What is Spring Boot and how is it different from Spring Framework?

Spring Framework is a comprehensive Java application framework providing dependency injection, AOP, data access, MVC, and more. Spring Boot is an opinionated layer on top of Spring that provides auto-configuration, embedded servers (Tomcat/Jetty), production-ready features, and starter dependencies — eliminating most boilerplate XML configuration. With Spring Boot you can go from zero to a running REST API in minutes.

What are Spring Boot starters?

Spring Boot starters are curated dependency descriptors that bundle commonly used libraries together. For example, spring-boot-starter-web includes Spring MVC, Jackson (JSON), and an embedded Tomcat server. spring-boot-starter-data-jpa includes Hibernate, Spring Data JPA, and JDBC. Starters eliminate the need to manually manage compatible library versions.

How does Spring Boot auto-configuration work?

Spring Boot scans the classpath and automatically configures beans based on what libraries are present. For example, if H2 is on the classpath it auto-configures an in-memory datasource. Auto-configuration classes are loaded via spring.factories (or AutoConfiguration.imports in Spring Boot 3) and each is conditional — only activating when specific classes or properties are present. You can override any auto-configured bean by defining your own.

What is the difference between @Component, @Service, and @Repository?

@Component is the generic stereotype for any Spring-managed bean. @Service is a specialization of @Component for the service layer — semantically it means the class holds business logic. @Repository is a specialization for the data access layer — it also enables automatic exception translation, converting database-specific exceptions to Spring's DataAccessException hierarchy. All three enable classpath scanning and dependency injection.

How do I implement JWT authentication in Spring Boot?

Add spring-boot-starter-security and the java-jwt (Auth0) or jjwt library. Create a JwtUtil class to generate and validate tokens. Implement UserDetailsService to load user data. Write a JwtAuthenticationFilter that extends OncePerRequestFilter to extract and validate the Bearer token. Configure SecurityFilterChain to add the filter before UsernamePasswordAuthenticationFilter and configure which endpoints are public vs protected.

What is Spring Data JPA and how does it simplify database access?

Spring Data JPA provides repository abstractions that eliminate boilerplate CRUD code. Extend JpaRepository to get save, findById, findAll, delete, and count for free. Define query methods by naming convention (e.g., findByEmailAndActiveTrue) and Spring generates the SQL automatically. Use @Query for custom JPQL or native SQL. Spring Data also supports pagination and sorting via Pageable.

How do I handle exceptions globally in Spring Boot?

Use @ControllerAdvice (or @RestControllerAdvice) with @ExceptionHandler methods. Create a GlobalExceptionHandler class, annotate it with @RestControllerAdvice, and add methods annotated with @ExceptionHandler(SpecificException.class) returning ResponseEntity with appropriate HTTP status codes and error response bodies. This centralizes error handling instead of repeating try-catch blocks in every controller.

How do I deploy a Spring Boot application with Docker?

Build a JAR with mvn package or gradle build, then write a Dockerfile: use eclipse-temurin:21-jre as base, COPY the JAR, set ENTRYPOINT ["java","-jar","app.jar"]. For production use multi-stage builds — build stage uses maven:3.9-eclipse-temurin-21 to compile, runtime stage copies only the JAR. Spring Boot 3.1+ supports buildpacks natively: run ./mvnw spring-boot:build-image to create an OCI image without a Dockerfile.

Spring Boot完整指南：REST API、Spring Data JPA、Security、Actuator和Docker

TL;DR — Spring Boot 快速参考

Spring Boot 是一个固执己见的 Java 框架，消除了配置样板代码。在 pom.xml 中添加 starter，用 @SpringBootApplication 注解主类并运行即可。使用 @RestController + @GetMapping/@PostMapping 构建 REST API，使用 JpaRepository 进行 CRUD 数据库访问，使用 spring-boot-starter-security 保护端点，使用 Actuator（/actuator/health）监控应用，使用 @SpringBootTest + MockMvc 测试，打包为 fat JAR 后通过 java -jar app.jar 运行。

什么是 Spring Boot？

Spring Boot 是基于 Spring Framework 构建的固执己见的 Java 框架，让创建独立的、生产级 Java 应用变得极为简单。Spring Boot 的核心理念是"合理的默认值"—— 当你添加 spring-boot-starter-web 时，它会自动配置嵌入式 Tomcat、Spring MVC 和 JSON 序列化，无需任何 XML 配置。

