Blog: Spring Cloud Azure 5.0 is now Generally Available

We?re very pleased to announce that Spring Cloud Azure 5.0 is now generally available.

This major release includes the following features, improvements, and documentation updates:

Compatible with Spring Boot 3 and Spring Cloud 2022.0.0
Supports Passwordless Connections
Updated Azure for Spring developers documentation to help Spring developers code, deploy and scale Spring applications on Azure
Redesigned Spring Cloud Azure documentation with improved scenarios

To try Spring Cloud Azure 5.0, simply add the following dependency BOM to your project:

<dependencyManagement>
  <dependencies>
    <dependency>
      <groupId>com.azure.spring</groupId>
      <artifactId>spring-cloud-azure-dependencies</artifactId>
      <version>5.0.0</version>
      <type>pom</type>
      <scope>import</scope>
    </dependency>
  </dependencies>
</dependencyManagement>

Spring Boot 3 and Spring Cloud 2022.0.0 integration

Spring Boot 3 and Spring Cloud 2022.0.0 bring many exciting features, requiring some significant changes to Spring Cloud Azure to fully leverage them.

Noteworthy changes in this version

Deprecated API upgrades, Azure/azure-sdk-for-java#31543:
com.azure.spring.cloud.autoconfigure.aad.implementation.oauth2.AadOAuth2AuthenticatedPrincipal class removed
com.azure.spring.cloud.autoconfigure.aad.implementation.webapi.AadOboOAuth2AuthorizedClientProvider class removed
com.azure.spring.cloud.autoconfigure.aad.properties.AadAuthorizationGrantType class removed
com.azure.spring.cloud.autoconfigure.aad.AadJwtBearerTokenAuthenticationConverter class removed
AuthorizationGrantType.PASSWORD no longer supported
com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier#DefaultJWTClaimsVerifier(com.nimbusds.jwt.JWTClaimsSet, java.util.Set<java.lang.String>) method replaces com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier#DefaultJWTClaimsVerifier()
AbstractHttpConfigurer replaces org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
spring-cloud-azure-trace-sleuth artifact removed
Spring Security 6 dependencies upgrades, Azure/azure-sdk-for-java#31808:
org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity annotation replaces org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken class replaces org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken
Class package path updates and API polishing/refinement, including reducing the number of public APIs: #32552, #32582, #32597 , #32616, #32716 .

The following features are planned for future releases:

GraalVM native image**
Spring Data Cosmos DB
App Configuration Config and Feature Management

** Currently available for beta testing, please visit Spring Cloud Azure Native Reachability client library for Java to give it a try.

Stay tuned for updates!

Passwordless connections

Using username/password credentials to access one application from another significantly increases overall risk profile. An unauthorized user can gain access to the application using a connection string accidentally checked into source control, sent through an insecure email, pasted into the wrong chat, or otherwise illegitimately obtained. Updating your application to use passwordless connections provides dramatically improved security.

Passwordless connections for Java applications to Azure databases and eventing services are generally available with Spring Cloud Azure 5.0, enabling you to access services securely without passing usernames and passwords over the wire.

These Azure Services currently support passwordless connections:

Azure Service	Quickstart	Migration guide
Azue Database for MySQL	Spring Data JDBC, Spring Data JPA	Delete passwords and migrate
Azure Database for PostgreSQL	Spring Data JDBC, Spring Data JPA	Delete passwords and migrate
Azure SQL Database	Spring Data JDBC, Spring Data JPA	Delete passwords and migrate
Event Hubs ? Kafka	Spring Cloud Stream Binder for Kafka, Spring Kafka	Delete passwords and migrate
Storage	Storage Blob, Storage Queues	Delete passwords and migrate

Our passwordless journey does not end here. Support for additional Azure services is planned and under development.

Spring Initializr

The Azure Support module in Spring Initializr now supports Spring Boot 3, so you can begin your Spring Cloud Azure 5.0 journey directly from the Spring Initializr.

Documentation

Good documentation is a key part of Spring Cloud Azure. We?ve created a new online resource, Azure for Spring developers, to help Spring developers code, deploy, and scale their Spring applications on Azure. Whether developers are familiar with Spring and unfamiliar with Azure Service or the other way around ? or new to both! ? they can come to this site to learn. Content will be expanded and updated continuously.

In addition, we?ve redesigned the Spring Cloud Azure documentation to help developers more easily find what they need, combined with useful scenarios.

Other bug fixes and feature improvements

Support auto startup for the autoconfigured Service Bus Processor client by enabling new property spring.cloud.azure.servicebus.processor.auto-startup #29997
Provide property spring.cloud.azure.eventhubs.kafka.enabled to enable/disable Spring Cloud Azure OAuth2 support for Event Hubs for Kafka #30574
Support connecting to Azure AD via proxy (NOTE: custom RestTemplateCustomizer bean must be provided) #26493
Support spring-cloud-azure-stream-binder-eventhubs connection to Azure China eventhub #30936
Resolved issues in Spring Cloud Stream Azure Kafka with Managed Identity credential refresh #30719
Removed logged warnings for Kafka passwordless autoconfiguration #31182
Enabled the token authentication converter and Azure AD Resource Server configurer adapter to accept custom JWT granted authorities converter #28665
Deleted properties #32465: spring.jms.servicebus.username,
spring.jms.servicebus.password, spring.jms.servicebus.remote-uri
JacksonHttpSessionOAuth2AuthorizedClientRepository.getAuthorizedClients now returns an unmodifiable Map #31190
RestTemplate used to get access token now contains only the two required converters #31482
RestOperations now properly configured when jwkResolver is null #31218
Fixed duplicated scope parameter #31191
Updated NimbusJwtDecoder to use RestTemplateBuilder instead of RestTemplate #31233
Resolved NoClassDefFoundError for JSONArray #31716
Resolve issues appending spring.main.sources configuration from Spring Cloud Stream Kafka binder #31715

Feedback

Feedback and contributions are always welcome. Please contact us on StackOverflow or GitHub.

Resources

To learn more about Spring Cloud Azure, please visit the following links:

Spring Boot 3 and Spring Cloud 2022.0.0 integration

Noteworthy changes in this version

Passwordless connections

Spring Initializr

Documentation

Other bug fixes and feature improvements

Feedback

Resources

Related Articles

What is a “Continuous Upgrade” Culture and why is it important?

These Months in Spring - May and June, 2024

Announcing Application Engine for Tanzu Platform

Investing in Partner Success

This Month in Spring - April 2024