AccountRepository, 296, 298, 299
Acegi security. See Spring security
Action execution control
<on-end> element, 404
<on-exit> element, 405
<on-render> element, 405
<on-start> element, 404
Annotation-based controllers
book detail page, 136
detail.jsp, 135
modified search page, 134
URL mapping, 135
book search page
BookSearchController alternate version, 133
BookSearchController with BookSearchCriteria, 131–133
criteria method argument, 133
data binding, 133
form code, 130
RequestParam, 133
search results, 132
search.jsp file, 130
DefaultAnnotationHandlerMapping, 110
HandlerMapping, 110
IndexController, 110
login controller
AuthenticationException, 128
handleLogin method, 128
HttpServletRequest, 128
initial LoginController, 126–127
login page, 127
modified LoginController, 127–128
username and password parameters, 128
ModelAndView, 110
RequestMapping annotation, 110
AnnotationFormatterFactory, 154
Application security, 478
Application testing
amoeba effect, 274
automated front-end testing
infrastructure set up, 310
minor faults, 310
performance, render times, and usability, 309
Selenium (see Selenium)
Servlet container, 310
test harness, 310
Tomcat, 310
environment, 277
front-end tests via Gradle, 318–319
goals, 276
implementation deformation without tests, 274
importance, 276
infrastructure, 276
integration testing (see Integration tests)
mock objects (see Mock objects)
performance testing, 278
Spring's test support
integration test (see Integration tests)
stress testing, 278
system testing, 278
test harness, 275
understanding, 276
user acceptance testing, 278
VCS, 277
assertEquals method, 283
assertTrue method, 283
Asynchronous JavaScript (AJAX)
AJAX (cont.)
Account Page PUT Ajax Form Submit, 227
graceful degradation, 227
JSON
BookSearch Controller, 222
org.springframework.web.bind.annotation.ResponseBody, 223
sending and receiving, 224–226
progressive enhancement., 227
PUT request, 226
template.jsp file, 220
authenticatedAccount variable, 419
Authentication process, 478, 479
AuthenticationController, 411–413, 420
AuthenticationException, 128
Authorization, 479
BookId, 135
BookRepository interface, 292
Bookstore enhancement
authentication
action attribute, 412
attributes and elements, 415
AuthenticationController, 411, 414–415
eventId, 414
flowExecutionUrl, 413
implementation procedure, 410
initializeForm, 411
@RequestMapping, 412
subflow attribute, 416
books selection and delivery options, 387–388
category selection
on start, 382
form validation
Application Controller, 391–392
createOrders-flow file, 396
Web Flow Validator Method and Classes, 390–391
javax.servlet.http.HttpSession, 408
no conversion, 381
no validation, 381
revised flow, 409
sample flow refactoring steps, 410
security mechanism, 408
CategoryConverter configuration, 157
Certificate authority (CA), 510, 511
Child flow, 407
Cloud foundry
deploying
Add Service button, 548
application details dialog, 546
auto-reconfiguration, 551
CloudFoundry.com account configuration, 545
MicroCloud, 552
MySQL database service, 549, 550
new server creation, 545
spring security configuration (see Spring security,configuration)
Tomcat 6(see Tomcat 6)
URL, 546
Collection-based tags, 146
ConditionalGenericConverter API, 152
ConfigurableWebBindingInitializer, 137–139
Confirmation view, 426
@ContextConfiguration, 306
Continuous integration (CI) system, 277
Controllers
annotation-based controllers (see Annotation-based controllers)
configuring view controllers, 111–112
data binding (see Data binding)
definition, 107
interface-based controllers, 108
internationalization (see Internationalization)
request-handling methods (see Request-handling methods)
Conversation scope, 378
ConversionService API, 152
ConverterFactory API, 151
CookieValue annotation, 123
CreateOrders-flow, 416
Data access object (DAO), 281–282
Data binding, 133
BookSearchCriteria JavaBean, 136–137
ModelAttribute
form tag library (see Form tag library)
spring tag library, 144
nested binding, 137
per controller customization, 139–141
setCategory method, 137
setTitle method, 137
type conversion (see Type conversion)
validation, model attributes
AccountValidator implementation, 164–165
bind errors, 163
error codes, field errors, 165
MessageSource configuration, 163–164
registration page with error codes, 167
RegistrationController, 166
requiredFields, 165
supports method, 163
validator interface, 163
DateFormatAnnotationFormatterFactory, 154–155
DefaultHandlerExceptionResolver, 200
DispatcherServlet
Bootstrapping
ServletContainerInitializer, 76–77
The Servlet 3.0 specification, 74
WebApplicationInitializer, 77–78
web-fragment.xml configuration, 76