Spring Boot 3.x（需要 Java 17+）是当前主版本，带来了通过 GraalVM 的原生编译支持、改进的可观测性以及完整的 Jakarta EE 10 兼容性。它为 Netflix、Airbnb、LinkedIn 以及全球数千家企业提供支持。

核心要点

Spring Boot 根据类路径依赖自动配置 Bean，无需 XML。
Starters 捆绑兼容的库版本：spring-boot-starter-web、spring-boot-starter-data-jpa 等。
@SpringBootApplication 组合了 @Configuration、@EnableAutoConfiguration 和 @ComponentScan。
依赖注入优先使用构造函数注入；单构造函数 Bean 的 @Autowired 是可选的。
Spring Data JPA 仓库消除了 CRUD 样板代码——继承 JpaRepository 即可免费获得 15+ 个方法。
Spring Security 集成 JWT 和 OAuth2；使用 SecurityFilterChain Bean 进行配置。
Actuator 在 /actuator/* 暴露健康、指标和管理端点。
打包为 fat JAR 可部署到任何 Java 运行环境，或使用 Docker 容器化。

依赖注入：@Component、@Service、@Repository、@Autowired

Spring 的 IoC（控制反转）容器管理对象的创建和装配。使用注解标记类，Spring 就可以发现并注入它们。

// @Component — 通用 Spring 托管 Bean
@Component
public class EmailValidator {
    public boolean isValid(String email) {
        return email.contains("@");
    }
}

// @Service — 业务逻辑层
@Service
public class UserService {
    private final UserRepository userRepository;

    // 构造函数注入（推荐）
    public UserService(UserRepository userRepository) {
        this.userRepository = userRepository;
    }
}

// @Repository — 数据访问层（自动异常转换）
@Repository
public interface UserRepository extends JpaRepository<User, Long> {
    Optional<User> findByEmail(String email);
}

Spring MVC：控制器与 REST API

@RestController 组合了 @Controller 和 @ResponseBody，所有方法返回的数据会直接序列化为 JSON 响应体。

@RestController
@RequestMapping("/api/v1/users")
public class UserController {

    private final UserService userService;

    public UserController(UserService userService) {
        this.userService = userService;
    }

    @GetMapping
    public ResponseEntity<List<UserDto>> getAllUsers() {
        return ResponseEntity.ok(userService.findAll());
    }

    @GetMapping("/{id}")
    public ResponseEntity<UserDto> getUserById(@PathVariable Long id) {
        return ResponseEntity.ok(userService.findById(id));
    }

    @PostMapping
    public ResponseEntity<UserDto> createUser(@Valid @RequestBody CreateUserRequest req) {
        return ResponseEntity.status(HttpStatus.CREATED).body(userService.create(req));
    }

    @DeleteMapping("/{id}")
    public ResponseEntity<Void> deleteUser(@PathVariable Long id) {
        userService.delete(id);
        return ResponseEntity.noContent().build();
    }
}

Spring Data JPA

定义带 JPA 注解的实体，继承 JpaRepository，即可零代码获得完整的 CRUD 操作和分页排序功能。

@Entity
@Table(name = "users")
public class User {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;

    @Column(nullable = false)
    private String name;

    @Column(nullable = false, unique = true)
    private String email;

    @CreationTimestamp
    private LocalDateTime createdAt;
    // 构造函数、getter、setter...
}

// 仓库接口 — Spring 自动生成实现
public interface UserRepository extends JpaRepository<User, Long> {
    Optional<User> findByEmail(String email);
    List<User> findByActiveTrue();
    Page<User> findAll(Pageable pageable);

    @Query("SELECT u FROM User u WHERE u.role = :role")
    List<User> findByRole(@Param("role") UserRole role);
}

全局异常处理

使用 @RestControllerAdvice 集中处理异常，避免在每个控制器中重复 try-catch 代码块。

@RestControllerAdvice
public class GlobalExceptionHandler {

    @ExceptionHandler(ResourceNotFoundException.class)
    public ResponseEntity<ApiError> handleNotFound(
            ResourceNotFoundException ex, HttpServletRequest request) {
        ApiError error = new ApiError(
            404, "Not Found", ex.getMessage(),
            request.getRequestURI(), LocalDateTime.now()
        );
        return ResponseEntity.status(HttpStatus.NOT_FOUND).body(error);
    }

