Spring
The Spring Framework is an open-source application framework for the Java platform, often simply called Spring
- Follows the Spring’s main philosophies
- The de facto standard development framework in the Java ecosystem, widely used in practice.
Spring Data
Spring
A project that provides a consistent programming model and an abstracted approach for various data stores (RDBMS, NoSQL, search engines, etc.)
- Significantly enhances the productivity and consistency of data access logic by automating complex DAO (Repository) implementations
- SQL vs NoSQL
- Collection of sub-projects
- Key features
- Automatic CRUD Code Generation: Automatically implements query methods based on method names.
- Standardization of Common Interfaces: Development based on extending common interfaces like
CrudRepositoryandJpaRepository. - Data Store Independence: Allows changing data stores with minimal code modification.
- Built-in Various Auxiliary Features: Includes pagination, sorting, dynamic queries, and Auditing.
Spring Security
Spring
A security framework responsible for Authentication and Authorization in Spring-based applications
- Key features
- Provides a Separate Structure for Authentication/Authorization:
- Authentication: Handles login, session management, and tokens.
- Authorization: Manages permission checks and access control.
- Supports various authentication methods: Includes session-based, token-based (JWT), OAuth2, and more.
- Filter Chain-based Security Processing: Applies centralized security to all requests via Servlet Filters.
- Declarative Method Security Features: Utilizes annotations like
@Secured,@PreAuthorize,@PostAuthorize. - Security Vulnerability Countermeasures: Includes built-in defense features against web vulnerabilities such as CSRF, XSS, Session Fixation, and Clickjacking.
- Provides a Separate Structure for Authentication/Authorization:
Spring Cloud
Spring
Provides integrated support for infrastructure components specifically designed for cloud-native applications, particularly those built with a Microservices Architecture (MSA).
- Helps devs easily configure frequently required patterns in complex distributed systems, such as configuration servers, service discovery, load balancing, and API gateways.
- Key features
- Config Server: Centralized management of service configuration files from external sources like Git.
- Service Discovery (Eureka): Enables services to dynamically register, find, and connect with each other.
- API Gateway (Spring Cloud Gateway): Routes and filters external requests, handling common processes like authentication, logging, and rate limiting.
- Logging/Monitoring: Supports distributed tracing with Sleuth + Zipkin.
- Resilience Pattern Support: Provides features like Circuit Breaker (Resilience4j, Hystrix), Retry, and Rate Limiting.
- Practical Application Points
- Enables easy configuration of automation, scalability, and fault tolerance in production environments.
- Standardizes connection, security, and monitoring among Spring Boot-based microservices.
- Can be flexibly applied across various cloud platforms such as AWS services, GCP, and Azure.
Connecting Projects
Tip
- Each Spring project can be used independently, yet they are designed to be organically connected, all leveraging the Spring Framework as their common foundation.
- This allows for flexible system design by combining them freely to meet diverse architectural and requirement needs.
Power synergies
- Spring Boot + Spring Data: Minimizes configuration + Automates Repository implementation → Rapid development of data-centric APIs.
- Spring Boot + Spring Security: Quickly configures authentication/authorization logic, and builds OAuth2 or JWT-based authentication systems.
- Spring Boot + Spring Cloud: Configures infrastructure patterns (Config Server, Gateway, Discovery, etc.) essential for microservices environments.
- Spring Boot + Spring AOP: Separates common logic (logging, transactions, etc.) from core logic to achieve a clean architecture.
- Spring MVC + Spring Security + Spring Data JPA: Forms the standard structure for traditional CRUD-based web/REST services.