• get your DBA involved early
• take time to design your db: tables, indexes, data types, normalize, partition,... all have impact on the performance
  
• consider batch vs online. (consider native db-tools for loading)
  
• limit the number of rows / columns per table -> normalize
• avoid nulls in where clause (nulls are not indexed!)
• avoid starting with a wildcard in "like '%xyz'" tests (not indexed)
• select the proper transaction manager: JTA and XA is the slowest solution --> prefer plain JMS and native JDBC transactions
  
• avoid 'SERIALIZABLE' transaction isolation
• use the readonly-flag (JDBC) whenever possible.
• use a proper connection pool: Apache DBCP or Oracle Datasource Connection Pool (never use the 'standard' DriverManagerDatasource!)
• early test your connections at startup: JDBC 4: isValid() or "select 1 from dual;"
• use prepared statements --> optimized by db
• setFetchSize()
• use a RowMapper of BatchJdbcTemplate
• caching
• sql tuning: run EXPLAIN and ANALYZE commands
• tune Oracle memory: SGA (=global + sessions) and disk (blocks/files); put logs on separate volume
  

SpringOne 2008 - Spring 2.5 on the way to 3.0 by Jürgen Höller

Part of this talk overlapped with Rod's talk, but Jürgen could go in more detail.

Spring is aligning itself with modern standards / APIs:

• JDK1.6 support: e.g. JDBC 1.4, with better LOB handling
• support for JMX and MXBeans
• AspectJ loadtime-weaving --> avoids proxy pitfalls; support "new" operator
  
• JEE5: Servlet API 2.5 & JAX-WS

"Self-describing classes" with annotations, removing config. As a general rule, annotations should be descriptive; even if a compiler ignores them (e.g. in tests), they should add documentation to the class:

• JSR 250 @PostConstruct & @PreDestroy: quick wins: explicit initializers
• JSR250 @Resource on steroids: standard is JNDI-only, but spring also resolves spring-bean names.
• @Autowired (& @Qualifier for more specific rules): elegant way to minimize xml-config, while keeping fine grained control over the DI. It's not an all-or-nothing: mix&match between xml and @autowired makes sense.
• autodetectable components with: @Component. Without declaring a bean, the component automatically becomes available in the spring context.
• @Configurable (AspectJ) --> use regular new operator and benefit from Spring config! (load-time weaving)
• "@MVC": No need to extend a MultiActionController anymore: with @Controller and @RequestMapping, the multi-action controller is now the recommended MVC-way, using simple POJOs. It relies extensively on standard naming of classes and methods to interpret URL paths. But, of course, this can be tweaked to the extreme. Even method-parameter names can be used for auto-passing request params if you built your classes with debug-info enabled. Gr8!
• decide what you prefer: 'externalized' xml config complemented with annotations or fully annotated components with embedded config. As usual Spring doesn't impose one view. The xml-config can, for example, be interesting for a service layer, while the MVC-layer could prefer the annotations.

Spring 3.0

• Milestone 1: 8/2008 ???
• Java5+: generics & varargs;
• extensive use of Expression Language (cfr WebFlow)
• remove deprecate stuff like commons attributes
• WebSpere 6.1
• Rest support

SpringOne 2008 - Keynote by Rod Johnson

Spring 2.5

• With the new @autowired annotation (+ @qualifier) , auto wiring is now finally usable in real systems. This can help reducing the configuration-overhead to a minimum while keeping maximal control over your code. Looks really great - if you can use Java 5.
• JSR-250 support: Rod is less enthusiastic about the @Resource, but the @PostConstruct and @Predestroy annotations are highly recommended --> no need to explicitly set the init-method in your spring configs anymore.

Testing

• favor JUnit 4.4 or TestNG --> simple annotations; no need for the abstract testing hierarchies.

Spring WebMVC & WebFlow

• less configuration, more sensible defaults.
• annotations instead of extending MultiActionController --> controllers are less tied to Spring MVC
• better integration with JSF (Spring Faces)

Ajax support

• support for 'fragments' in a view state: with Apache Tiles all fragments are rendered as a whole (=classic refresh) or individually, triggered by Ajax events
• introduction of a new ViewScope in WebFlow: objects in view-scope survive as long as you remain in the same state, surviving multiple Ajax requests.
• Spring JavaScript is a new project that builds on Dojo to provide Ajax support. The accent is on 'clean degradation', where your webapp is fully functional, even with JavaScript turned off.

SpringSource products

• the SpringSource platform builds on OSGI to provide a highly modular framework. Very interesting ideas, but maybe a bit too revolutionary?
• SpringIDE is now bundled in the Spring Tool Suite. This is an Eclipse distribution that comes with all plugins needed for Spring development embedded. One of the plugins is Mylin for 'task-based' development. The idea is to deliver a development environment that just works out of the box.

SpringOne 2008 - Welcome by Stephan Janssen

I attended the SpringOne 2008 conference in Antwerp, Belgium. As a professional Java EE designer and developer, the Spring framework brings a refreshing look to enterprise java development. My interest started with these two, now classical, Rod Johnson books:

• J2EE Design and Development
• J2EE Development without EJB

In this blog I'll summarize a few highlights of the first day of the conference.

As usual, Stephan Janssen promoted his new Parleys.com, completely written in Flash Air & Flex (GWT and JavaFX versions also exist). Very impressive, especially the tools for creating online web-presentations with synced video, slides an outlines. The business model of parleys will be the 'rent-a-space'-model: any company will be able to buy some 'space' to publish their presentations, benefiting from the extensive and appealing tool set and from using the reliable systems and the huge bandwidth that parleys has. Hopefully, they'll continue to serve the podcast feeds as well.

The JavaPolis conference is now rebranded into Javoxx. This is apparently to avoid trademark issues with Sun... Sad.