    @ExceptionHandler(MethodArgumentNotValidException.class)
    public ResponseEntity<Map<String, Object>> handleValidation(
            MethodArgumentNotValidException ex) {
        Map<String, String> fieldErrors = new HashMap<>();
        ex.getBindingResult().getFieldErrors().forEach(error ->
            fieldErrors.put(error.getField(), error.getDefaultMessage())
        );
        return ResponseEntity.badRequest().body(Map.of(
            "status", 400,
            "fields", fieldErrors
        ));
    }
}

Spring Security 与 JWT

Spring Security 6 使用基于 Lambda 的 SecurityFilterChain 配置。实现 JWT 认证需要：JWT 工具类、认证过滤器、安全配置以及认证控制器。

@Configuration
@EnableWebSecurity
public class SecurityConfig {

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http,
            JwtAuthFilter jwtAuthFilter) throws Exception {
        http
            .csrf(csrf -> csrf.disable())
            .sessionManagement(session ->
                session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
            .authorizeHttpRequests(auth -> auth
                .requestMatchers("/api/v1/auth/**").permitAll()
                .requestMatchers("/actuator/health").permitAll()
                .requestMatchers("/api/v1/admin/**").hasRole("ADMIN")
                .anyRequest().authenticated()
            )
            .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);

        return http.build();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder(12);
    }
}

Spring Boot Actuator 监控

Actuator 提供生产就绪的端点，用于健康检查、指标、环境信息等，并与 Prometheus 和 Micrometer 原生集成。

# 常用 Actuator 端点
GET /actuator/health         # 健康状态
GET /actuator/info           # 应用信息
GET /actuator/metrics        # 所有指标列表
GET /actuator/prometheus     # Prometheus 格式指标
GET /actuator/env            # 环境属性
GET /actuator/loggers        # 当前日志级别

测试：JUnit 5 与 MockMvc

// 控制器切片测试 — 只加载 Web 层
@WebMvcTest(UserController.class)
@AutoConfigureMockMvc(addFilters = false)
class UserControllerTest {

    @Autowired
    private MockMvc mockMvc;

    @MockBean
    private UserService userService;

    @Test
    void getUser_返回200() throws Exception {
        UserDto user = new UserDto(1L, "张三", "zhang@example.com", LocalDateTime.now());
        when(userService.findById(1L)).thenReturn(user);

        mockMvc.perform(get("/api/v1/users/1"))
            .andExpect(status().isOk())
            .andExpect(jsonPath("$.name").value("张三"));
    }
}

Docker 部署

# 多阶段 Dockerfile
FROM maven:3.9-eclipse-temurin-21 AS builder
WORKDIR /app
COPY pom.xml .
RUN mvn dependency:go-offline -q
COPY src ./src
RUN mvn package -DskipTests -q

FROM eclipse-temurin:21-jre-jammy
WORKDIR /app
COPY --from=builder /app/target/*.jar app.jar
RUN addgroup --system appgroup && adduser --system --ingroup appgroup appuser
USER appuser
EXPOSE 8080
ENTRYPOINT ["java", "-XX:+UseContainerSupport", "-jar", "app.jar"]

总结

Spring Boot 是 2026 年主流的 Java 后端框架，凭借自动配置、完善的生态系统、成熟的安全模型和完整的测试支持，成为企业 Java 开发的首选。

进阶方向：Spring Cloud Gateway（API 网关）、Spring Batch（批量数据处理）、Spring WebFlux（响应式编程）以及 Spring Cloud（微服务模式：服务发现 Eureka、配置中心 Config Server、熔断器 Resilience4j）。

Spring Boot完整指南：REST API、Spring Data JPA、Security、Actuator和Docker

什么是 Spring Boot？

依赖注入：@Component、@Service、@Repository、@Autowired

Spring MVC：控制器与 REST API

Spring Data JPA

全局异常处理

Spring Security 与 JWT

Spring Boot Actuator 监控

测试：JUnit 5 与 MockMvc

Docker 部署

总结

保持更新

试试这些相关工具

相关文章

NestJS完整指南：模块、控制器、服务、依赖注入、TypeORM、JWT认证和测试

API设计指南：REST最佳实践、OpenAPI、认证、分页和缓存

数据库设计指南：范式化、ERD、索引、SQL vs NoSQL和性能优化