924 matches found
Spring AI - Structured Output
UPDATE: 04.06.2024 Adde snippets for using structured output with the new, fluent ChatClient API . UPDATE: 17.05.2024 Generic Types support for BeanOutputConverter added. Science works with chunks and bits and pieces of things with the continuity presumed, and Art works only with the continuities...
A Bootiful Podcast: Spring Boot cofounders Phil Webb and Dr. David Syer on the occasion of the 10th Anniversary of Spring Boot 1.0
Hi, Spring fans! In this installment I talk to cofounders Phil Webb and Dr. David Syer, on the occassion of the 10th Anniversary of Spring Boot...
Spring Tips: Vector Databases with Spring AI
Hi, Spring fans! In this installment, we look at the amazing support for vector databases in Spring AI...
This Week in Spring - May 7th, 2024
Hi, Spring fans! Welcome to another amazing installment of This Week in Spring! I'm in bellisima Rome, Italy, where I've just spent time in some fun meetings, and now I'm off to lovely London, UK, for Devoxx UK 2024. It's going to be amazing. If you're there, don't hesitate to say hi! I've got to...
A Bootiful Podcast: Carl Azoury, Zenika founder and CEO
Hi, Spring fans! In this installment I talk to Zenika founder and CEO Carl Azoury, and friend to the community and a part of the Spring story for decades...
Spring Tips: Beans, Beans: What's in a Spring bean?
Hi, Spring fans! In this installment we explore the essential Spring bean. What are they, how are they created, and what do they mean to you?...
Spring Tips: Spring Cloud Gateway for Spring MVC
Hi, Spring fans! In this installment, we revisit Spring Cloud Gateway, this time to look at the fantastic new support for Spring MVC, made all the more amazing by Java 21's virtual threads...
This Week in Spring - April 30th, 2024
Welcome to yet another amazing installment of This Week in Spring! As usual, we've got a ton of stuff to get into, so let's dive right into it! Chris Bono announces the new versions of Spring Functions Catalog and Spring Cloud Streams Applications In last week's installment of A Bootiful Podcast,...
A Bootiful Podcast: Daniel Garnier-Moiroux on Passkeys and Spring Security
Hi, Spring fans! In this installment, I talk to my friend and colleague Daniel Garnier-Moiroux about the amazing awesome implications of passkeys in a Spring Security application...
This Week in Spring - Tuesday, April 23rd, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! We've had a really busy, wonderful week, as always, so let's dive right into it! We want you! ...to submit a talk to SpringOne 2024, in sunny Las Vegas! Hurry, the CFP closes May 3rd! Spring Shell 3.1.11, 3.2.4, and 3.3.0-m1...
Spring AI - Multimodality - Orbis Sensualium Pictus
Humans process knowledge, simultaneously across multiple modes of data inputs. The way we learn, our experiences are all multimodal. We don't have just vision, just audio and just text. These foundational principles of learning were articulated by the father of modern education John Amos Comenius...
A Bootiful Podcast: Spring founders Rod Johnson and Juergen Hoeller on the 20th Anniversary of Spring Framework 1.0
Hi, Spring fans! In this episode, more than 20 incredible years in the making, Spring founders Rod Johnson @springrod and Juergen Hoeller @springjuergen discuss Spring since its 1.0 release in 2004...
Spring Tips: GRPC
Hi, Spring fans! In this installment, we look at how to create GRPC-based services with Spring Boot...
This Week in Spring - April 16th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm writing this from beautiful Paris, France, ahead of the amazing Devoxx France event. I've come to almost all of these events over the years. It's hard to believe it's been more than a decade since the show was first...
Spring Framework 6.2.0-M1: Overriding Beans in Tests
Spring Framework 6.2.0-M1 has been released, including changes that resolve more than one hundred issues. Among those are a range of new features in Spring's testing support. In this post, I’d like to walk you through one of these new testing features: Bean Overriding support. The previous state ...
A Bootiful Podcast: Marit van Dijk, Jetbrains Developer Advocate
Jetbrains Developer Advocate Marit van Dijk on reading code, IntelliJ IDEA, and more...
Spring Framework URL Parsing with Host Validation (3rd report)
Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect attack or to a SSRF attack if the URL is used after passing validation checks. This is the...
