Spring Boot 2: what's new?

  • Transfer

From the translator: in spite of the fact that a year has already passed, the questions about what new gave us the 2nd Boot do not end. To write such content from scratch is not the smartest idea. Therefore, we decided to translate the article, which seems to us the most concise and at the same time quite complete.

The release of Spring Boot 2 took place in early 2018, and everyone can’t wait to see it in action. This release was the culmination of 17 months of work and over 6800 commits from 215 different people. There are a lot of cool features that are worth discussing, so let's talk about what's new in Spring Boot 2.

In this article we will look at:

  • Spring Boot Story
  • What's new in Spring Boot
  • Spring Boot 2 Migration Guide

Spring Boot History

Before delving into innovations, I would like to take this opportunity to tell a little about the history of Spring Boot. In a post published in August 2013, Phil Webb announced in his blog the first landmark release of the project called Spring Boot .

Spring Boot is designed to make the creation of ready-to-work applications and services for Spring simple, without undue effort. Spring Boot is a subjective view of the Spring platform, which allows both novice and experienced Spring users to find everything they need. With the help of Boot, you can create stand-alone applications launched as 'java -jar' or distributed by a more traditional WAR format.

After about 9 months, in April 2014, Spring Boot 1.0 was released. Since then, there have been many minor releases and new useful features.

Spring Boot 1.1 (June 2014)

  • spring-boot-starter-test
  • Metrics & Health Endpoints
  • Elastic Search, Apache Solr, Spring Social and Spring Integration auto configuration
  • Support for standardization tools (Freemaker, Groovy, and Velocity)

Spring Boot 1.2 (March 2015)

  • Servlet 3.1, Tomcat 8 & Jetty 9
  • Spring 4.1
  • Annotation @SpringBootApplication
  • Email support

Spring Boot 1.3 (December 2016)

  • Update Spring Framework to version 4.2
  • Upgrading Spring Security to version 4.0
  • Developer Tools
  • Caching auto configuration
  • Fully executable JARs and support services

Spring Boot 1.4 (January 2017)

  • Spring 4.3
  • Hibernate 5
  • Improvements in testing mechanisms
  • Integration starter
  • Couchbase and Neo4J support

Spring Boot 1.5 (February 2017)

  • Loggers endpoint
  • Apache Kafka support
  • Advanced mechanisms for Cloud Foundry
  • LDAP support
  • Testing updates

What's new in Spring

So what's new in Spring Boot 2? If we talk about the biggest innovation, then this update of the Spring Framework to the 5th version. Since the Spring Framework 5 came out in September 2017, most developers (like me) have been waiting for the release of Spring Boot 2. Spring Framework 5 has a considerable list of new features, but I would like to talk about only a few of the most important ones.

What's new in Spring Framework 5

Java 8+ version support

If you continue to want to create applications on the Spring Framework, you need to work with the Java 8+ version. You probably thought that this is a very important change for all of us, but for the Spring team it is even more important. This made it possible to update the source code base to Java 8 with all its new features like lambda expressions or streams. This not only makes the code more readable, but also improves the performance of the platform’s core.

Java 9 support

If you want to use Java 9, you need to upgrade to Spring Framework 5 and also to Spring Boot 2. I know that many are not yet using the latest versions of Java in production, and this is a great opportunity to experiment with new cool “toys”. Everything should work without problems when using the standard classpath, but I read about some difficulties when switching to Java 9 modules.

Spring MVC

Although Spring MVC is not at the center of the story in this article, it is worth saying that there have been several nice upgrades. I will not dwell on them, details can be found in the documentation for the Spring Framework 5 .

Spring webflux

Asynchronous data flows are central to the story of the Spring Framework 5. This is a completely different type of thinking, but fortunately for us there is no need to re-learn how to write applications in a completely new way. Spring WebFlux is an absolutely asynchronous and non-blocking framework built from scratch that allows you to cope with a large number of parallel connections. Although this is a paradigm revolution, it will not be so difficult to start.


Kotlin support

Kotlin support has been added back to http://start.spring.io , but Spring Framework 5 has specialized support for this language, which has brought useful features, you can read about them here .

