Migrating to Spring Boot 3

Two years after the official release of Spring Boot 3, you’ve decided to migrate your application. It’s important to note that you will need to upgrade your Java version to at least Java 17, as well as upgrade to Spring Framework 6.0 and Spring Security 6. These are the minimum requirements for the migration

According to the official migration guide, it’s recommended to upgrade from the latest version of Spring Boot 2.7 to version 3. This is due to the significant changes between major versions. So, if your application is running on a version older than 2.7, you’ll need to first upgrade to 2.7 before migrating to version 3

Migrating to a new major version of a core platform like Spring Boot can come with unexpected challenges. Here are a few key changes to watch for in your application to help minimize errors during both compilation and runtime.

1. Renaming of the javax to jakarta.
Spring Boot 3 uses Jakarta EE 10, which includes updates to the Servlet and JPA specifications. One major change is the renaming of packages from javax to jakarta, except for the javax.crypto package, which was not migrated. As part of the migration, you will need to update all import statements in your application from javax to jakarta. Additionally, you may need to upgrade any libraries you’re using that still reference javax, to their latest versions that include the Jakarta refactoring.

2. If you’re using Feign Client, Spring Cloud, and OAuth2 for (internal) HTTP communication with autoconfiguration, you will need to update the configuration in your properties file as follows:

spring.cloud.openfeign.oauth2.enabled: true
spring.cloud.openfeign.oauth2.clientRegistrationId: yourClientId

2. Deprecation of antMatchers, requestMatchers and mvcMatchers
To retain the old behavior of ant-style path matching, especially for how Spring Security resolves paths with wildcards (e.g., /greetings/**/summary/**), you need to explicitly set the matching strategy to ANT. You can do this by adding the following to your application properties:

spring.mvc.pathmatch.matching-strategy=ANT_PATH_MATCHER

You can also refactor your security configuration to use the AntPathRequestMatcher class instead.
Other related migration details are described here – https://docs.spring.io/spring-security/reference/5.8/migration/servlet/config.html

4. TrailingSlashMatch is now set to false by default
The implication of this change is that URLs like /greetings/today/ and /greetings/today will no longer resolve to the same target. The former (/greetings/today/) will result in a 404 error. However, if you want to preserve this behavior without refactoring your endpoints, you can add the following configuration to your project:

@Configuration
public class UrlFilterConfig implements WebMvcConfigurer {
@Override
public void configurePathMatch(PathMatchConfigurer configurer){
configurer.setUseTrailingSlashMatch(true);
}
}

5. There are several configuration changes in other Spring projects like Actuator, Data, and Management in Spring Boot 3. Some properties have been renamed or removed, so you will need to adjust your configurations accordingly. It’s important to review the updated documentation for these projects to ensure that any old configuration properties are replaced with the new ones, and that your application continues to function smoothly. This might involve modifying your application.properties or application.yml files to reflect the latest changes.

Make sure to check the migration guides for each of these projects to identify any other specific updates or required actions.