Spring Framework 6.2.0-M1: all the little things
The Spring Framework team has been busy reviewing the issue tracker in anger and reducing the number of opened issues. This was long overdue, with a number of issues being invalid or superseded in the meantime. This helped the team focusing on a more manageable amount of issues and we used the...
Spring Tips: the Spring Expression Language
Hi, Spring fans! In this installment, I look at the excellent Spring Expression Language, an embedded language for resolving simple expressions that is built right into the Spring Framework...
This Week in Spring - April 9th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm in Las Vegas, NV, at the moment, preparing for my part in the huuuuuge Google Cloud Next keynote. I'm so excited! And then it's off to the amazing and glorious Devnexus event! If you're at either event, please say Hi!. Fu...
A Bootiful Podcast: Netflix’s Paul Bakker and Kavitha Srinivasan on scaling Spring Boot and Spring GraphQL
Hi, Spring fans! In this installment, I'm thrilled to be joined by Netflix's Paul Bakker and Kavitha Srinivasan, who explain how they're integrating and evolving Spring for GraphQL in their own GraphQL stack and how they're managing, growing, and evolving thousands of services written in Spring B...
This Week in Spring - April 2nd, 2024
Welcome, welcome, welcome, to another installment of This Week in Spring! You know, we've come a long way since you and I last spoke. It's April already! A new month! How bizarre. And, with the dawning of a new month, we're also more than 25% through this year! I sure hope you're paying attention...
Spring Tips: Hello, Java 22!
Hi, Spring fana! In this installment, I look at the amazing, just-released, Java 22!...
A Bootiful Podcast: Joseph Ottinger and Andrew Lombardi on "Beginning Spring 6"
Hi, Spring fans! In this episode I'm joined by Java luminaries and Apress' Beginning Spring 6 authors Joseph Ottinger and Andrew Lombardi...
This Week in Spring - March 26th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! Sam Brannen shares some good news: a null-safe Index operator for the Spring Expression Language SpEL is coming to Spring Framework 6.2! This is interesting, and a nice application of AI do I even need to spell out "artificia...
Reflectionless Templates With Spring
A few Java libraries have shown up recently that use text templates, but compile to Java classes at build time. They can thus claim to some extent to be "reflection free". Together with potential benefits of runtime performance, they promise to be easy to use and integrate with GraalVM native ima...
A Bootiful Podcast: Stuart Marks (aka ”Dr. Deprecator”) on Java, its amazing features, and more
Hi, Spring fans! Happy one-day-belated Java 22 release day to those who celebrate! To ring in the new release, we've got an extra special and incredible discussion with a Java legend - somebody who's been involved in the Java community and work for decades - Stuart Marks, or "Dr. Deprecator," as...
Spring Tips: the Exposed ORM for Kotlin
Hi, Spring fans! In this installment we look at the Exposed Object Relational Mapper framework for Kotlin. Kotlin Java JDBC springboot...
Hello, Java 22!
update I've since published a Spring Tips video on this very topic! If you'd prefer, you could watch that instead. Hi, Spring fans! Happy Java 22 release day, to those who celebrate! Did you get the bits already? Go, go, go! Java 22 is a significant improvement that I think is a worthy upgrade fo...
PKCE Downgrade in Spring Authorization Server
Spring Authorization Server versions 1.0.0 - 1.0.5, 1.1.0 - 1.1.5, 1.2.0 - 1.2.2 and older unsupported versions are susceptible to a PKCE Downgrade Attack for Confidential Clients. Specifically, an application is vulnerable when a Confidential Client uses PKCE for the Authorization Code Grant. An...
Token Exchange support in Spring Security 6.3.0-M3
I'm excited to share that the there will be support for the OAuth 2.0 Token Exchange Grant RFC 8693 in Spring Security 6.3, which is available for preview now in the latest milestone 6.3.0-M3. This support provides the ability to use Token Exchange with OAuth2 Client. Similarly, server-side suppo...
This Week in Spring - March 19th, 2024
Hi, Spring fans! And happy Java 22 release day to those who celebrate! I just put out a huge blog detailing many of the exciting new features in Java 22. Check it out! As usual, we've got a packed roundup to get through this week so let's dive right into it! the Spring Authorization Server 1.3.0-...