Improvements in testing mechanisms

The biggest change in the testing system is full support for JUnit 5 Jupiter. I’ll talk about this in more detail below, but when you launch a new application on Spring Boot 2, you still use JUnit 4 by default, but switching to JUnit 5 is a trivial task.

What's new in Spring Boot 2

Third Party Updates

With each new release of Spring Boot, the Spring team is able to update various dependencies.

  • Thymeleaf 3 *
  • Jetty 9.4
  • Tomcat 8.5
  • Hibernate 5.2
  • Flyway 5
  • Gradle 4

* Thymeleaf starter now has a built-in thymeleaf-extras-java8time.

Security and Reactive Spring Data

With the transition to Spring WebFlux, Spring Data has added support for applications with asynchronous data streams. Currently, Cassandra, MongoDB, Couchbase and Redis have support for the asynchronous API. In Spring Boot there are POM starters for all of them, thanks to which it is very easy to start working with them.

It also became possible to use Spring Security 5.0 in our reactive applications.


Spring Boot Actuator is nothing new, but it was rewritten from scratch. If you are not familiar with Actuator, this is what it does: it automatically displays endpoints to get information about the status of the application. Actuator in Spring Boot 1.x was written on top of servlets, and with the new reactive approaches, the Spring team needed a solution that supports both the old and reactive approaches. In addition, the following changes were made to Actuator:

  • Redesign to support servlets and reactivities
  • Status and detailed health-check became divided.
  • Simplified Security Model
  • Switch to Micrometer (this is like SLF4J, only for metrics)
  • Improved JSON data structure
  • Simplified process of creating custom endpoints.
  • Endpoint
  • @WebEndpoint
  • @JmxEndpoint

Probably, there may be difficulties in the upgrade due to changes in the security model, which we will discuss later. By default, all web-endpoint's are accessible along the path /actuatorwith a URL that looks like /actuator/{id}. The path / actuatorcan be changed in the settings management.endpoints.web.base-path.

There is a detailed separate documentation block for the Spring Boot Actuator Web API Endpoints , you should start with it to familiarize yourself with this tool.

Gradle plugin

I always really liked Gradle, and I just loved that the team decided to rewrite the plugin for Gradle.
The Spring Boot Gradle plugin allows you to implement Spring Boot support in Gradle and allows you to package executable jar or war archives, run applications on the Spring Boot and manage dependencies through spring-boot-dependencies. Gradle plugin in Spring Boot requires Gradle 4.0 or later.

Beginning of work

To start working with the plugin, you need to load it to the project.

buildscript {
repositories {
    maven { url 'https://repo.spring.io/libs-milestone' }
dependencies {
    classpath 'org.springframework.boot:spring-boot-gradle-plugin:2.0.0.RC1'
apply plugin: 'org.springframework.boot'

Creating executable jar and war archives

The bootRepackage task has been replaced by bootJar and bootWar to create jar and war files respectively. Both tasks have more functionality than the standard similar command Gradle, providing access to all settings and logic.

Dependency management

The Gradle plugin in Spring Boot no longer pulls the plugin to manage dependencies automatically. Instead, the Gradle Spring Boot plugin sees that the dependency management plugin is connected and imports the correct version of BOM. This allows you to better control where and how dependency management is configured. For most applications, it will be enough to add a plugin for managing dependencies:

apply plugin: 'io.spring.dependency-management'

The Gradle plugin has its own documentation , which contains very useful information. I recommend that anyone who wants to start working with Gradle follow this link.

Simplified Security System

One of the main goals in Spring Boot 2.x was to simplify the security configuration and make it so that you can easily add custom security settings. By default, all data is protected, including static resources and enduints of Actuators. If Spring Security is in the classpath, Spring Boot will add an annotation @EnableWebSecurity, and what specific authentication mechanism will be used will determine the content security negotiation mechanism from Spring Security.

When a user configures his own security rules, the standard configuration of the Spring Boot security system will no longer be valid. At this stage, the user will need to accurately write down all the safety rules. This means that all security settings are collected in one place and there are WebSecurityConfigurerAdaptersno problems with the order of processing commands with the existing one.

