The new Certification Class of Learn Spring Security is out:

>> CHECK OUT THE COURSE

Table of Contents

  1. Overview
  2. Basic Spring Dependencies with Maven
  3. Spring Persistence with Maven
  4. Spring MVC with Maven
  5. Spring Security with Maven
  6. Spring Test with Maven
  7. Using Milestones
  8. Using Snapshots
  9. Conclusion

1. Overview

T§his tutorial illustrates how to set up the Spring dependencies via Maven. The latest Spring releases can be found on Maven Central.

2. Basic Spring Dependencies with Maven

Spring is designed to be highly modular – using one part of Spring should not and does not require another. For example, the basic Spring Context can be without the Persistence or the MVC Spring libraries.

Let’s start with a fundamental Maven setup which will only use the spring-context dependency:

<properties>
    <org.springframework.version>3.2.8.RELEASE</org.springframework.version>
    <!-- <org.springframework.version>4.0.2.RELEASE</org.springframework.version> -->
</properties>
<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-context</artifactId>
    <version>${org.springframework.version}</version>
    <scope>runtime</scope>
</dependency>

This dependency – spring-context – defines the actual Spring Injection Container and has a small number of dependencies: spring-core, spring-expression, spring-aop, and spring-beans. These augment the container by enabling support for some of the core Spring technologies: the Core Spring utilities, the Spring Expression Language (SpEL), the Aspect Oriented Programming support and the JavaBeans mechanism.

Note we’re defining the dependency in the runtime scope – this will make sure that there are no compile time dependencies on any Spring specific APIs. For more advanced use cases, the runtime scope may be removed from some selected Spring dependencies, but for simpler projects, there is no need to compile against Spring to make full use of the framework.

Also note that starting with Spring 3.2, there is no need to define the CGLIB dependency (now upgraded to CGLIB 3.0) – it has been repackaged (the all net.sf.cglib package is now org.springframework.cglib) and inlined directly within the spring-core JAR (see the JIRA for additional details).

3. Spring Persistence with Maven

Let’s now look at the persistence Spring dependencies – mainly spring-orm:

<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-orm</artifactId>
    <version>${org.springframework.version}</version>
</dependency>

This comes with Hibernate and JPA support – such as HibernateTemplate and JpaTemplate – as well as a few additional, persistence related dependencies: spring-jdbc and spring-tx.

The JDBC Data Access library defines the Spring JDBC support as well as the JdbcTemplate, and spring-tx represents the extremely flexible Transaction Management Abstraction.

4. Spring MVC with Maven

To use the Spring Web and Servlet support, two dependencies need to be included in the pom, again in addition to the core dependencies from above:

<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-web</artifactId>
    <version>${org.springframework.version}</version>
</dependency>
<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-webmvc</artifactId>
    <version>${org.springframework.version}</version>
</dependency>

The spring-web dependency contains common web specific utilities for both Servlet and Portlet environments, while spring-webmvc enables the MVC support for Servlet environments.

Since spring-webmvc has spring-web as a dependency, explicitly defining spring-web is not required when using spring-webmvc.

5. Spring Security with Maven

Security Maven dependencies are discussed in depth in the Spring Security with Maven article.

6. Spring Test with Maven

The Spring Test Framework can be included in the project via the following dependency:

<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-test</artifactId>
    <version>${spring.version}</version>
    <scope>test</scope>
</dependency>

As of Spring 3.2, the Spring MVC Test project, which started as a standalone project available on GitHub, has been included in the core Test Framework – and so including the spring-test dependency is enough.

7. Using Milestones

The release version of Spring is hosted on Maven Central. However, if a project needs to use milestone versions, then a custom Spring repository needs to be added to the pom:

<repositories>
    <repository>
        <id>repository.springframework.maven.milestone</id>
        <name>Spring Framework Maven Milestone Repository</name>
        <url>http://repo.spring.io/milestone/</url>
    </repository>
</repositories>

One this repository has been defined, the project can define dependencies such as:

<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-core</artifactId>
    <version>3.2.0.RC2</version>
</dependency>

8. Using Snapshots

Similar to milestones, snapshots are hosted in a custom repository:

<repositories>
    <repository>
        <id>repository.springframework.maven.snapshot</id>
        <name>Spring Framework Maven Snapshot Repository</name>
        <url>http://repo.spring.io/snapshot/</url>
    </repository>
</repositories>

Once the SNAPSHOT repository is enabled in the pom.xml, the following dependencies can be referenced:

<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-core</artifactId>
    <version>3.3.0.BUILD-SNAPSHOT</version>
</dependency>

As well as – for 4.x:

<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-core</artifactId>
    <version>4.0.3.BUILD-SNAPSHOT</version>
</dependency>

9. Conclusion

This article discusses the practical details of using Spring with Maven. The Maven dependencies presented here are of course some of the major ones, and several others may be worth mentioning and have not yet made the cut. Nevertheless, this should be a good starting point for using Spring in a project.

Go deeper into Spring Security with the course:

>> LEARN SPRING SECURITY

  • Dominik Drzewiecki

    When transitive dependencies’ version resolved by maven does not suit you for some reason, as described in 5.2, (In this particular case, you know better that it is spring-jdbc-3.2.2.RELEASE.jar that should be used), it is much better to declare transitive dependencies’ versions within “dependencyManagement” section rather than in “dependencies”, unless you use this very artifact explicitly (e.g. it is required at compile-time).

    • Thanks for the feedback. This makes sense, especially when multiple projects are inheriting from the same parent. When that’s not the case, both options should be similar.

  • Patel

    Good One !!! Thanks for such a nice explanation 🙂

  • Ravi

    In general can we use SNAPSHOT dependencies for development? For example I am using spring aws cloud SNAPSHOT version in a project as it has the features I want and one of colleague told use old stable version .. I thought releases do happen very often and the project yet to be released in one year time … It’s always confusing for me whether to use new features from SNAPSHOT version or use old versions ..

    • Well Ravi, it depends on what you want to achieve, but generally speaking, I would default to “no”.
      If you develop against a SNAPSHOT dependency – then you’re presumably using some APIs that are not yet available in the stable version. And, if you’re doing that, you’ll have to go to production with that dependency as well (which is not a good idea).

      The only exception to that is – if you’re using a minor dependency that contains only bug fixes, and more importantly contains a bug fix you simply can’t wait for.
      Hope that helps. Cheers,
      Eugen.