Please enable JavaScript.

Coggle requires JavaScript to display documents.

Spring / Spring Boot, Metadata (XML, Java code, Annotation) - Coggle…

- - - - POJO Based => No need of EJB container, only need a robust servlet container like Tomcat
      - Modular => Use or pay attention only on what you need
      - Integration with existing framework => Use of existing frameworks like ORM, logging, JEE framework
      - Testablity => Simple test because environment-dependent code is moved and the POJO usage with DI
      - Web MVC => Well-designed than other framework
      - Central Exception handling =>API to translate exceptions into consistent and unchecked exceptions
      - Lightweight => IOC Containers more lightweight than EJB container
      - Transaction management => Consistent transaction management interface
    - - Dependency Injection (DI) : A way to inject a class A into a class B by using IoC (Inversion Of Control)
      - Aspect Oriented Programming (AOP) : Decouple cross-cutting concerns from the objects that they affect
    - - Core container
        
        Core module => Fundamental features (IOC, DI ...)
        
        Bean module => BeanFactory which is a sophisticated implement of the factory pattern
        
        Context module => Layer under Core and Bean which allows to access any object defined and configured through ApplicationContext interface
        
        SpEL module => Expression language for querying and manipulating an object graph at runtime
      - Data Access / Integration
        
        JDBC module => JDBC-abstraction layer which avoids tedious coding
        
        ORM module => Integration layers for popular ORM like JPA, JDO, Hibernate ...
        
        OXM module => Abstraction layer that supports Object/XML mapping implementations for JAXB, XMLBeans, XStream
        
        JMS (Java Messaging Service) module => Features for producing and consuming messages
        
        Transaction module => Programmatic and declarative transaction management for classes that implement special interface and POJOs
      - Web (MVC / Remoting)
        
        Web module => basic web-oriented integration features (multipart file-upload, Init of the IOC container using servlet listener and a web-oriented application context )
        
        Web-MVC module => Spring's MVC implementation
        
        Web-Socket module => support for WebSocket-based (two-way communication client-server)
        
        Web-Portlet module => MVC implementation to be used in a portlet environment
      - Miscellaneous
        
        AOP module => AOP implementation allowing method-interceptors and pointcuts
        
        Aspects module => Integration with the AOP framework AspectJ
        
        Instrumentation module => Class instrumentation support and class loader implementations used in certain app servers
        
        Messaging module => Support for STOMP as the WebSocket sub-protocol
        
        Test module => Testing of Spring components with JUnit or TestNG frameworks
  - - - The Spring container
        
        Final result
        
        Ready to use application
    - - Spring BeanFactory container => simplest container providing basic support for DI and is defined by BeanFactory interface
      - Spring ApplicationContext Container => sub layer of BeanFactory container that adds more enterprise-specific functionality such as resolving textual messages from properties file and app event publication to event listener. It's defined by ApplicationContext Interface
    - - Class => Mandatory attribut that gives the bean class
      - Name => Bean object identifier use to get it through the context
      - Scope => Scope of the object created
        
        Singleton => Single instance per Spring IoC container
        
        Prototype => Single bean definition for many instances each time request
        
        Request => HTTP request bean definition (Web-aware Context)
        
        Session => HTTP session bean (Web-aware Context)
        
        Global-session => Global HTTP session bean (Web-aware Context)
      - Contructor-arg => Inject dependencies
      - Autowiring mode => Inject dependencies mode by atowire attribute
        
        no => no autowiring, all should be defined explicitly
        
        byName => Autowire by property name with beans name identifier
        
        byType => Autowiring by property datatype and beans class
        
        constructor => Similar to byType, but type applies to call constructor arguments
        
        autodetect => Try constructor mode and bytype if it doesn't work
      - Properties => Inject dependencies
      - Lazy-initialization mode => Create a bean instance before the first request or at the startup
      - Initialization method => callback that is called after after property set up by the container
        
        Class definition => Implements InitializingBean.afterPropertiesSet
        
        XML definition => init-method property and implementation of the method
        
        Global XML definition => Default-init-method property of Beans tag and implement the method in beans'class
      - Destruction method => Callback that is called when the bean is destroyed
        
        Class definition => Implements DisposableBean.destroy
        
        XML definition => destroy-method property and implementation of the method
        
        Global XML definition => Default-destroy-method property of Beans tag and implement the method in beans'class
      - <beans>
        ..<bean id = "..." class = "..." lazy-init = "true">
        ....<property name="..." value="..." />
        ....<constructor-arg ref = "..."/>
        ....<property name="..." ref="..." />
        ....<property name="...">
        ........<bean id = "..." class="..." />
        ....</property>
        ..</bean>
        </beans>
      - :warning:
        
        A bean can implement the BeanPostProcessor interface to change the logic of instanciation, configuration, initialization and destruction of beans in IOC container.
        
        We can make a bean definition inheritance by using the parent property of the bean tag => use the parent bean definition as a template to render the child. No related to inheritance in OOP
        
        It's possible to create a Bean definition template and call it as a parent for bean definition inheritance. Same like common bean definition with the attribute abstract = "true"
        
        Autowiring can be used with explicit defination that override it. Autowiring is not very easy to read and maintain so pay attention on.
    - - Type
        
        Setter-based DI => Invoked when calling a setter methods on bean in case of no-argument constructor usage (property tag with ref attribut)
        
        Constructor-based DI => Container invokes an argument constructor with dependencies (Contructor-arg tag)
      - :warning:
        
        It's possible to use both methods, in case of mandatory dependency injection through the constructor and the setter DI for optional dependency
        
        You can define an inner bean in the property tag of the bean tag. (See example above)
      - Collection Injection
        
        List: <property name = "...">
        ....<list>
        ........<value>...</value>
        ........<ref bean="..."/>
        ....</list>
        </property>
        
        Set: <property name = "...">
        ....<set>
        ........<value>...</value>
        ........<ref bean="..."/>
        ....</set>
        </property>
        
        Map: <property name = "...">
        ....<map>
        ........<entry key=".." value="..." />
        ........<entry key=".." value-ref="..." />
        ....</map>
        </property>
        
        Properties: <property name = "...">
        ....<props>
        ........<prop key="...">...</prop>
        ........<prop key="...">...</prop>
        ....</list>
        </property>
    - - Not default and enable with the <context:annotation-config/> | @ SpringBootApplication | @ EnableAutoConfiguration
      - Annotations
        
        @ Required => bean property, setter methods to render the setter-based DI
        
        @ Autowired(required = true) => bean setter methods, non-setter methods, constructor and properties
        
        @ Qualified("identifier") => Used with @ Autowired to specify a bean in case of many bean of the same type
        
        JSR-250 Annotations
        
        @ PostConstruct => define the init-method as the bean property in XML
        
        @ PreDestroy => define the destroy-method as the bean property in XML
        
        @ Ressource => apply on property or method to wire the property or arguments byName with a bean
        
        @ Configuration => define a class as a IOC container configuration
        
        @ Bean(initMethod="...", destroyMethod="...' => apply on configuration class method to define a bean byReturnType
        
        @ Scope("...") => used with @ bean to define the scope of the bean
        
        @ Primary => define the default type in case of many beans with the same type (extend or implement)
  - - - ContextRefreshedEvent => ApplicationContext is either initialized or refreshed
      - ContextStartedEvent => AppicationContext is started
      - ContextStoppedEvent => ApplicationContext is stopped
      - ContextClosedEvent => ApplicationContext is closed or destroyed
      - RequestHandledEvent => HTTP request has been serviced (Web-aware Context)
- - - - Aspect => class that provide cross-cutting requirements
      - Joint point => App's point where can be plug-in the AOP Aspect
      - Advice => Action to be taken before or after the method execution
        
        Before => run before method execution
        
        After => run after method execution, regardless of its outcome
        
        After-returning => Run after if a method completes successfully
        
        After-throwing => Run after method throws an exception
        
        Around => Run before and after method is invoked
      - Pointcut => Set of one or more joint points where an advice should be executed
      - Introduction => Add new methods or attributes to existing classes
      - Target object => Object being advised by one or more aspects
      - Weaving => link aspects with other app types or object to create advised object (Target object)
  - - - ACID Properties
        
        Atomicity => Treated as a single unit of operation
        
        Consistency => Referential integrity of the database (unique primary key ...)
        
        Isolation => Each transaction should be isolated from others
        
        Durability => Result of successful transaction should be permanent
      - Types
        
        Local transactions are specific to a single transactional resource like a JDBC connection, whereas global transactions can span multiple transactional resources like transaction in a distributed system.
        
        Management
        
        Programmatic transaction management => Manage transaction by programming
        
        Declarative transaction management => Separate transaction management from business code by using annotation or XML)based conf
    - - JDBC is used to communicate with a DBSM
      - ORM
        
        Concepts
        
        JPA
        
        JPA is a java specification for ORM management. Hibernate, EclipseLink ... are implementations of JPA
        
        Java Persistance API that implements Repository pattern
        
        DAO
        
        Data Access Object that implements DAO pattern
        
        DAO is used to implement storage / CRUD operations and it can be used by JPA for storing datas
        
        DAO is an abstraction of data persistence. A repository (JPA) is an abstraction of a collection of objects
        
        DAO is a lower-level concept, closer to the storage systems. Repository is a higher-level concept, closer to the Domain objects
        
        Repository is on top of DAO => Repository prepare the data and the DAO stores the datas in DB
        
        Anotation
        
        @ Entity => Define a Domaine component
        
        @ Table(name="...", uniqueContraints = @ UniqueContraint... ) => Map a domaine to a table
        
        @ UniqueContraint(name="...", columnNames = "...") => Define an unique constraint
        
        @ Id => Define the primary key of a domaine
        
        @ Column(name="...", nullable= false) => Map an attribut with table column
        
        @ SequenceGenerator(name="...", sequenceName = "...", allocationSize = 1) => Create a sequence
        
        @ GeneratedValue (strategy = ..., generator ="...") => To set a sequence logic
        
        AUTO => JPA decides base on the DB's primary key generator
        
        IDENTIFY => Database decides
        
        SEQUENCE => set a sequence
        
        TABLE => Separate primary key values in another table
        
        @ Repository => Define a repository component
        
        Query method definition with key words as: By, contains, or, and, distinct ...
        
        JPQL => @ Query("select var from Domain var where var.field = ?1")
        
        Native Query => @ Query(value = "SQL Query", nativeQuery = true)
        
        Query named params => => @ Query("select var from Domain var where var.field = :param1")
        Domain methodName(@ Param("param1") String param)
        
        :warning: Pageable class object is passed to findAll to render a pagination
        
        @ Emberddable / @ Embedded => Define a subclass of a domaine / Specify that a field is an embedded class
        
        @ Modifying => Show that a query can modify data in DB
        
        @ Transactional => Put all data operations in a transaction and rollback in case of error
        
        Relations
        
        @ OneToOne | @ OneToMany | @ ManyToOne | @ ManyToMany
        
        @ JoinColumn (name ="...", referencedColumnName ="...") => To map foreign key in relation
        
        Attributes
        
        cascade => Propagate operations to child
        
        CascadeType.ALL
        
        CascadeType.PERSIST
        
        CascadeType.MERGE
        
        CascadeType.REMOVE
        
        CascadeType.DETACH
        
        CascadeType.LOCK
        
        CascadeType.REFRESH
        
        CascadeType.REPLICATE
        
        fetch => Rule to get child datas
        
        FetchType.LAZY
        
        FetchType.EAGER
        
        mappedBy => Define a bidirectional relation
        
        @ JoinTable(name="...", joinColumns , inverseJoinColumns) => use to map foreign keys table in N to N relation
  - - - @ Controller => define a contoller
      - @ RequestMapping("..." | value ="...", method = RequestMethod.POST|GET|PUT) => map url to a class or method
      - @ PostMapping | @ PutMapping | @ GetMapping => Specific method type mapping URL to method
      - @ RequestBody => Map a post/Put request body with an argument
      - @ RequestParam(value = "...") => Map a get parameter with an argument
      - @ PathVariable => Map an URL path with an argument
      - @ CrossOrigin => For local frontend calls
    - - @ ControllerAdvice => handle the exceptions globally
      - @ ExceptionHandler(value = ExceptionClassName.class) => Handle a specific class Exception by a method
      - :warning: Instead of using @ controllerAdvice, you can use a parent controller where you handle each exception
  - - - Flexible and comprehensive Authentification and Authorization
      - Detection and prevention of attacks (session fixation, clickjacking ...)
      - Integrate with Servlet API
      - Optional integration with spring MVC
      - Allows Single Sign-On => access to many apps with one account
    - - HTTP Authentification
        
        Basic authentification => user/psw in the header of HttpRequest and encoded using base64 (Autorization property)
        
        Digest authentification => same like basic but applies hash function to user/psw/Http method and URI
      - Forms Authentification
        
        Authentification through a form with a cookie session is created, sent to client and add to all HTTP requests, if authenticated and
      - Certificate
        
        SSL & HTTPS => use a SSL certificate to encrypte data send by HTTP
      - Token
        
        Json Web Token (JWT) digital signes authenticated requests by a token (Secret key Hashed json data) in the header
        
        Header
        
        Payload
        
        Signature
    - - @ Configuration + @ EnableWebSecurity + extends WebSecurityConfigurationAdapter => To add custom security configurations
      - @ Override configure(HttpSecurity http) => to configure access to request URI and choose authentification type
        
        http
        .authorizedRequests()
        .antMatchers("/uri").permitAll()
        .antMatchers("/uri/**").authentificated()
        .antMatchers("/uri").hasRole("ROLE")
        .antMatchers("/uri").hasAnyRole("ROLE1", "ROLE2")
        .antMatchers("/uri").hasAuthorities("ROLE1", "ROLE2")
        .and()
        .httpBasic() | .formLogin().loginPage("Url").permitAll()
      - @ Override configure(AuthentificationManagerBuider auth) => to build a User objects withUser, password, roles, authorities
    - - Generate your SSL or buy
      - Add SSL configuration to your @ SpringBootConfiguration class as a bean
      - Add the instruction for redirection from Http to Https
    - - Build UserDetails
        
        1- create a service that implements UserDetailService to find an User in db by user/psw
        2 - Create a class UserPrincipal that implements UserDetails and have a User property to implement interface methods
        3- Override Userdetails loadUserByUsername(String s) in the service to find user and return UserDetail
        4- Create @ Bean DaoAuthentificationProvider authentificationProvider() in Spring security conf class (DAO for db)
        5- Add the AuthentificationProvider to @ Override configuration(AuthentificationManagerBuilder auth) in the config class
      - Form Authentification
        
        Logout
        
        Add to your HttpSecurity configuration => and()
        .logout()
        .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
        .logoutSuccessUrl("/login")
        
        RemberMe
        
        To create a long time session, you can use remember-me by:
        1- Add a checkbox to login form
        2- Add a .remberMe() to your HttpSecurity configuration
        3- After each authentification a session will be created and the id will be sent to client as cookie with another rememberMe cookie that contains availability period
      - JWT Authentification