The Web Module and Spring MVC

• The MVC Pattern
• The Front Controller Pattern
• DispatcherServlet
• Why Spring MVC?
• Application Configuration
• Spring Handler Mapping
• spring-servlet.xml
• Adding the Services Layer
• JQuery Considerations
• Transaction Considerations

Controllers and Commands

• Overview of the Spring MVC Controllers
• ParameterizableViewControllers
• SimpleFormControllers
• Inserting Spring Custom Form Tags
• Binding Data
• Incorporating MultiActionControllers

Binding and Validation

• Adding Validators
• Creating a Model Validator
• Working with Message Properties Files
• Using Annotations
• The @Controller Annotation
• The @RequestMapping Annotation
• Other Handler Annotations

Working with Spring Web Flow

• Installing Spring Web Flow
• The components of a flow
• Putting it all together in an application
• Securing web flows

SOAP Web Services

• Setup
• Tools
• WSDL
• Testing

RESTful Web Service

• Dependencies
• Exposing the Service
• RESTTemplate
• JSR 303 Considerations

The Scope of Security

• The Network Security Layer
• The Operating System Layer
• The Application Layer
• Authentication and Authorization: General Concepts
• What to Secure
• More Security Concerns
• Java Options for Security

Introducing Spring Security

• What is Spring Security?
• Where does Spring Security fit in?
• Spring Security and Spring
• Spring Framework: A Quick Overview
• An Initial Spring Security Secured Application
• Understanding the Simple Application

Web Security

• Introducing the simple example application
• The Special URLs
• Custom Login Form
• Basic HTTP Authentication
• Digest Authentication
• Beyond Simple User Roles: Using Spring Expression Language to Secure the Web Layer
• Extend with Custom Expressions

Securing the Service Layer

• The Limitations of Web-Level Security
• What Is Business Service-Level Security?
• How the Described Actions Happen Under the Hood
• Creating a Business Layer in an Application
• @RolesAllowed Annotation
• Securing the Application Using SpEL Expressions
• Securing the Data Returned from a Method
• Using AspectJ AOP instead of Spring AOP

Customizing and Extending Spring Security

• Spring Security Extension Points
• Plug into the Spring Security Event System
• Custom AuthenticationProvider and UserDetailsService
• Password Encryption
• Custom Security Filter
• Handling Errors and Entry Points
• Changing the Security Interceptor
• Spring Security Extensions Project

What is Spring Roo?

• Overview and Configuration
• Roo application architecture models

Getting Started with Roo

• Working with the Roo shell
• How Roo manages projects
• Refactoring, Roo ITDs and leaving Roo

Database Persistence with Entities

• Business objects and persistence
• Working with entities
• Validating Courses with Bean Validation
• Searching with finders
• Leaving Active Record?JPA repositories
• Code samples

Relationships, JPA, and Advanced Persistence

• Object relations: it?s all relative
• A sample Course Manager database
• Course Manager relationships
• Reverse engineering your database
• Adding a service layer
• Using JPA directly

Rapid Web Applications with Roo

• The Spring MVC web framework
• Roo Spring MVC quick-start
• Web scaffolding for entities
• Accessing other Spring beans