Open in app

Sign in

Write

Sign in

Upgrading a REST API to Spring Boot 3

Pavith Madusara
2 min readDec 3, 2022

Upgrading Spring Boot 2.7 REST API Implementation to Spring Boot 3

With the release of Spring Boot 3, I’ve updated couple of my Spring Boot 2.7 REST API implementation projects to Spring Boot 3. In this story ill list down all the changes i had to make.

This is not a complete guide to Spring Boot 3. This is just a list of changes i have came across. I may update this list in the future if i came across more changes.

1. Moving from javax to jakartaSB3 has moved to the JakartaEE implementation, So all javax imports should be updated to use jakarta namespace. simple find and replace should do the trick

2. EnableGlobalMethodSecurity is Deprecated

// This is Deprecated
@EnableGlobalMethodSecurity(securedEnabled = true, jsr250Enabled = true, prePostEnabled = true)
public class SecurityConfig{}

// Use Enable Method Security, prePost is Enabled by Default
@EnableMethodSecurity(securedEnabled = true, jsr250Enabled = true)
public class SecurityConfig{}

3. http.authorizeRequests() and antMatchers() methods are replaced with authorizeHttpRequests and requestMatchers methods

    @Bean
    protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        // ...
        http.authorizeRequests()
                .antMatchers(HttpMethod.GET, "/swagger-ui.html").permitAll()
                .antMatchers(HttpMethod.GET, "/swagger-ui/**").permitAll()
                .antMatchers(HttpMethod.GET, "/v3/api-docs/**").permitAll()
                .antMatchers(HttpMethod.POST, "/api/auth/login").permitAll()
                .antMatchers(HttpMethod.POST, "/api/auth/token-refresh").permitAll()
                .anyRequest().authenticated();
        // ...
    }

    // Spring Boot 3.0.0
    @Bean
    protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        // ...
        http.authorizeHttpRequests()
                // Public endpoints
                .requestMatchers(HttpMethod.GET, "/swagger-ui.html").permitAll()
                .requestMatchers(HttpMethod.GET, "/swagger-ui/**").permitAll()
                .requestMatchers(HttpMethod.GET, "/v3/api-docs/**").permitAll()
                .requestMatchers(HttpMethod.POST, "/api/auth/login").permitAll()
                .requestMatchers(HttpMethod.POST, "/api/auth/token-refresh").permitAll()
                .anyRequest().authenticated();
        // ...
    }

4. ResponseStatusException -> getStatus() is replaced with getStatusCode()

@ExceptionHandler(ResponseStatusException.class)
public ResponseEntity<ErrorResponse> handleNotFound(final ResponseStatusException exception) {
    final ErrorResponse errorResponse = new ErrorResponse();

 // errorResponse.setHttpStatus(exception.getStatus().value());
    errorResponse.setHttpStatus(exception.getStatusCode().value());

    errorResponse.setException(exception.getClass().getSimpleName());
    errorResponse.setMessage(exception.getMessage());
 
 // return new ResponseEntity<>(errorResponse, exception.getStatus());
    return new ResponseEntity<>(errorResponse, exception.getStatusCode());
}

This list covers all the changes i did to update my simple REST APIs, Ive tried to update some of my micro service implementations as well but some dependencies have to release new versions for SB3 before we can update.

Spring Boot 3
Upgrade Spring Boot
Jakarta
Spring Rest
Rest Api

--

--

Pavith Madusara

Written by Pavith Madusara

26 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams