Spring Framework
Initial release1 October 2002; 20 years ago (2002-10-01)
Stable release
6.0.3[1] Edit this on Wikidata / 15 December 2022; 33 days ago (15 December 2022)
Written inJava
PlatformJava EE
TypeApplication framework
LicenseApache License 2.0
Websitespring.io/projects/spring-framework Edit this on Wikidata

The Spring Framework is an application framework and inversion of control container for the Java platform. The framework's core features can be used by any Java application, but there are extensions for building web applications on top of the Java EE (Enterprise Edition) platform. Although the framework does not impose any specific programming model, it has become popular in the Java community as an addition to the Enterprise JavaBeans (EJB) model. The Spring Framework is open source.

Version history

Version Date Notes
0.9 2003
1.0 March 24, 2004 First production release.
2.0 2006
3.0 2009
4.0 2013
5.0 2017
6.0 November 16, 2022

The first version was written by Rod Johnson, who released the framework with the publication of his book Expert One-on-One J2EE Design and Development in October 2002. The framework was first released under the Apache 2.0 license in June 2003. The first production release, 1.0, was released in March 2004.[2] The Spring 1.2.6 framework won a Jolt productivity award and a JAX Innovation Award in 2006.[3][4] Spring 2.0 was released in October 2006, Spring 2.5 in November 2007, Spring 3.0 in December 2009, Spring 3.1 in December 2011, and Spring 3.2.5 in November 2013.[5] Spring Framework 4.0 was released in December 2013.[6] Notable improvements in Spring 4.0 included support for Java SE (Standard Edition) 8, Groovy 2, some aspects of Java EE 7, and WebSocket.

Spring Boot 1.0 was released in April 2014.[7]

Spring Framework 4.2.0 was released on 31 July 2015 and was immediately upgraded to version 4.2.1, which was released on 01 Sept 2015.[8] It is "compatible with Java 6, 7 and 8, with a focus on core refinements and modern web capabilities".[9]

Spring Framework 4.3 has been released on 10 June 2016 and will be supported until 2020.[10] It "will be the final generation within the general Spring 4 system requirements (Java 6+, Servlet 2.5+), [...]".[9]

Spring 5 is announced to be built upon Reactive Streams compatible Reactor Core.[11]

Spring Framework 6.0 has been released on 16 November 2022 and came with a Java 17+ baseline and a move to Jakarta EE 9+ (in the jakarta namespace), with a focus on the recently released Jakarta EE 10 APIs such as Servlet 6.0 and JPA 3.1.[12]


The Spring Framework includes several modules that provide a range of services:

Inversion of control container (dependency injection)

Central to the Spring Framework is its inversion of control (IoC) container, which provides a consistent means of configuring and managing Java objects using reflection. The container is responsible for managing object lifecycles of specific objects: creating these objects, calling their initialization methods, and configuring these objects by wiring them together.

Objects created by the container are also called managed objects or beans. The container can be configured by loading XML (Extensible Markup Language) files or detecting specific Java annotations on configuration classes. These data sources contain the bean definitions that provide the information required to create the beans.

Objects can be obtained by means of either dependency lookup or dependency injection.[14] Dependency lookup is a pattern where a caller asks the container object for an object with a specific name or of a specific type. Dependency injection is a pattern where the container passes objects by name to other objects, via either constructors, properties, or factory methods.

In many cases one need not use the container when using other parts of the Spring Framework, although using it will likely make an application easier to configure and customize. The Spring container provides a consistent mechanism to configure applications and integrates with almost all Java environments, from small-scale applications to large enterprise applications.

The container can be turned into a partially compliant EJB (Enterprise JavaBeans) 3.0 container by means of the Pitchfork project. Some[who?] criticize the Spring Framework for not complying with standards.[15] However, SpringSource doesn't see EJB 3 compliance as a major goal, and claims that the Spring Framework and the container allow for more powerful programming models.[16] The programmer does not directly create an object, but describes how it should be created, by defining it in the Spring configuration file. Similarly services and components are not called directly; instead a Spring configuration file defines which services and components must be called. This IoC is intended to increase the ease of maintenance and testing.

Aspect-oriented programming framework

The Spring Framework has its own Aspect-oriented programming (AOP) framework that modularizes cross-cutting concerns in aspects. The motivation for creating a separate AOP framework comes from the belief that it should be possible to provide basic AOP features without too much complexity in either design, implementation, or configuration. The Spring AOP framework also takes full advantage of the Spring container.

The Spring AOP framework is proxy pattern-based, and is configured at run time. This removes the need for a compilation step or load-time weaving. On the other hand, interception only allows for public method-execution on existing objects at a join point.

Compared to the AspectJ framework, Spring AOP is less powerful, but also less complicated. Spring 1.2 includes support to configure AspectJ aspects in the container. Spring 2.0 added more integration with AspectJ; for example, the pointcut language is reused and can be mixed with Spring AOP-based aspects. Further, Spring 2.0 added a Spring Aspects library that uses AspectJ to offer common Spring features such as declarative transaction management and dependency injection via AspectJ compile-time or load-time weaving. SpringSource also uses AspectJ AOP in other Spring projects such as Spring Roo and Spring Insight, with Spring Security also offering an AspectJ-based aspect library.

