Differences Between Spring and Spring Boot: Configuration, MVC, Security, and Deployment
This article explains the fundamental differences between Spring and Spring Boot, covering their core concepts, configuration methods, MVC setup, template engine integration, security configuration, bootstrapping mechanisms, and packaging/deployment options, with detailed code examples for each aspect.
Spring is a comprehensive Java framework that provides infrastructure support such as dependency injection and a wide range of modules (JDBC, MVC, Security, AOP, ORM, Test) to simplify application development.
Spring Boot is an extension of Spring that eliminates the need for extensive XML configuration, offering embedded containers, starter dependencies, auto‑configuration, production‑ready metrics and externalized configuration.
Typical Maven dependencies for a plain Spring web application require multiple <dependency> entries, for example:
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>5.1.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.1.0.RELEASE</version>
</dependency>Spring Boot reduces this to a single starter dependency:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<version>2.0.6.RELEASE</version>
</dependency>For traditional Spring MVC configuration you must define a DispatcherServlet in web.xml or implement a WebApplicationInitializer as shown below:
public class MyWebAppInitializer implements WebApplicationInitializer {
@Override
public void onStartup(ServletContext container) {
AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
context.setConfigLocation("com.pingfangushi");
container.addListener(new ContextLoaderListener(context));
ServletRegistration.Dynamic dispatcher = container.addServlet("dispatcher", new DispatcherServlet(context));
dispatcher.setLoadOnStartup(1);
dispatcher.addMapping("/");
}
}Spring Boot configures MVC automatically; you only need to set view properties in application.properties (e.g., spring.mvc.view.prefix=/WEB-INF/jsp/ and spring.mvc.view.suffix=.jsp).
Thymeleaf template engine configuration differs as well. In Spring you must declare a resolver and engine beans:
@Configuration
@EnableWebMvc
public class MvcWebConfig implements WebMvcConfigurer {
@Autowired
private ApplicationContext applicationContext;
@Bean
public SpringResourceTemplateResolver templateResolver() {
SpringResourceTemplateResolver templateResolver = new SpringResourceTemplateResolver();
templateResolver.setApplicationContext(applicationContext);
templateResolver.setPrefix("/WEB-INF/views/");
templateResolver.setSuffix(".html");
return templateResolver;
}
@Bean
public SpringTemplateEngine templateEngine() {
SpringTemplateEngine templateEngine = new SpringTemplateEngine();
templateEngine.setTemplateResolver(templateResolver());
templateEngine.setEnableSpringELCompiler(true);
return templateEngine;
}
@Override
public void configureViewResolvers(ViewResolverRegistry registry) {
ThymeleafViewResolver resolver = new ThymeleafViewResolver();
resolver.setTemplateEngine(templateEngine());
registry.viewResolver(resolver);
}
}Spring Security can be enabled in Spring with explicit configuration classes, while Spring Boot pulls in the necessary dependencies via the spring-boot-starter-security starter. An example security configuration is:
@Configuration
@EnableWebSecurity
public class CustomWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("admin")
.password(passwordEncoder().encode("password"))
.authorities("ROLE_ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated()
.and().httpBasic();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}Bootstrapping differs: classic Spring uses web.xml or a WebApplicationInitializer to create a DispatcherServlet, whereas Spring Boot starts with a class annotated with @SpringBootApplication and runs an embedded servlet container:
@SpringBootApplication
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}To deploy a Spring Boot application as a WAR, extend SpringBootServletInitializer:
public class ServletInitializer extends SpringBootServletInitializer {
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(Application.class);
}
}Both frameworks support Maven or Gradle builds, but Spring Boot adds the ability to produce executable JARs, embed containers, and simplify configuration management, making development, testing and deployment more convenient.
In summary, Spring Boot is essentially an extension of Spring that streamlines configuration, provides auto‑configuration, embedded servers, and starter dependencies, thereby accelerating backend development.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Architect's Tech Stack
Java backend, microservices, distributed systems, containerized programming, and more.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.