What is springboot-patterns?

Perfect for Java Development Agents needing scalable Spring Boot architecture patterns and REST API design expertise. Spring Boot architecture patterns, REST API design, layered services, data access, caching, async processing, and logging. Use for Java Spring Boot backend work.

How do I install springboot-patterns?

Run the command: npx killer-skills add affaan-m/everything-claude-code/springboot-patterns. It works with Cursor, Windsurf, VS Code, Claude Code, and 19+ other IDEs.

What are the use cases for springboot-patterns?

Key use cases include: Structuring controller → service → repository layers for robust backend development, Configuring Spring Data JPA for efficient data access and caching, Implementing async processing and logging for enhanced performance and debugging.

Which IDEs are compatible with springboot-patterns?

This skill is compatible with Cursor, Windsurf, VS Code, Trae, Claude Code, OpenClaw, Aider, Codex, OpenCode, Goose, Cline, Roo Code, Kiro, Augment Code, Continue, GitHub Copilot, Sourcegraph Cody, and Amazon Q Developer. Use the Killer-Skills CLI for universal one-command installation.

Are there any limitations for springboot-patterns?

Requires Java Spring Boot environment. Limited to Spring Boot architecture and API patterns.

Spring Boot Development Patterns

Name: springboot-patterns
Availability: InStock
Author: affaan-m

Spring Boot architecture and API patterns for scalable, production-grade services.

When to Activate

Building REST APIs with Spring MVC or WebFlux
Structuring controller → service → repository layers
Configuring Spring Data JPA, caching, or async processing
Adding validation, exception handling, or pagination
Setting up profiles for dev/staging/production environments
Implementing event-driven patterns with Spring Events or Kafka

REST API Structure

java
1@RestController
2@RequestMapping("/api/markets")
3@Validated
4class MarketController {
5  private final MarketService marketService;
6
7  MarketController(MarketService marketService) {
8    this.marketService = marketService;
9  }
10
11  @GetMapping
12  ResponseEntity<Page<MarketResponse>> list(
13      @RequestParam(defaultValue = "0") int page,
14      @RequestParam(defaultValue = "20") int size) {
15    Page<Market> markets = marketService.list(PageRequest.of(page, size));
16    return ResponseEntity.ok(markets.map(MarketResponse::from));
17  }
18
19  @PostMapping
20  ResponseEntity<MarketResponse> create(@Valid @RequestBody CreateMarketRequest request) {
21    Market market = marketService.create(request);
22    return ResponseEntity.status(HttpStatus.CREATED).body(MarketResponse.from(market));
23  }
24}

Repository Pattern (Spring Data JPA)

java
1public interface MarketRepository extends JpaRepository<MarketEntity, Long> {
2  @Query("select m from MarketEntity m where m.status = :status order by m.volume desc")
3  List<MarketEntity> findActive(@Param("status") MarketStatus status, Pageable pageable);
4}

Service Layer with Transactions

java
1@Service
2public class MarketService {
3  private final MarketRepository repo;
4
5  public MarketService(MarketRepository repo) {
6    this.repo = repo;
7  }
8
9  @Transactional
10  public Market create(CreateMarketRequest request) {
11    MarketEntity entity = MarketEntity.from(request);
12    MarketEntity saved = repo.save(entity);
13    return Market.from(saved);
14  }
15}

DTOs and Validation

java
1public record CreateMarketRequest(
2    @NotBlank @Size(max = 200) String name,
3    @NotBlank @Size(max = 2000) String description,
4    @NotNull @FutureOrPresent Instant endDate,
5    @NotEmpty List<@NotBlank String> categories) {}
6
7public record MarketResponse(Long id, String name, MarketStatus status) {
8  static MarketResponse from(Market market) {
9    return new MarketResponse(market.id(), market.name(), market.status());
10  }
11}

Exception Handling

java
1@ControllerAdvice
2class GlobalExceptionHandler {
3  @ExceptionHandler(MethodArgumentNotValidException.class)
4  ResponseEntity<ApiError> handleValidation(MethodArgumentNotValidException ex) {
5    String message = ex.getBindingResult().getFieldErrors().stream()
6        .map(e -> e.getField() + ": " + e.getDefaultMessage())
7        .collect(Collectors.joining(", "));
8    return ResponseEntity.badRequest().body(ApiError.validation(message));
9  }
10
11  @ExceptionHandler(AccessDeniedException.class)
12  ResponseEntity<ApiError> handleAccessDenied() {
13    return ResponseEntity.status(HttpStatus.FORBIDDEN).body(ApiError.of("Forbidden"));
14  }
15
16  @ExceptionHandler(Exception.class)
17  ResponseEntity<ApiError> handleGeneric(Exception ex) {
18    // Log unexpected errors with stack traces
19    return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
20        .body(ApiError.of("Internal server error"));
21  }
22}

Caching

Requires @EnableCaching on a configuration class.

java
1@Service
2public class MarketCacheService {
3  private final MarketRepository repo;
4
5  public MarketCacheService(MarketRepository repo) {
6    this.repo = repo;
7  }
8
9  @Cacheable(value = "market", key = "#id")
10  public Market getById(Long id) {
11    return repo.findById(id)
12        .map(Market::from)
13        .orElseThrow(() -> new EntityNotFoundException("Market not found"));
14  }
15
16  @CacheEvict(value = "market", key = "#id")
17  public void evict(Long id) {}
18}

Async Processing

Requires @EnableAsync on a configuration class.

java
1@Service
2public class NotificationService {
3  @Async
4  public CompletableFuture<Void> sendAsync(Notification notification) {
5    // send email/SMS
6    return CompletableFuture.completedFuture(null);
7  }
8}