Spring AOP has been designed to make it able to work with cross-cutting concerns inside the Spring Framework. Any object which is created and configured by the container can be enriched using Spring AOP.

The Spring Framework uses Spring AOP internally for transaction management, security, remote access, and JMX.

Since version 2.0 of the framework, Spring provides two approaches to the AOP configuration:

<beans xmlns="http://www.springframework.org/schema/beans"

The Spring team decided not to introduce new AOP-related terminology; therefore, in the Spring reference documentation and API, terms such as aspect, join point, advice, pointcut, introduction, target object (advised object), AOP proxy, and weaving all have the same meanings as in most other AOP frameworks (particularly AspectJ).

Data access framework

Spring's data access framework addresses common difficulties developers face when working with databases in applications. Support is provided for all popular data access frameworks in Java: JDBC, iBatis/MyBatis, Hibernate, Java Data Objects (JDO, discontinued since 5.x), Jakarta Persistence API (JPA), Oracle TopLink, Apache OJB, and Apache Cayenne, among others.

For all of these supported frameworks, Spring provides these features

All these features become available when using template classes provided by Spring for each supported framework. Critics have said these template classes are intrusive and offer no advantage over using (for example) the Hibernate API directly.[19][failed verification] In response, the Spring developers have made it possible to use the Hibernate and JPA APIs directly. This however requires transparent transaction management, as application code no longer assumes the responsibility to obtain and close database resources, and does not support exception translation.

Together with Spring's transaction management, its data access framework offers a flexible abstraction for working with data access frameworks. The Spring Framework doesn't offer a common data access API; instead, the full power of the supported APIs is kept intact. The Spring Framework is the only framework available in Java that offers managed data access environments outside of an application server or container.[20]

While using Spring for transaction management with Hibernate, the following beans may have to be configured:

Other points of configuration include:

Transaction management

Spring's transaction management framework brings an abstraction mechanism to the Java platform. Its abstraction is capable of:

In comparison, Java Transaction API (JTA) only supports nested transactions and global transactions, and requires an application server (and in some cases also deployment of applications in an application server).

The Spring Framework ships a PlatformTransactionManager for a number of transaction management strategies:

Next to this abstraction mechanism the framework also provides two ways of adding transaction management to applications:

Together with Spring's data access framework – which integrates the transaction management framework – it is possible to set up a transactional system through configuration without having to rely on JTA or EJB. The transactional framework also integrates with messaging and caching engines.

Model–view–controller framework

Spring MVC/Web Reactive presentation given by Jürgen Höller
Spring MVC/Web Reactive presentation given by Jürgen Höller

The Spring Framework features its own model–view–controller (MVC) web application framework, which was not originally planned. The Spring developers decided to write their own Web framework as a reaction to what they perceived as the poor design of the (then) popular Jakarta Struts Web framework,[21] as well as deficiencies in other available frameworks. In particular, they felt there was insufficient separation between the presentation and request handling layers, and between the request handling layer and the model.[22]

Like Struts, Spring MVC is a request-based framework. The framework defines strategy interfaces for all of the responsibilities that must be handled by a modern request-based framework. The goal of each interface is to be simple and clear so that it's easy for Spring MVC users to write their own implementations, if they so choose. MVC paves the way for cleaner front end code. All interfaces are tightly coupled to the Servlet API. This tight coupling to the Servlet API is seen by some as a failure on the part of the Spring developers to offer a high-level abstraction for Web-based applications[citation needed]. However, this coupling makes sure that the features of the Servlet API remain available to developers while also offering a high abstraction framework to ease working with it.

The DispatcherServlet class is the front controller[23] of the framework and is responsible for delegating control to the various interfaces during the execution phases of an HTTP request.

The most important interfaces defined by Spring MVC, and their responsibilities, are listed below:

Each strategy interface above has an important responsibility in the overall framework. The abstractions offered by these interfaces are powerful, so to allow for a set of variations in their implementations, Spring MVC ships with implementations of all these interfaces and together offers a feature set on top of the Servlet API. However, developers and vendors are free to write other implementations. Spring MVC uses the Java java.util.Map interface as a data-oriented abstraction for the Model where keys are expected to be string values.

The ease of testing the implementations of these interfaces seems one important advantage of the high level of abstraction offered by Spring MVC. DispatcherServlet is tightly coupled to the Spring inversion of control container for configuring the web layers of applications. However, web applications can use other parts of the Spring Framework—including the container—and choose not to use Spring MVC.

A workflow of Spring MVC

When a user clicks a link or submits a form in their web-browser, the request goes to Spring DispatcherServlet. DispatcherServlet is a front-controller in spring MVC. It consults one or more handler mappings. DispatcherServlet chooses an appropriate controller and forwards the request to it. The Controller processes the particular request and generates a result. It is known as Model. This information needs to be formatted in html or any front-end technology like JSP. This is the View of an application. All of the information is in the MODEL And VIEW object. When the controller is not coupled to a particular view, DispatcherServlet finds the actual JSP with the help of ViewResolver.

