Blog Post

Apps on Azure Blog
4 MIN READ

Spring Cloud Azure 5.0 now GA

mkheck's avatar
mkheck
Icon for Microsoft rankMicrosoft
Jan 25, 2023

We're very pleased to announce that Spring Cloud Azure 5.0 is now generally available. 

 

This major release includes the following features, improvements, and documentation updates: 

 

To try Spring Cloud Azure 5.0, simply add the following dependency BOM to your project:

 

<dependencyManagement> 
  <dependencies> 
    <dependency> 
      <groupId>com.azure.spring</groupId> 
      <artifactId>spring-cloud-azure-dependencies</artifactId> 
      <version>5.0.0</version> 
      <type>pom</type> 
      <scope>import</scope> 
    </dependency> 
  </dependencies> 
</dependencyManagement> 

 

 

Spring Boot 3 and Spring Cloud 2022.0.0 integration

Spring Boot 3 and Spring Cloud 2022.0.0 bring many exciting features, requiring some significant changes to Spring Cloud Azure to fully leverage them.

 

Noteworthy changes in this version

 

Dependency upgrade

1. Deprecated API upgrades, Azure/azure-sdk-for-java#31543:

  • com.azure.spring.cloud.autoconfigure.aad.implementation.oauth2.AadOAuth2AuthenticatedPrincipal class removed
  • com.azure.spring.cloud.autoconfigure.aad.implementation.webapi.AadOboOAuth2AuthorizedClientProvider class removed
  • com.azure.spring.cloud.autoconfigure.aad.properties.AadAuthorizationGrantType class removed
  • com.azure.spring.cloud.autoconfigure.aad.AadJwtBearerTokenAuthenticationConverter class removed
  • AuthorizationGrantType.PASSWORD no longer supported
  • com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier#DefaultJWTClaimsVerifier(com.nimbusds.jwt.JWTClaimsSet, java.util.Set<java.lang.String>) method replaces com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier#DefaultJWTClaimsVerifier()
  • AbstractHttpConfigurer replaces org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
  • spring-cloud-azure-trace-sleuth artifact removed 

2. Spring Security 6 dependencies upgrades, Azure/azure-sdk-for-java#31808:

  • org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity annotation replaces org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
  • org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken class replaces org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken

3. Class package path updates and API polishing/refinement, including reducing the number of public APIs: Azure/azure-sdk-for-java#32552 , Azure/azure-sdk-for-java#32582 , Azure/azure-sdk-for-java#32597 , Azure/azure-sdk-for-java#32616 , Azure/azure-sdk-for-java#32712 , Azure/azure-sdk-for-java#32716 . 

 

The following features are planned for future releases: 

  • GraalVM native image**
  • Spring Data Cosmos DB
  • App Configuration Config and Feature Management 

** Currently available for beta testing, please visit Spring Cloud Azure Native Reachability client library for Java to give it a try. 

 

Stay tuned for updates! 

 

Passwordless connections 

Using username/password credentials to access one application from another significantly increases overall risk profile. An unauthorized user can gain access to the application using a connection string accidentally checked into source control, sent through an insecure email, pasted into the wrong chat, or otherwise illegitimately obtained. Updating your application to use passwordless connections provides dramatically improved security. 

 

Passwordless connections for Java applications to Azure databases and eventing services are generally available with Spring Cloud Azure 5.0, enabling you to access services securely without passing usernames and passwords over the wire. 

 

These Azure Services currently support passwordless connections:

Azure Service 

Quickstart 

Migration guide 

Azure Database for MySQL 

Spring Data JDBC 
Spring Data JPA 

Delete passwords and migrate 

Azure Database for PostgreSQL 

Spring Data JDBC 
Spring Data JPA 

Delete passwords and migrate 

Azure SQL Database 

Spring Data JDBC 
Spring Data JPA 

Delete passwords and migrate 

Event Hubs – Kafka 

Spring Cloud Stream Binder for Kafka 
Spring Kafka 

Delete passwords and migrate 

Storage 

Storage Blob 
Storage Queues 

Delete passwords and migrate 

 

Our passwordless journey does not end here. Support for additional Azure services is planned and under development. 

 

Spring Initializr

The Azure Support module in Spring Initializr now supports Spring Boot 3, so you can begin your Spring Cloud Azure 5.0 journey directly from the Initializr.

 

 

Documentation

Good documentation is a key part of Spring Cloud Azure. We’ve created a new online resource, Azure for Spring developers, to help Spring developers code, deploy, and scale their Spring applications on Azure. Whether developers are familiar with Spring and unfamiliar with Azure Service or the other way around – or new to both! – they can come to this site to learn. Content will be expanded and updated continuously.

 

In addition, we’ve redesigned the Spring Cloud Azure documentation to help developers more easily find what they need, combined with useful scenarios.

 

 

Other bug fixes and feature improvements

  • Support auto startup for the autoconfigured Service Bus Processor client by enabling new property spring.cloud.azure.servicebus.processor.auto-startup (Azure/azure-sdk-for-java#29997)  
  • Provide property spring.cloud.azure.eventhubs.kafka.enabled to enable/disable Spring Cloud Azure OAuth2 support for Event Hubs for Kafka (Azure/azure-sdk-for-java#30574) 
  • Support connecting to Azure AD via proxy (NOTE: custom RestTemplateCustomizer bean must be provided) (Azure/azure-sdk-for-java#26493) 

 

Feedback

Feedback and contributions are always welcome. Please contact us on StackOverflow  or GitHub. 

 

Resources

To learn more about Spring Cloud Azure, please visit the following links: 

 

Updated Jan 24, 2023
Version 1.0