How can you specify that a bean should be injected with a specific qualifier when there are multiple candidates?
- Using the @Qualifier annotation.
- By using the @Inject annotation.
- Utilizing the @Autowired annotation.
- By configuring the application.properties file.
You can specify that a bean should be injected with a specific qualifier when there are multiple candidates by using the @Qualifier annotation in Spring. This annotation helps Spring identify which candidate bean should be injected into the target. The other options, such as @Inject and @Autowired, are used for dependency injection but do not directly deal with qualifier-based injection. The application.properties file is typically used for configuration and not for specifying bean injection.
The _____ plugin in a Spring Boot project's build file allows creating an executable JAR or WAR file.
- boot-executable
- executable-jar
- spring-boot-maven-plugin
- spring-war
In a Spring Boot project, you use the spring-boot-maven-plugin to create an executable JAR or WAR file. This plugin provides features like packaging your application with all its dependencies and specifying the main class to run when the JAR is executed. It simplifies the process of creating self-contained, executable Spring Boot applications.
How would you implement a custom error response structure when an exception occurs in a Spring Boot application?
- By modifying the default Spring Boot error page.
- By overriding the handleException method in a custom exception handler class.
- By configuring a custom ErrorAttributes bean to control the error response structure.
- By using the @ControllerAdvice annotation without customization.
To implement a custom error response structure in Spring Boot when an exception occurs, you can configure a custom ErrorAttributes bean. This bean allows you to control the error response structure. The other options don't provide a direct mechanism for customizing the error response structure.
In Spring Boot, when testing service layer components, the _____ annotation can be used to avoid loading the complete ApplicationContext.
- @DataJpaTest
- @MockBean
- @ServiceTest
- @SpringBootTest
When testing service layer components in Spring Boot, you can use the @MockBean annotation to mock dependencies and avoid loading the complete ApplicationContext. This helps in isolating the unit under test.
What is the purpose of password encoding in Spring Security?
- To enhance user experience
- To obfuscate the password
- To prevent password exposure
- To validate user credentials
The purpose of password encoding in Spring Security is to prevent password exposure. Storing passwords in plaintext is a security risk, so Spring Security encourages password encoding (hashing) to store passwords securely. This way, even if the password database is compromised, attackers cannot easily retrieve the original passwords. Password encoding is not meant to obfuscate passwords but to securely store them and prevent unauthorized access to plaintext passwords.
Which of the following is a true statement about transaction management in Spring Data JPA?
- Spring Data JPA automatically manages transactions when using the @Repository annotation.
- Transaction management is not supported in Spring Data JPA.
- Developers need to manually configure transactions for Spring Data JPA repositories.
- Spring Data JPA only supports read-only transactions.
Transaction management in Spring Data JPA requires manual configuration. Spring Data JPA doesn't automatically manage transactions. Developers typically use the @Transactional annotation or XML-based configuration to specify transaction boundaries for methods in their repositories. The other options are not accurate; Spring Data JPA can handle both read and write transactions, and it does not require manual configuration for all repositories.
In a Spring Boot application, which annotation is primarily used to mark a method as cacheable?
- @CacheConfig
- @CacheEvict
- @CachePut
- @Cacheable
In a Spring Boot application, the @Cacheable annotation is primarily used to mark a method as cacheable. When this annotation is applied to a method, the results of that method are cached, and subsequent calls with the same parameters will retrieve the cached result instead of executing the method again. The other annotations may be used for cache-related operations, but @Cacheable is specifically for marking cacheable methods.
How does Spring Security handle password encoding by default?
- Spring Security does not handle password encoding by default.
- It uses BCrypt password encoding by default.
- It uses MD5 password encoding by default.
- It uses plain text storage for passwords by default.
By default, Spring Security handles password encoding using BCrypt. BCrypt is a secure and commonly used password hashing algorithm that helps protect user passwords. Spring Security's default behavior is to use BCrypt encoding to securely store and verify passwords, enhancing the security of user authentication. The other options are not the default mechanisms used by Spring Security for password encoding.
In a Spring Boot application, the _____ annotation is used to demarcate transaction boundaries.
- @Autowired
- @Component
- @Service
- @Transactional
In a Spring Boot application, the @Transactional annotation is used to demarcate transaction boundaries. It is applied to methods, indicating that the method should be wrapped in a transaction, ensuring that either all operations within the method succeed or none of them do. This is crucial for maintaining data consistency in the database.
How does the @PreAuthorize annotation in Spring Security differ from the @Secured annotation in terms of the conditions that can be applied?
- @PreAuthorize allows for complex SpEL (Spring Expression Language) expressions for fine-grained control
- @PreAuthorize is deprecated, and @Secured should be used
- @PreAuthorize only works with roles while @Secured allows for custom conditions
- @Secured is more powerful than @PreAuthorize
The @PreAuthorize annotation in Spring Security allows for complex SpEL expressions to define fine-grained access control conditions. This means you can use expressions involving multiple variables and logic, making it more versatile than @Secured, which primarily works with roles.