Configuration of DispatcherServlet

DispatcherServlet must be configured in web.xml



Remote access framework

Spring's Remote Access framework is an abstraction for working with various RPC (remote procedure call)-based technologies available on the Java platform both for client connectivity and marshalling objects on servers. The most important feature offered by this framework is to ease configuration and usage of these technologies as much as possible by combining inversion of control and AOP.

The framework also provides fault-recovery (automatic reconnection after connection failure) and some optimizations for client-side use of EJB remote stateless session beans.

Spring provides support for these protocols and products out of the box

Apache CXF provides integration with the Spring Framework for RPC-style exporting of objects on the server side.

Both client and server setup for all RPC-style protocols and products supported by the Spring Remote access framework (except for the Apache Axis support) is configured in the Spring Core container.

There is alternative open-source implementation (Cluster4Spring) of a remoting subsystem included into Spring Framework that is intended to support various schemes of remoting (1-1, 1-many, dynamic services discovering)...

Convention-over-configuration rapid application development

Further information: rapid application development

Spring Boot

Spring Boot Extension is Spring's convention-over-configuration solution for creating stand-alone, production-grade Spring-based Applications that you can "just run".[24] It is preconfigured with the Spring team's "opinionated view" of the best configuration and use of the Spring platform and third-party libraries so you can get started with minimum fuss. Most Spring Boot applications need very little Spring configuration.

Key Features:

Spring Roo

Spring Roo is a community project which provides an alternative, code-generation based approach at using convention-over-configuration to rapidly build applications in Java. It currently supports Spring Framework, Spring Security and Spring Web Flow. Roo differs from other rapid application development frameworks by focusing on:

Batch framework

Spring Batch is a framework for batch processing that provides reusable functions that are essential in processing large volumes of records, including:

It also provides more advanced technical services and features that will enable extremely high-volume and high performance batch jobs through optimizations and partitioning techniques. Spring Batch executes a series of jobs; a job consists of many steps and each step consists of a READ-PROCESS-WRITE task or single operation task (tasklet).

The "READ-PROCESS-WRITE" process consists of these steps: "read" data from a resource (comma-separated values (CSV), XML, or database), "process" it, then "write" it to other resources (CSV, XML, or database). For example, a step may read data from a CSV file, process it, and write it into the database. Spring Batch provides many classes to read/write CSV, XML, and database.

For a "single" operation task (tasklet), it means doing a single task only, like clean up the resources before or after a step is started or completed.

The steps can be chained together to run as a job.

Integration framework

Spring Integration is a framework for Enterprise application integration that provides reusable functions essential to messaging or event-driven architectures.

Spring Integration supports pipe-and-filter based architectures.

Spring4Shell vulnerability

As any other piece of software, Spring can have some vulnerabilities. One of them (CVE-2022-22965) was named "Spring4Shell", similar to Log4Shell.[26]

See also


  1. ^ https://github.com/spring-projects/spring-framework/releases/tag/v6.0.3.
  2. ^ "Spring Framework 1.0 Final Released". Official Spring Framework blog. 24 March 2014. Retrieved 1 March 2021.
  3. ^ Jolt winners 2006
  4. ^ "JAX Innovation Award Gewinner 2006". Archived from the original on 2009-08-17. Retrieved 2009-08-12.
  5. ^ "Spring Framework 3.2.5 Released". Official Spring website. 7 Nov 2013. Retrieved 16 October 2016.
  6. ^ "Announcing Spring Framework 4.0 GA Release". Spring blog. 12 December 2013.
  7. ^ "Spring Boot v1.0.0.RELEASE". github.com.
  8. ^ "Spring Framework 4.2 goes GA". Spring Blog. 31 July 2015.
  9. ^ a b "Spring Framework 4.2 goes GA". Spring Blog.
  10. ^ "Upgrading to Spring Framework 5.x". github.com.
  11. ^ "Reactive Spring". Spring Blog. 9 February 2016.
  12. ^ "Spring Framework 6.0 goes GA". Spring Blog. 16 November 2022.
  13. ^ Spring Framework documentation for the Core Container
  14. ^ What is the difference between the depencylookup and dependency injection - Spring Forum. Forum.springsource.org (2009-10-28). Retrieved on 2013-11-24.
  15. ^ Spring VS EJB3
  16. ^ "Pitchfork FAQ". Retrieved 2006-06-06.
  17. ^ Spring AOP XML Configuration
  18. ^ AspectJ Annotation Configuration
  19. ^ Hibernate VS Spring
  20. ^ "Spring Data JPA for Abstraction of Queries". Retrieved 2018-02-06.
  21. ^ Introduction to the Spring Framework
  22. ^ Johnson, Expert One-on-One J2EE Design and Development, Ch. 12. et al.
  23. ^ Patterns of Enterprise Application Architecture: Front Controller
  24. ^ "Spring Boot". spring.io.
  25. ^ "About Spring Boot". Retrieved 2020-03-18.
  26. ^ "Spring4Shell: critical vulnerability in Spring - Kaspersky official blog".