Spring Security Interview Questions And Answers Pdf

Spring Security Interview Questions And Answers Pdf

1. What do you mean by Dependency Injection?
Answer: In Dependency Injection, you do not have to create your objects but have to describe how they should be created. You don’t connect your components and services together in the code directly, but describe which services are needed by which components in the configuration file. The IoC container will wire them up together.(Mulesoft Training )

2. What is Dispatcher Servlet and Context Loader Listener?
Answer: DispatcherServlet is the front controller in the Spring MVC application and it loads the spring bean configuration file and initializes all the beans that are configured. If annotations are enabled, it also scans the packages and configures any bean annotated with @Component, @Controller, @Repository or @Service annotations.
ContextLoaderListener is the listener to start up and shut down Spring’s root WebApplicationContext. Its important functions are to tie up the lifecycle of ApplicationContext to the lifecycle of the ServletContext and to automate the creation of ApplicationContext. We can use it to define shared beans that can be used across different spring contexts.(Selenium Training )

3. What is View Resolver in Spring?
Answer: ViewResolver implementations are used to resolve the view pages by name. Usually, we configure it in the spring bean configuration file.

For example:
InternalResourceViewResolver is one of the implementations of ViewResolver interface and we are providing the view pages directory and suffix location through the bean properties. So if a controller handler method returns “home”, view resolver will use view page located at /WEB-INF/views/home.jsp.

4. How many types of IOC containers are there in spring?
Answer: BeanFactory: BeanFactory is like a factory class that contains a collection of beans. It instantiates the bean whenever asked for by clients.
ApplicationContext: The ApplicationContext interface is built on top of the BeanFactory interface. It provides some extra functionality on top BeanFactory.(Sap Fico Online Training )

5. Explain the AOP module?
Answer: The AOP module is used for developing aspects for our Spring-enabled application. Much of the support has been provided by the AOP Alliance in order to ensure the interoperability between Spring and other AOP frameworks. This module also introduces metadata programming to Spring.

6. List some of the benefits of IoC?
Some of the benefits of IoC are:
It will minimize the amount of code in your application.
It will make your application easy to test because it doesn’t require any singletons or JNDI lookup mechanisms in your unit test cases.
It promotes loose coupling with minimal effort and least intrusive mechanism.
It supports eager instantiation and lazy loading of the services.(Azure Training )

7. In how many ways can Dependency Injection be done?
In general, dependency injection can be done in three ways, namely :
Constructor Injection
Setter Injection
Interface Injection
In Spring Framework, only constructor and setter injections are used.

8. What is the role of the @Required annotation?
Answer: The @Required annotation is used on setter methods, and it indicates that the bean property that has this annotation must be populated at configuration time. Otherwise, the Spring container will throw a BeanInitializationException exception.
Also, @Required differs from @Autowired – as it is limited to a setter, whereas @Autowired is not. @Autowired can be used to wire with a constructor and afield as well, while @Required only checks if the property is set.
Let’s see an example:
public class Person
private String name;
public void setName(String name)
this.name = name;
Now, the name of the Person bean needs to be set in XML config like this:

9. Can we have multiple Spring configuration files in one project?
Yes, in large projects, having multiple Spring configurations is recommended to increase maintainability and modularity.

You can load multiple Java-based configuration files:
@Import({MainConfig.class, SchedulerConfig.class})
public class AppConfig {
Or load one XML file that will contain all other configs:

ApplicationContext context = new ClassPathXmlApplicationContext(“spring-all.xml”);
And inside this XML file you’ll have:

10. What is Spring Boot ?
Answer: Spring Boot is a project that provides a pre-configured set of frameworks to reduce boilerplate configuration so that you can have a Spring application up and running with the smallest amount of code.

11. Explain Spring Beans?
Answer: They are the objects that form the backbone of the user’s application.
Beans are managed by the Spring IoC container.
They are instantiated, configured, wired and managed by a Spring IoC container
Beans are created with the configuration metadata that the users supply to the container. Bean generation.

12. What is the Spring IoC Container?
Answer: Inversion of Control (IoC) is the mechanism to achieve loose-coupling between Objects dependencies. To achieve loose coupling and dynamic binding of the objects at runtime, the objects define their dependencies that are being injected by other assembler objects. Spring IoC container is the program that injects dependencies into an object and makes it ready for our use.

Spring Framework IoC container classes are part of org.springframework.beans, and org.springframework.context packages and provides us different ways to decouple the object dependencies.

Some of the useful ApplicationContext implementations that we use are;

AnnotationConfigApplicationContext: For standalone java applications using annotations based configuration.
ClassPathXmlApplicationContext: For standalone java applications using XML based configuration.
FileSystemXmlApplicationContext: Similar to ClassPathXmlApplicationContext except that the xml configuration file can be loaded from anywhere in the file system.
AnnotationConfigWebApplicationContext and XmlWebApplicationContext for web applications.

