Java Spring Boot Skill

Overview

When to Use This Skill

• Create REST APIs with Spring MVC/WebFlux
• Configure Spring Security (OAuth2, JWT)
• Set up database access with Spring Data
• Enable monitoring with Actuator
• Integrate with Spring Cloud

Topics Covered

Spring Boot Core

• Auto-configuration and starters
• Application properties and profiles
• Bean lifecycle and configuration
• DevTools and hot reload

REST API Development

• @RestController and @RequestMapping
• Request/response handling
• Validation with Bean Validation
• Exception handling with @ControllerAdvice

Spring Security

• SecurityFilterChain configuration
• OAuth2 and JWT authentication
• Method security (@PreAuthorize)
• CORS and CSRF configuration

Spring Data JPA

• Repository pattern
• Query methods and @Query
• Pagination and sorting
• Auditing and transactions

Actuator & Monitoring

• Health checks and probes
• Metrics with Micrometer
• Custom endpoints
• Prometheus integration

Quick Reference

Copy
// REST Controller
@RestController
@RequestMapping("/api/users")
@Validated
public class UserController {

    @GetMapping("/{id}")
    public ResponseEntity<User> getUser(@PathVariable Long id) {
        return userService.findById(id)
            .map(ResponseEntity::ok)
            .orElse(ResponseEntity.notFound().build());
    }

    @PostMapping
    public ResponseEntity<User> createUser(@Valid @RequestBody UserRequest request) {
        User user = userService.create(request);
        URI location = URI.create("/api/users/" + user.getId());
        return ResponseEntity.created(location).body(user);
    }
}

// Security Configuration
@Configuration
@EnableWebSecurity
public class SecurityConfig {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http
            .csrf(csrf -> csrf.disable())
            .sessionManagement(s -> s.sessionCreationPolicy(STATELESS))
            .authorizeHttpRequests(auth -> auth
                .requestMatchers("/actuator/health/**").permitAll()
                .requestMatchers("/api/public/**").permitAll()
                .anyRequest().authenticated())
            .oauth2ResourceServer(oauth2 -> oauth2.jwt(Customizer.withDefaults()))
            .build();
    }
}

// Exception Handler
@RestControllerAdvice
public class GlobalExceptionHandler {

    @ExceptionHandler(EntityNotFoundException.class)
    public ProblemDetail handleNotFound(EntityNotFoundException ex) {
        return ProblemDetail.forStatusAndDetail(NOT_FOUND, ex.getMessage());
    }
}
`## Configuration Templates`
# application.yml
spring:
  application:
    name: ${APP_NAME:my-service}
  profiles:
    active: ${SPRING_PROFILES_ACTIVE:local}
  jpa:
    open-in-view: false
    properties:
      hibernate:
        jdbc.batch_size: 50

management:
  endpoints:
    web:
      exposure:
        include: health,info,metrics,prometheus
  endpoint:
    health:
      probes:
        enabled: true

server:
  error:
    include-stacktrace: never

Common Patterns

Layer Architecture

Copy
Controller → Service → Repository → Database
     ↓           ↓          ↓
   DTOs      Entities    Entities
`### Validation Patterns`
public record CreateUserRequest(
    @NotBlank @Size(max = 100) String name,
    @Email @NotBlank String email,
    @NotNull @Min(18) Integer age
) {}

Troubleshooting

Common Issues

Debug Properties

Copy
debug=true
logging.level.org.springframework.security=DEBUG
spring.jpa.show-sql=true
`### Debug Checklist`
□ Check /actuator/conditions
□ Verify active profiles
□ Review security filter chain
□ Check bean definitions
□ Test health endpoints
`## Usage`
Skill("java-spring-boot")

Related Skills

• java-testing - Spring test patterns
• java-jpa-hibernate - Data access