configuration
EntityManager, 291
Event, 374
Execution scope, 378
ExternalRedirect attribute, 426
File uploads
configuration
exception handling, 235
request handling method (see Request handling method)
controller modification, 228
implementations, 228
registration, 228
Flash attributes, 118
Flow variables, 401
flowExecutionUrl implicit object, 379
FlowInputMappingException, 424
Form tag library, 145
order JSP, 147
path attribute, 146
search page with category, 148
shared form tag attributes, 146
title field, 147
FormatterRegistry interface, 155–156
Global transitions, 406
Handlelogin method, 128, 301–304
HandlerExceptionResolver, 198
Handlerexecution chain
exception handling, 71
Hibernate validator JAR file, 394, 395
HTTP protocol
HiddenHttpMethodFilter
Account.jsp Heading, 219
AccountController Update Method, 219
BookstoreWebApplicationInitializer, 218
methods of, 216
URL points, 217
HttpPutFormContentFilter, 226, 227
Init-binder method, 141
Inline flows, 407
Integration tests, 277, 279–280
annotation configuration, 289
architecture and reusability, 280
@Configuration classes, 288
context configuration addition, 288
@ContextConfiguration annotation, 288
@DirtiesContext annotation, 290
DMBS, 280
HQL/JPQL query, 280
in-memory equivalents, 279
JpaBookRepository, in src/test/java, 287
listeners, 287
"real" system resources, 279
runner addition, 287
Spring configuration, 288
SpringJUnit4ClassRunner, 287
test suite, 289
testability, 280
TestExecutionListener annotation, 287
transaction management, 290–292
Interceptors
callbacks, 186
HandlerInterceptor
configuration, 196
403 error page, 197
interface, 187
SecurityHandlerInterceptor, 195
HandlerMapping configuration, 188
WebRequestInterceptor
CommonDataInterceptor, 192, 193
postHandle method, 193
welcome page, 192
WebRequestInterceptor Interface, 187
Interface-based controllers, 108
Internationalization
LocaleChangeInterceptor
book search page in Dutch, 176
book search page in English, 175
book search page with message tag, 174–175
configuration, 173
LocaleResolver, 172
Inversion of Control (IoC), 29
java.io.Serializable, 401
Java's transient, 401
javax.servlet.http.HttpServletRequest, 379
LocaleChangeInterceptor
book search page in Dutch, 176
book search page in English, 175
book search page with message tag, 174–175
configuration, 173
LocalValidatorFactoryBean, 390
Match attribute, 508
Mock objects
AccountService
@After method, 299
@Before method, 299
AuthenticationService, 298
ContextConfiguration annotation, 298
findByUsername method, 298, 299
login method, 296
Mockito methods, 299
programming, 298
save method, 296
src/test/java, 297
testLoginFailure, 298
verification, 299
fake, 295
JpaBookRepository, 296
MVC logic
MockHttpServletRequest, 304–305
RDBMS, 296
test doubles, 295
verification phase, 295
MockHttpServletRequest, 304–306
MockHttpServletResponse, 306
MockHttpSession, 306
Model View Controller (MVC), 51
crosscutting concerns
SimpleMappingExceptionResolver, 201–204
components, 301
DispatcherServlet (see DispatcherServlet)
HandlerAdapter
AnnotationMethodHandlerAdapter, 96
HandlerAdapter API, 94
HttpRequestHandlerAdapter, 95
implementations, 95
RequestMappingHandlerAdapter, 96
SimpleControllerHandlerAdapter, 95
SimpleServletHandlerAdapter, 96
HandlerExceptionResolver
API, 101
implementations, 102
HandlerMapping
BeanNameUrlHandlerMapping, 90–91
ControllerBeanNameHandlerMapping, 92
ControllerClassNameHandlerMapping, 92–93
DefaultAnnotationHandlerMapping, 93–94
HandlerMapping API, 88
implementations, 89
RequestMappingHandlerMapping, 93–94
SimpleUrlHandlerMapping, 91–92
URL mapping, 90
JSPs, 301
LocaleResolver
AcceptHeaderLocaleResolve, 99
API, 98
CookieLocaleResolver, 99
FixedLocaleResolver, 99
implementations, 98
SessionLocaleResolver, 99
MultipartResolver
implementations, 97
library, 97
StandardServletMultipartResolver, 97
org.springframework.web.servlet
afterCompletion method, 72, 73
Handlerexecution chain (see Handlerexecution chain)
request processing flow, 67–68
request processing summary, 73–74
request processing workflow, 66
RequestDataValueProcessor, 212–213
RequestMappingHandlerAdapter
account page, 212
accountcontroller, 211
HandlerMethodArgumentResolver, 207
HandlerMethodReturnValueHandler, 207
Modified WebMvcContextConfiguration, 210–211
SessionAttribute Annotation, 208
SessionAttributeProcessor, 209, 210
RequestMappingHandlerMapping, 205–206
scopes
annotation property, 178
CartController Bean, 180
singleton scope, 178
Spring mock objects
MockHttpServletRequest, 304–305
Spring MVC test
@Configuration classes, 306
build.gradle, 305
configuration, 306
MVC, Spring MVC test (cont.)
MVC infrastructure, 306
snapshot, 305
WebApplicationContext, 306
ThemeResolver
API, 100
CookieThemeResolver, 101
FixedThemeResolver, 101
implementations, 100
SessionThemeResolver, 101
ModelAndView, 108
ModelAttribute annotation, 120, 122, 124
form tag library, 145
order JSP, 147
path attribute, 146
search page with category, 148
shared form tag attributes, 146
title field, 147
request-handling methods, 122
spring tag library, 144
ModelnameValidator class, 391
NoMatchingTransitionException, 419
Object relational mapping (ORM), 291, 294
OrderController class, 392, 394
OrderFormValidator class, 391
org.springframework.validation.BindingResult attribute, 160
org.springframework.webflow.execution.RequestContext object, 402
Param, 379
ParameterizableViewController, 111
Parent flow, 407
PathVariable annotation, 122
Performance testing, 278
PlaceOrder() method, 419
Post Redirect Get (PRG) idiom, 426
RedirectAttributes, 118
RegistrationController, 158–160
Representational state transfer (REST)
HTTP protocol (see HTTP protocol)
PUT request, 226
resources identification, 215–216
RequestBody annotation, 121
Request-handling methods
account page, 231
coarse-grained mapping, 113
Multipart File, 232
MultipartHttpServletRequest, 233
sample file upload output, 232
Servlet 3.0, 234
supported method argument annotations, 119
CookieValue, 123
HandlerMethodArgumentResolver interface, 119–120
ModelAttribute annotation, 120, 122
PathVariable, 122
RequestBody, 121
RequestHeader, 121
RequestParam, 120
supported method argument types, 115–117
RedirectAttributes, 118
UriComponentsBuilder, 118
supported method return values, 123–125
RequestHeader annotation, 121
RequestParam annotation, 120
RequestParameters implicit object, 401
RequestPart annotation, 121–122
ResponseStatusExceptionResolver, 200, 201
Role-based access control (RBAC)
BookstoreUserDetailsService, 521, 522
domain model, 518
functionality, 518
GrantedAuthority, 522
information access, 518
many-to-many association with permission, 520
many-to-many association with role, 519
permission entity, 520
Secure socket layer (SSL), 510
Security process, 477
SecurityHandlerInterceptor, 302
Selenium
IDE
copying to clipboard, 317
JSP source, 314
language selection, 317
login, 314
main window, 316
scenario recording, 316
WebDriver JUnit style, 318
WebDriver project, 310
Servlet request scope, 379, 402
<set> element, 401
Shared form tag attributes, 146
SimpleMappingExceptionResolver
AnnotationMethodHandlerExceptionResolver, 204
ExceptionHandlerExceptionResolver, 204
Improved Login Controller, 202–203
Login page, 203
Snippet, 172
Spring development environment
prerequisites
integrated development environment, 2
Java Development Kit, 2
Servlet Container, 2
software versions and download sites, 1
sample application
STS (see SpringSource Tool Suite)
Spring expression language (Spring EL), 402
Spring framework
application contexts
configuration file, 36
default configuration options, 35
hierarchy, 38
MoneyTransferSpring class, 29–30
org.springframework.web.context.WebApplicationContext interface, 34, 35
aspect-oriented programming, 45–47
dependency injection
annotation-based dependency injection, 33
constructor-based dependency injection, 31
IoC, 29
setter-based dependency injection, 32
scopes, 41
Spring security, 477
access authorization
"add category", 528
admin user, log in, 529
authorize tag, navigation bar, 525
finer-grained permission checks, 526–527
information, 523
JavaScript code, 527
login and logout, 529
manage books menu option, 528
manageBooks.jsp page, 524
tag library, pages, 523
authentication and authorization schemes, 479
basic security scheme, 481, 482
bookstore
access configuration, resource, 490–492
addMappingForUrlPatterns, 485
application filter chain configuration, 487
authentication manager, 495
complete security configuration, 503, 504
core concept, 484
expression methods and literals, 493–494
filter, 484
multiple filters, 485
Spring security, bookstore (cont.)
namespace element/attribute, 488, 489
namespaced filter chain configuration, 487
one-way hashed password, 495
Spring class, constants, 484
xml header, 486
configuration, 479
(Http)ServletRequest, 542
isSecure(), 542
spring-security.xml File, 544
database
getPrincipal method, 506
in-memory data store, 504
SecurityContext, 505
declarative method, 480
flow bypass security, 481
flow security
request mappings, 506
SecurityFlowExecutionListener, 508–509
URI, filter chain, 506
message localization, 480
RBAC (see Role-based access control)
Spring MVC, 480
transport security
browser confirmation, 511
HTTPS, 514
information encryption, 515, 516
keytool, 512
self signed certificate, 511
URI, 513
Web Flow, 480
Spring Web Flow
accessing scopes
externalContext, 402
flowRequestContext, 402
RequestContext, 403
Servlet request scopes, 402, 403
Spring EL, 402
Unified EL, 402
action execution control
<on-end> element, 404
<on-exit> element, 405
<on-render> element, 405
<on-start> element, 404
bookstore enhancement (see Bookstore enhancement)
flow variables, 401
global transitions, 406
java.util.Map, 400
scopes
Java transient, 374
java.io.Serializable, 374
types, 374
view, 377
subflows
child flow, 407
composition, 406
inline flows, 407
modularity, 407
vs. normal flow, 407
normal top-level flow, 408
parent flow, 407
value attribute, 400
SpringSource tool suite (STS)
dependency management, 5
Extensions tab, 10
gradle search results, 11
index.jsp, 21
Install dialog box, 12
SpringSource vFabric tc Server, 17–19
Stress testing, 278
StringToEntityConverter, 156–157
Subflow, 373
child flow, 407
composition, 406
inline flows, 407
modularity, 407
vs. normal flow, 407
normal top-level flow, 408
parent flow, 407
System testing, 278
@Test method, 283
TestNG, 281
Tomcat 6
AnnotationConfigWebApplicationContext, 540
context.xml File, 541
ContextLoaderListener, 539
DispatcherServlet, 539
filters configuration, 541
XmlWebApplicationContext, 540
@Transactional annotation, 290
TransactionalTestExecutionListener, 290
Transport layer security (TSL). See Secure Socket Layer (SSL)
Type conversion
account registration page, 161
account registration page with error, 162
configuration
CategoryConverter configuration, 157
FormatterRegistry interface, 155–156
StringToEntityConverter, 156–157
converters
ConditionalGenericConverter API, 152
ConversionService API, 152
ConverterFactory API, 151
interfaces, 150
formatters
AnnotationFormatterFactory, 154
DateFormatAnnotationFormatterFactory, 154–155
org.springframework.validation.BindingResult attribute, 160
register.jsp file, 158
registration page, 158
RegistrationController, 158–160
String instances, 148
Unified Expression Language (Unified EL), 402
Unit tests
definition, 277
JUnit
@After method, 284
annotation execution order, 284
assertTrue and assertEquals methods, 283
@Before annotation, 283
test failure, 283
test success, 283
TestNG, 281
@Test annotation, 283
@Test method, 283
UriComponentsBuilder, 118
User acceptance testing, 278
ValidateDeliverydate method, 391, 394
ValidateSelectShop, 391
ValidationMessages.properties, 395
<var> element, 401
Version control system (VCS), 277
View resolvers
ContentNegotiatingViewResolver, 246–247
getContentType method, 238
implemention, 247
InternalResourceViewResolver, 245
org.springframework.web.servlet, 238
render method, 238
ResourceBundleViewResolver, 241–243
view rendering process, 237
XsltViewResolver, 245
View scope, 377
View technology
excel
ViewConfiguration class, 267
View technology (cont.)