Logging (SLF4J)

java
1@Service
2public class ReportService {
3  private static final Logger log = LoggerFactory.getLogger(ReportService.class);
4
5  public Report generate(Long marketId) {
6    log.info("generate_report marketId={}", marketId);
7    try {
8      // logic
9    } catch (Exception ex) {
10      log.error("generate_report_failed marketId={}", marketId, ex);
11      throw ex;
12    }
13    return new Report();
14  }
15}

Middleware / Filters

java
1@Component
2public class RequestLoggingFilter extends OncePerRequestFilter {
3  private static final Logger log = LoggerFactory.getLogger(RequestLoggingFilter.class);
4
5  @Override
6  protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
7      FilterChain filterChain) throws ServletException, IOException {
8    long start = System.currentTimeMillis();
9    try {
10      filterChain.doFilter(request, response);
11    } finally {
12      long duration = System.currentTimeMillis() - start;
13      log.info("req method={} uri={} status={} durationMs={}",
14          request.getMethod(), request.getRequestURI(), response.getStatus(), duration);
15    }
16  }
17}

Pagination and Sorting

java
1PageRequest page = PageRequest.of(pageNumber, pageSize, Sort.by("createdAt").descending());
2Page<Market> results = marketService.list(page);

Error-Resilient External Calls

java
1public <T> T withRetry(Supplier<T> supplier, int maxRetries) {
2  int attempts = 0;
3  while (true) {
4    try {
5      return supplier.get();
6    } catch (Exception ex) {
7      attempts++;
8      if (attempts >= maxRetries) {
9        throw ex;
10      }
11      try {
12        Thread.sleep((long) Math.pow(2, attempts) * 100L);
13      } catch (InterruptedException ie) {
14        Thread.currentThread().interrupt();
15        throw ex;
16      }
17    }
18  }
19}

Rate Limiting (Filter + Bucket4j)

Security Note: The X-Forwarded-For header is untrusted by default because clients can spoof it. Only use forwarded headers when:

Your app is behind a trusted reverse proxy (nginx, AWS ALB, etc.)
You have registered ForwardedHeaderFilter as a bean
You have configured server.forward-headers-strategy=NATIVE or FRAMEWORK in application properties
Your proxy is configured to overwrite (not append to) the X-Forwarded-For header

When ForwardedHeaderFilter is properly configured, request.getRemoteAddr() will automatically return the correct client IP from the forwarded headers. Without this configuration, use request.getRemoteAddr() directly—it returns the immediate connection IP, which is the only trustworthy value.

java
1@Component
2public class RateLimitFilter extends OncePerRequestFilter {
3  private final Map<String, Bucket> buckets = new ConcurrentHashMap<>();
4
5  /*
6   * SECURITY: This filter uses request.getRemoteAddr() to identify clients for rate limiting.
7   *
8   * If your application is behind a reverse proxy (nginx, AWS ALB, etc.), you MUST configure
9   * Spring to handle forwarded headers properly for accurate client IP detection:
10   *
11   * 1. Set server.forward-headers-strategy=NATIVE (for cloud platforms) or FRAMEWORK in
12   *    application.properties/yaml
13   * 2. If using FRAMEWORK strategy, register ForwardedHeaderFilter:
14   *
15   *    @Bean
16   *    ForwardedHeaderFilter forwardedHeaderFilter() {
17   *        return new ForwardedHeaderFilter();
18   *    }
19   *
20   * 3. Ensure your proxy overwrites (not appends) the X-Forwarded-For header to prevent spoofing
21   * 4. Configure server.tomcat.remoteip.trusted-proxies or equivalent for your container
22   *
23   * Without this configuration, request.getRemoteAddr() returns the proxy IP, not the client IP.
24   * Do NOT read X-Forwarded-For directly—it is trivially spoofable without trusted proxy handling.
25   */
26  @Override
27  protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
28      FilterChain filterChain) throws ServletException, IOException {
29    // Use getRemoteAddr() which returns the correct client IP when ForwardedHeaderFilter
30    // is configured, or the direct connection IP otherwise. Never trust X-Forwarded-For
31    // headers directly without proper proxy configuration.
32    String clientIp = request.getRemoteAddr();
33
34    Bucket bucket = buckets.computeIfAbsent(clientIp,
35        k -> Bucket.builder()
36            .addLimit(Bandwidth.classic(100, Refill.greedy(100, Duration.ofMinutes(1))))
37            .build());
38
39    if (bucket.tryConsume(1)) {
40      filterChain.doFilter(request, response);
41    } else {
42      response.setStatus(HttpStatus.TOO_MANY_REQUESTS.value());
43    }
44  }
45}

Background Jobs

Use Spring’s @Scheduled or integrate with queues (e.g., Kafka, SQS, RabbitMQ). Keep handlers idempotent and observable.

Observability

Structured logging (JSON) via Logback encoder
Metrics: Micrometer + Prometheus/OTel
Tracing: Micrometer Tracing with OpenTelemetry or Brave backend

Production Defaults

Prefer constructor injection, avoid field injection
Enable spring.mvc.problemdetails.enabled=true for RFC 7807 errors (Spring Boot 3+)
Configure HikariCP pool sizes for workload, set timeouts
Use @Transactional(readOnly = true) for queries
Enforce null-safety via @NonNull and Optional where appropriate

Remember: Keep controllers thin, services focused, repositories simple, and errors handled centrally. Optimize for maintainability and testability.

springboot-patterns — ai-agents springboot-patterns, everything-claude-code, official, ai-agents, ide skills, anthropic, claude-code, developer-tools, Claude Code, Cursor, Windsurf

About this Skill

# Core Topics

Agent Capability Analysis

Ideal Agent Persona

Core Value

↓ Capabilities Granted for springboot-patterns

! Prerequisites & Limits

Browser Sandbox Environment

⚡️ Ready to unleash?

springboot-patterns