Java Spring Boot 3.x 开发指南：REST API、安全配置、数据访问与监控

java-spring-boot by pluginagentmarketplace/custom-plugin-java

5,400 周安装量

27 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/pluginagentmarketplace/custom-plugin-java --skill java-spring-boot

开发开发运维安全

🇨🇳中文介绍

Java Spring Boot Skill

使用现代最佳实践构建生产就绪的 Spring Boot 应用程序。

概述

本技能涵盖 Spring Boot 开发，包括 REST API、安全配置、数据访问、Actuator 监控和云集成。遵循 Spring Boot 3.x 模式，重点关注生产就绪性。

何时使用此技能

在需要以下功能时使用：

使用 Spring MVC/WebFlux 创建 REST API
配置 Spring Security（OAuth2、JWT）
使用 Spring Data 设置数据库访问
启用 Actuator 监控
与 Spring Cloud 集成

涵盖主题

Spring Boot 核心

自动配置和启动器
应用程序属性和配置文件
Bean 生命周期和配置
DevTools 和热重载

REST API 开发

@RestController 和 @RequestMapping
请求/响应处理
使用 Bean Validation 进行验证
使用 @ControllerAdvice 进行异常处理

Spring Security

SecurityFilterChain 配置
OAuth2 和 JWT 身份验证
方法安全（@PreAuthorize）
CORS 和 CSRF 配置

Spring Data JPA

仓库模式
查询方法和 @Query
分页和排序
审计和事务

Actuator 和监控

健康检查和探针
使用 Micrometer 的指标
自定义端点
Prometheus 集成

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

相关 Skills

find-skills 技能搜索工具 - Vercel Labs 开源智能体技能包管理器

733,500 周安装

Vercel React 最佳实践指南 | 58条Next.js性能优化规则与代码重构

252,100 周安装

Vercel Web界面规范检查工具 - 自动检测代码是否符合Web设计指南

202,600 周安装

agent-browser 浏览器自动化工具 - Vercel Labs 命令行网页操作与测试

133,200 周安装

// REST Controller
@RestController
@RequestMapping("/api/users")
@Validated
public class UserController {

    @GetMapping("/{id}")
    public ResponseEntity<User> getUser(@PathVariable Long id) {
        return userService.findById(id)
            .map(ResponseEntity::ok)
            .orElse(ResponseEntity.notFound().build());
    }

    @PostMapping
    public ResponseEntity<User> createUser(@Valid @RequestBody UserRequest request) {
        User user = userService.create(request);
        URI location = URI.create("/api/users/" + user.getId());
        return ResponseEntity.created(location).body(user);
    }
}

// Security Configuration
@Configuration
@EnableWebSecurity
public class SecurityConfig {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http
            .csrf(csrf -> csrf.disable())
            .sessionManagement(s -> s.sessionCreationPolicy(STATELESS))
            .authorizeHttpRequests(auth -> auth
                .requestMatchers("/actuator/health/**").permitAll()
                .requestMatchers("/api/public/**").permitAll()
                .anyRequest().authenticated())
            .oauth2ResourceServer(oauth2 -> oauth2.jwt(Customizer.withDefaults()))
            .build();
    }
}

// Exception Handler
@RestControllerAdvice
public class GlobalExceptionHandler {

    @ExceptionHandler(EntityNotFoundException.class)
    public ProblemDetail handleNotFound(EntityNotFoundException ex) {
        return ProblemDetail.forStatusAndDetail(NOT_FOUND, ex.getMessage());
    }
}

问题	原因	解决方案
Bean 未找到	缺少 @Component	添加注解或 @Bean
循环依赖	构造函数注入	使用 @Lazy 或重构
401 未授权	安全配置	检查 permitAll 路径
启动缓慢	繁重的自动配置	排除未使用的启动器

🇺🇸English

Java Spring Boot Skill

Build production-ready Spring Boot applications with modern best practices.

Overview

This skill covers Spring Boot development including REST APIs, security configuration, data access, actuator monitoring, and cloud integration. Follows Spring Boot 3.x patterns with emphasis on production readiness.