13. How many bean scopes are supported by Spring?
Answer: The Spring Framework supports five scopes. They are:
Singleton: This provides scope for the bean definition to a single instance per Spring IoC container.
Prototype: This provides scope for a single bean definition to have any number of object instances.
Request: This provides scope for a bean definition to an HTTP-request.
Session: This provides scope for a bean definition to an HTTP-session.
Global-session: This provides scope for a bean definition to a Global HTTP-session.
The last three are available only if the users use a web-aware ApplicationContext.

14. What are the limitations with auto wiring?
Answer: Following are some of the limitations you might face with auto wiring:
Overriding possibility: You can always specify dependencies using and settings which will override auto wiring.
Primitive data type: Simple properties such as primitives, Strings and Classes can’t be autowired.
Confusing nature: Always prefer using explicit wiring because auto wiring is less precise.

15. What are the different types of Advice?
Before: These types of advice execute before the joinpoint methods and are configured using @Before annotation mark.
After returning: These types of advice execute after the joinpoint methods complete executing normally and are configured using @AfterReturning annotation mark.
After throwing: These types of advice execute only if the joinpoint method exits by throwing an exception and are configured using @AfterThrowing annotation mark.
After (finally): These types of advice execute after a joinpoint method, regardless of the method’s exit whether normally or exceptional return and are configured using @After annotation mark.
Around: These types of advice execute before and after a joinpoint and are configured using the @Around annotation mark.

16. Point out the difference between concern and crosscutting concern in Spring AOP?
Answer: The concern is the behavior we want to have in a particular module of an application. It can be defined as the functionality we want to implement.
The cross-cutting concern is a concern which is applicable throughout the application. This affects the entire application. For example, logging, security, and data transfer are the concerns needed in almost every module of an application, thus they are the cross-cutting concerns.

17. What is the difference between Spring AOP and AspectJ AOP?
Answer: Spring AOP vs AspectJ AOP
Spring AOP AspectJ AOP
Runtime weaving through a proxy is done Compile-time weaving through AspectJ Java tools is done
It supports only method level PointCut It supports field-level Pointcuts
It is DTD based It is schema-based and Annotation configuration

18. What do you mean by Spring MVC framework?
Answer: The Spring web MVC framework provides model-view-controller architecture and ready to use components that are used to develop flexible and loosely coupled web applications. The MVC pattern helps in separating the different aspects of the application like input logic, business logic, and UI logic while providing a loose coupling between all these elements.(Sql Server Training )

19. What are the advantages of spring framework?

  • Predefined Templates
  • Loose Coupling
  • Easy to test
  • Lightweight
  • Fast Development
  • Powerful Abstraction
  • Declarative support

20. What are the different bean scopes in spring?
There are 5 bean scopes in spring framework.
No. Scope Description
1) singleton The bean instance will be only once and the same instance will be returned by the IOC container. It is the default scope.
2) prototype The bean instance will be created each time when requested.
3) request The bean instance will be created per HTTP request.
4) session The bean instance will be created per HTTP session.
5) global session The bean instance will be created per HTTP global session. It can be used in the portlet context only.

21. What are the advantages of JdbcTemplate in spring?
Answer: Less code: By using the JdbcTemplate class, you don’t need to create a connection, statement, start a transaction, commit the transaction and a close connection to execute different queries. You can execute the query directly. 

22. What is AOP terminology?

  • AOP terminologies or concepts are as follows:
  • JoinPoint
  • Advice
  • Pointcut
  • Aspect
  • Introduction
  • Target Object
  • Interceptor
  • AOP Proxy
  • Weaving

23. What are the types of advice in AOP?

  • There are 5 types of advice in spring AOP.
  • Before Advice
  • After Advice
  • After Returning Advice
  • Throws Advice
  • Around Advice

24. What is the front controller class of Spring MVC?
Answer: The DispatcherServlet class works as the front controller in Spring MVC.

25. What does the ViewResolver class?
Answer: The View Resolver class resolves the view component to be invoked for the request. It defines prefix and suffix properties to resolve the view component.(Servicenow Training )

26. Explain the Core Container (Application context) module?
Answer: This is the basic Spring module, which provides the fundamental functionality of the Spring framework. BeanFactory is the heart of any spring-based application. Spring framework was built on the top of this module, which makes the Spring container.