Possible Broken Access Control in Spring Security With Direct Use of AuthenticatedVoter
In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, versions 6.2.x prior to 6.2.3, an application is possible vulnerable to broken access control when it directly uses the AuthenticatedVotervote passing a null...
Spring Boot Testjars founder Rob Winch
Hi, Spring fans! In this week's installment we talk Rob Winch, lead of Spring Security and founder of the exciting new project Spring Boot Testjars...
Hypermedia and Browser Enhancement
Front end development these days is dominated by large JavaScript client side frameworks. There are plenty of good reasons for that, but it can be very inefficient for many use cases, and the framework engineering has become extremely complex. In this article, I want to explore a different...
Spring Framework URL Parsing with Host Validation (2nd report)
Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect attack or to a SSRF attack if the URL is used after passing validation checks. This is the...
Spring Tips: Spring Batch Remote Partitioning, your easy button for data scale!
Hi, Spring fans! In this installment, Spring Developer Advocate Josh Long looks at how to use Spring Batch's remote partitioning support to easy-button your data processing scale out strategies. postgresql ai datascience data springboot java java21...
This Week in Spring - March 12th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! And what a week it's going to be! Do this first: we need your help! Please answer some questions in our State of Spring survey! Join me for a look at the latest-and-greatest, chronicling how I got started with Spring Boot in...
Bootiful Spring Boot in 2024 (part 1)
NB: the code is here on my Github account: github.com/joshlong/bootiful-spring-boot-2024-blog. Hi, Spring fans! I'm Josh Long, and I work on the Spring team. I'm excited to be keynoting and giving a talk at Microsoft's JDConf this year. I'm a Kotlin GDE and a Java Champion, and I'm of the opinion...
A Bootiful Podcast: Cristian Schuszter on CERN
Hi, Spring fans! In this installment I talk to Cristian Schuszter, a software engineer at CERN. This episode was recorded live at VOXXED DAYS CERN!. Don't forget to help us out with the State of Spring Survey...
Function Calling in Java and Spring AI using the latest Mistral AI API
UPDATE: As of March 13, 2024, Mistral AI has integrated support for parallel function calling into their large model, a feature that was absent at the time of this blog's initial publication. Mistral AI, a leading developer of open-source large language models, unveiled the addition of Function...
Spring Tips: the Spring Authorization Server: durability of data
Hi, Spring fans! In this installment, we continue our look at the venerable Spring Authorization Server, this time looking at how to configure persistence and durability for various aspects of the system...
This Week in Spring - March 5th, 2024
Hi, Spring fans! Welcome to another exciting roundup of This Week in Spring! I expect many of you are reading this for the first time, especially with Facebook and Instagram being down. People have been exploring all the other lesser-known corners of the web, looking for their daily "doom scroll....
A Bootiful Podcast: Roni Dover on Digma AI
Hi, Spring fans! In this installment we talk to Digma AI founder Roni Dover...
This Week in Spring - February 27th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring wherein we explore the latest-and-greatest in the wonderful world of Springdom. This week's going to be a very good one, so let's dive right into it! good news everyone! Spring Boot's been updated! 3.3.0-M2, 3.2.3, and 3.1.9 a...
Spring Tips: the Spring Authorization Server: securing SPAs and messaging flows
hi, Spring fans! In this installment, we continue our look at the venerable Spring Authorization Server, this time looking at how to extend its use beyond just HTTP APIs, to secure single page applications and messaging flows with OAuth...
A Bootiful Podcast: Timefold Solver AI lead Geoffrey De Smet
Hi, Spring fans! In this installment, I talk to Timefold Solver AI lead Geoffrey De Smet about the amazing new integrations for Spring Boot developers...
Spring Framework URL Parsing with Host Validation
Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect attack or to a SSRF attack if the URL is used after passing validation checks...
This Week in Spring - February 20th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you this fine 20th of February, 2024? I'm doing alright on this rainy 20th of Feburary here in San Francisco, and I hope you are too! We've got a ton of things to get into this week so let's dive right into it! Have y...
Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated
In Spring Security, versions 6.1.x prior to 6.1.7 and versions 6.2.x prior to 6.2.2, an application is vulnerable to broken access control when it directly uses the AuthenticationTrustResolver.isFullyAuthenticatedAuthentication method. Specifically, an application is vulnerable if: An application...