When to Use This Skill

Use when you need to:

Create REST APIs with Spring MVC/WebFlux
Configure Spring Security (OAuth2, JWT)
Set up database access with Spring Data
Enable monitoring with Actuator
Integrate with Spring Cloud

Topics Covered

Spring Boot Core

Auto-configuration and starters
Application properties and profiles
Bean lifecycle and configuration
DevTools and hot reload

REST API Development

@RestController and @RequestMapping
Request/response handling
Validation with Bean Validation
Exception handling with @ControllerAdvice

Spring Security

SecurityFilterChain configuration
OAuth2 and JWT authentication
Method security (@PreAuthorize)
CORS and CSRF configuration

Spring Data JPA

Repository pattern
Query methods and @Query
Pagination and sorting
Auditing and transactions

Actuator & Monitoring

Health checks and probes
Metrics with Micrometer
Custom endpoints
Prometheus integration

Quick Reference

// REST Controller
@RestController
@RequestMapping("/api/users")
@Validated
public class UserController {

    @GetMapping("/{id}")
    public ResponseEntity<User> getUser(@PathVariable Long id) {
        return userService.findById(id)
            .map(ResponseEntity::ok)
            .orElse(ResponseEntity.notFound().build());
    }

    @PostMapping
    public ResponseEntity<User> createUser(@Valid @RequestBody UserRequest request) {
        User user = userService.create(request);
        URI location = URI.create("/api/users/" + user.getId());
        return ResponseEntity.created(location).body(user);
    }
}

// Security Configuration
@Configuration
@EnableWebSecurity
public class SecurityConfig {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http
            .csrf(csrf -> csrf.disable())
            .sessionManagement(s -> s.sessionCreationPolicy(STATELESS))
            .authorizeHttpRequests(auth -> auth
                .requestMatchers("/actuator/health/**").permitAll()
                .requestMatchers("/api/public/**").permitAll()
                .anyRequest().authenticated())
            .oauth2ResourceServer(oauth2 -> oauth2.jwt(Customizer.withDefaults()))
            .build();
    }
}

// Exception Handler
@RestControllerAdvice
public class GlobalExceptionHandler {

    @ExceptionHandler(EntityNotFoundException.class)
    public ProblemDetail handleNotFound(EntityNotFoundException ex) {
        return ProblemDetail.forStatusAndDetail(NOT_FOUND, ex.getMessage());
    }
}

Configuration Templates

# application.yml
spring:
  application:
    name: ${APP_NAME:my-service}
  profiles:
    active: ${SPRING_PROFILES_ACTIVE:local}
  jpa:
    open-in-view: false
    properties:
      hibernate:
        jdbc.batch_size: 50

management:
  endpoints:
    web:
      exposure:
        include: health,info,metrics,prometheus
  endpoint:
    health:
      probes:
        enabled: true

server:
  error:
    include-stacktrace: never

Common Patterns

Layer Architecture

Controller → Service → Repository → Database
     ↓           ↓          ↓
   DTOs      Entities    Entities

Validation Patterns

public record CreateUserRequest(
    @NotBlank @Size(max = 100) String name,
    @Email @NotBlank String email,
    @NotNull @Min(18) Integer age
) {}

Troubleshooting

Common Issues

Problem	Cause	Solution
Bean not found	Missing @Component	Add annotation or @Bean
Circular dependency	Constructor injection	Use @Lazy or refactor
401 Unauthorized	Security config	Check permitAll paths
Slow startup	Heavy auto-config	Exclude unused starters

Debug Properties

debug=true
logging.level.org.springframework.security=DEBUG
spring.jpa.show-sql=true

Debug Checklist

□ Check /actuator/conditions
□ Verify active profiles
□ Review security filter chain
□ Check bean definitions
□ Test health endpoints

Usage

Skill("java-spring-boot")

Related Skills

java-testing - Spring test patterns
java-jpa-hibernate - Data access

Weekly Installs

4.9K

Repository

pluginagentmark…gin-java

GitHub Stars

First Seen

Jan 21, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass

Installed on

claude-code3.8K

opencode1.7K

gemini-cli1.6K

codex1.6K

github-copilot1.5K

kimi-cli1.3K

Java Spring Boot 3.x 开发指南：REST API、安全配置、数据访问与监控

🇨🇳中文介绍

Java Spring Boot Skill

概述

何时使用此技能

涵盖主题

Spring Boot 核心

REST API 开发

Spring Security

Spring Data JPA

Actuator 和监控

相关 Skills

快速参考

配置模板

常见模式

分层架构

验证模式

故障排除

常见问题

调试属性

调试检查清单

使用方式

相关技能

🇺🇸English

Java Spring Boot Skill

Overview

When to Use This Skill

Topics Covered

Spring Boot Core

REST API Development

Spring Security

Spring Data JPA

Actuator & Monitoring

Quick Reference

Configuration Templates

Common Patterns

Layer Architecture

Validation Patterns

Troubleshooting

Common Issues

Debug Properties

Debug Checklist

Usage

Related Skills

最新 Skills