27. What are the main features of Spring frameworks?
spring is lightweight when it comes to size and transparency. The basic version of the spring framework is around 1MB. And the processing overhead is also very negligible.
Inversion of control (IOC):
The basic concept of the Dependency Injection or Inversion of Control is that the programmer does not need to create the objects, instead just describe how it should be created.
Aspect-oriented (AOP):

Spring supports Aspect-oriented programming.
Aspect-oriented programming refers to the programming paradigm which isolates secondary or supporting functions from the main program’s business logic. AOP is a promising technology for separating cross-cutting concerns, something usually hard to do in object-oriented programming. The application’s modularity is increased in that way and its maintenance becomes significantly easier.
Spring contains and manages the life cycle and configuration of application objects.
MVC Framework:
Spring comes with an MVC web application framework, built on core Spring functionality. This framework is highly configurable via strategy interfaces and accommodates multiple view technologies like JSP, Velocity, Tiles, iText, and POI.
Transaction Management:
Spring framework provides a generic abstraction layer for transaction management. This allowing the developer to add the pluggable transaction managers, and making it easy to demarcate transactions without dealing with low-level issues.
JDBC Exception Handling:
The JDBC abstraction layer of the Spring offers a meaningful exception hierarchy, which simplifies the error handling strategy. Integration with Hibernate, JDO, and iBATIS: Spring provides best Integration services with Hibernate, JDO, and iBATIS.

28. What are the different ORM’s supported by Spring?
Answer: Different ORM’s supported by Spring are depicted via the below diagram.

29. What does a Spring application look like?
Answer: An interface that defines the functions.
The implementation that contains properties, its setter and getter methods, functions, etc.,
Spring AOP
The Spring configuration XML file.
A client program that uses the function

30. Are Singleton beans thread safe in Spring Framework?
Answer: No, singleton beans are not thread-safe in Spring framework.

31. What are inner beans in Spring?
Answer: When a bean is only used as a property of another bean it can be declared as an inner bean. Spring’s XML-based configuration metadata provides the use of element inside the or elements of a bean definition, in order to define the so-called inner bean. Inner beans are always anonymous and they are always scoped as prototypes.

32. Are there limitations with auto wiring?
Limitations of auto wiring are:
Overriding: You can still specify dependencies using and settings which will always override autowiring.
Primitive data types: You cannot autowire simple properties such as primitives, Strings, and Classes.
Confusing nature: Autowiring is less exact than explicit wiring, so if possible prefer using explicit wiring.

33. Joinpoint?
Answer: The joinpoint represents a point in an application where we can plug-in an AOP aspect. It is the actual place in the application where an action will be taken using Spring AOP framework.

34. What is the role of the IOC container in spring?
IOC container is responsible for:
create the instance
configure the instance, and
assemble the dependencies.

35. Bean Factory – Bean Factory implementation example?
Answer: A BeanFactory is an implementation of the factory pattern that applies Inversion of Control to separate the application’s configuration and dependencies from the actual application code.

36. Which View Resolver class is widely used?
Theory.springframework.web.servlet.view.InternalResourceViewResolver class is widely used.

37. What is the difference between constructor injection and setter injection?
Answer: No. Constructor Injection Setter Injection
1) No Partial Injection Partial Injection
2) Doesn’t override the setter property Overrides the constructor property if both are defined.
3) Creates a new instance if any modification occurs Doesn’t create a new instance if you change the property value
4) Better for too many properties Better for a few properties.

38. What is autowiring in spring? What are the autowiring modes?
Answer: Autowiring enables the programmer to inject the bean automatically. We don’t need to write explicit injection logic.

39. What is AOP implementation?
There is 3 AOP implementation.
Spring AOP
Apache AspectJ

40. Does spring perform weaving at compile time?
Answer: No, spring framework performs weaving at run time.

41. Does the spring framework support all JoinPoints?
Answer: No, spring framework supports method execution join point only.

42. What are the advantages of spring AOP?
Answer: AOP enables you to dynamically add or remove concern before or after the business logic. It is pluggable and easy to maintain. 

43. What do you mean by Proxy in Spring Framework?
Answer: An object which is created after applying the advice to a target object is known as a Proxy. In the case of client objects, the target object and the proxy object are the same. ( hadoop training videos )

44. What are the modules of the spring framework?
Spring Core Container
AOP, Aspects, and Instrumentation
Data Access/Integration

45. Explain Web Application Context?
Answer: The WebApplicationContext is an extension of the plain ApplicationContext. It has some extra features that are necessary for web applications. It differs from a normal ApplicationContext in terms of its capability of resolving themes and in deciding which servlet it is associated with.

46. What is the transaction management supports provided by spring?
Answer: Spring framework provides two types of transaction management supports:
Programmatic Transaction Management: should be used for a few transaction operations.
Declarative Transaction Management: should be used for many transaction operations. ( data science online training ) 

Note: Browse latest Spring Security Interview Questions and Spring Security Tutorial Videos. Here you can check Spring Security Training details and Spring SecurityTraining Videos for self learning. Contact +91 988 502 2027 for more information.


Coupon Code - GET30
* Terms & Conditions Apply