freemarker
configuration, 257
configurer property, 256
templateLoaderPath, 256
WEB-INF/freemarker/index.ftl, 258
hierarchy, 248
JasperReports
configuration, 271
multiformatview default mappings, 270
report filling, 271
Java Server Pages, 249
configuration, ContentNegotiatingViewResolve, 264–265
generated PDF, 265
tiles
definitions files, 252
Index JSP, 254
welcome page, 254
velocity
configuration, 257
configurer property, 255
dates and numbers, 262
resourceLoaderPath, 256
WEB-INF/velocity/index.vm, 258
Web application architecture
separation of concerns, 56
Web flow
AJAX support
Add button, Spring JS, 454
addDecoration method, Spring JS, 454
books selection, 448
configuration, 447
createOrders/selectBooks.jsp, 449
extra dependency via gradle on Spring JS, 445
JavaScript decoration, Spring JS, 455
JavaScript dependency, 445
selectBooks.jsp after modification, 449–451
showSelectedBooks.jsp view, 448
avoidance, 332
bookstore sample application
account, 367
actual page, 359
bold type, 365
browser-rendered view, 366
Buy books link, 360
Controller Code execution, 362
Controller Method, 367
Delivery Options selection, 363
delivery options-our delivery date, 370
_eventId_<on_transition>, 360
flow steps explanation, 354
<form:select> element, 360
header.jsp, 360
Home Page creation, 355–356, 368
http://localhost:8080/chapter10-bookstore/., 361
implemention, 356
Previous View State, 362
Select Delivery Options Page, 368
selectCategory View State, 358
String, 358
Tiles Configuration, 359
Tiles Definition, 364
View State, select delivery option, 367
configuration
.apress.prospringmvc.bookstore.web.config, 350
automatically scan for flow definitions, 348
dependency, 346
flow builder services, 349–350
flow executor, 347
flow registry, 348
FlowHandlerAdapter and FlowHandlerMapping Beans, 351, 352
.prospringmvc.bookstore.web.interceptor, 350
src/main/resources/spring/webflow-config.xml and Web Flow configuration namespaces, 347
controlled navigation, 331
exception handling
authenticationcontroller, 439
Custom Exception Handler, 440–442
On Exception Transition, 439
explicit form binding
converter package, 443
message keys, 444
per-property based binding, 443
preferred approach, 443
fine-grained scoping, 323
automatic state management, 326–327
bookstore web application, 323
Context data, 324
HTTP Sessions, 325
myData, 324
usage, 323
flow concept, 322
flow execution listeners
configuration, 460
eventSignaled, 461
exceptionThrown, 463
FlowExecutionListener interface, 459
paused, 462
requestSubmitted(RequestContext context, 461
resuming, 462
sessionCreating, 461
sessionEnding, 462
sessionStarting, 461
stateEntering, 462
transitionExecuting, 461
viewRendering, 462
flow inheritance
child flow, 431
mergeable and non-mergeable elements, 430
merged flow, 432
parent attribute, 430
parent flow, 431
single view state, 431
flow managed persistence context
binding and unbinding, 466
end state, 467
JpaFlowExecutionListener,, 467
LazyInitializationException, 475
new Orders overview page, 472
OpenEntityManagerInViewFilter, 468
orderDetail.jsp, 469
registration, 466
tiles definition, 470
view link, 473
ingredients of
apress.prospringmvc.bookstore.web.controller, 337
cancel transition, 338
choice, 334
element multiplicity, 334
flow and flow-graph tabs, 336
flow definition, 335
flow root element, 333
namespace, 335
selectCategory, 337
bookstore sample application, 363
request synchronization
double submission, 329
duplicate key, 327
flow execution key, 328
idempotent, 327
state inheritance, 434
WebApplicationContext, 306
WebMvcContext, 171