An example of individual security settings:

       // 1
       .requestMatchers(EndpointRequest.to("status", "info"))
       // 2
       // 3
       // 4
 ... // additional configuration

  1. /statusand /infodo not require authorization.
  2. All other actuators are protected by role ACTUATOR.
  3. Location of shared static resources available to all.
  4. All other endpoint applications are role protected USER.

Actuator security

Given that actuator's endpoints are fixed, it is necessary to include or exclude endpoints, depending on which ones you need. Here are the settings that control this, since release 1.x they have changed.

management.endpoints.web.exposure.include=info,health # Endpoint IDs that should be included or '*' for all.
management.endpoints.web.exposure.exclude= # Endpoint IDs that should be excluded.
management.endpoints.web.base-path=/actuator # Base path for Web endpoints. Relative to server.servlet.context
path or management.server.servlet.context-path if management.server.port is configured.
management.endpoints.web.path-mapping= # Mapping between endpoint IDs and the path that should expose them.

If you are not sure how to configure these settings, bookmark the documentation for the general settings of the application .

HTTP / 2 support

Incredibly, the release of the HTTP 1.1 specification was already in 1996. I suppose it’s not necessary to remind you that the modern network is different in all respects. If you want to implement HTTP / 2 support in a Spring MVC or WebFlux application, use the following parameter.


HTTP / 2 support depends on the selected web server and application environment, since this protocol is not supported in JDK8 out of the box. Read more about this in the documentation .

Configuration parameters

In Spring Boot 1.x, the so-called relaxed binding was supported, in other words, you could define the name of the parameter in many ways (camel-case, underscore, hyphen), and eventually the value was assigned to the same property.

Relaxed binding works the same way, and the way you read variables in your code has changed:

Data read

24. Externalized Configuration

It can be up to the same docs.spring.io


Spring Boot's own metric has been replaced by Micrometer. It is developed by the Pivotal team and quickly adapts to Pivotal projects.

Spring Boot Actuator provides autoconfiguration for Micrometer , an application metrics interface that supports many types of monitoring, including:


More information about Micrometer at https://micrometer.io/ .

An upgrade because of this can be painful for those who log tons of custom metrics.

Quartz Scheduler

In Spring Boot 2, there is support for the Quartz schedule execution library, which is easy to add with the spring-boot-starter-quartz starter. Supports work on RAM and on JDBC.


HikariCP Connection Pool

Standard connection pool changed from Tomcat to HikariCP. If you used spring.datasource.type to get Hikari to work in the Tomcat application, you can remove it. Similarly, if you want to continue using the Tomcat pool, simply add the following to your configuration:


Developer Tools

By default, every time the application is restarted, a report on the differences in configurations is recorded. In other words, the report shows the changes in the auto-configuration of the application that occur as you make changes such as deleting / adding beans and setting configuration parameters.

To disable the recording of this report, configure the following parameter:


Kotlin support

Earlier in this article it was mentioned about the official support of Kotlin. There is also a specialized Kotlin documentation block .

JUnit 5

As mentioned above, Spring Boot applications still use JUnit 4 by default. If you want to upgrade to JUnit 5, you need to exclude JUnit 4 from spring-boot-starter-test and add the necessary dependencies. You will also need plugins from the list below.


Spring Boot 2 Migration Guide

I think it is possible not to speak about such an obvious fact that with such a large release it is not the best way to upgrade with just a major release. First of all, I would advise you to read the Spring Boot 2.0 Migration Guide . Personally, I found the solution to most of my problems in a simplified security model and parameter changes. This guide has great tips for transferring parameter files.

In Spring Boot 2.0, many configuration settings have been renamed / deleted, and developers need to update application.properties/ application.ymlto reflect these changes. To facilitate this task, Spring Boot implemented the delivery of a new module spring-boot-properties-migrator. Being added to your project as a dependency, it will not only analyze the application environment and display diagnostic results on startup, but also temporarily migrate settings in runtime. This is a necessary action when migrating an application:


I don’t know what you think about it, but I’ll definitely start messing around with Spring Boot 2 and working on migrating the code to this version, but usually with any major release I’m waiting for the release of the next minor version. This applies not only to Spring, but also to other brands from Apple to Pivotal and even Angry Birds!

Only registered users can participate in the survey. Sign in , please.

What are your plans for Boot?

Also popular now: