Using JHipster in production

Configuration

If you want to use JHipster with the "production" profile, use the pre-configured "prod" Maven profile:

mvn -Pprod spring-boot:run

This profile will compile, test and package your Java application with all productions settings. It will also trigger a "grunt build", so your static resources are optimized.

If you want more information on the available profiles, please go the section titled "Development and Production profiles".

Generating a WAR file

To package the application as a "production" WAR, type:

mvn -Pprod package

This will generate two files (if your application is called "jhipster"):

  • target/jhipster-0.0.1-SNAPSHOT.war
  • target/jhipster-0.0.1-SNAPSHOT.war.original

The first one is an executable WAR file (see next section to run it). It can also be deployed on an application server, but as it includes the Tomcat runtime libs, you will probably get some warnings, that's why we recommend you use the second, ".original" file if you want to deploy JHipster on an application server.

Once you have deployed you WAR file on your application server:

  • It will use by default the "dev" profile
  • It can run in "production mode" if you trigger the "prod" profile (there are several ways to trigger a Spring profile, for example you can add -Dspring.profiles.active=prod to your JAVA_OPTS when running your server)

Executing the WAR file without an application server

Instead of deploying on an application server, many people find it easier to just have an exectuable WAR file (which includes Tomcat 7, in fact).

The first WAR file generated in the previous step is such a WAR, so you can run it in "development mode" by typing:

java -jar jhipster-0.0.1-SNAPSHOT.war

Or in "production" mode:

java -jar jhipster-0.0.1-SNAPSHOT.war --spring.profiles.active=prod

Generating an optimized JavaScript application with Grunt

This step is automatically triggered when you build your project with the "production" profile. If you want to run it without launching a Maven build, just run:

grunt build

This will process all your static resources (CSS, JavaScript, HTML, JavaScript, images...) in order to generate an optimized client-side application.

This application will be generated in your src/main/webapp/dist folder, which by default is not checked in your Git repository (see your .gitignore file if you want to change this behavior).

This code will be served when you run the application with the "production" profile.

GZipping

With the "production" profile, JHipster configures a Servlet filter that applies gzip compression on your resources.

By default, this filter will work on most static resources (excluding images, which are already compressed) and on all REST requests.

Cache headers

With the "production" profile, JHipster configures a Servlet filter that puts specific HTTP cache headers on your static resources (JavaScript, CSS, fonts...) so they are cached by browsers and proxies.

Monitoring

JHipster comes with full monitoring support from Metrics.

In development, Metrics data will be available through JMX: launch your JConsole and you will be able to access it

In production, your application will try to send this data to a Graphite server, if you have configured one in your YAML configuration file.

Security

JHipster comes with some default users generated for you. In production, you probably want to change their passwords: the easiest way to achieve this is to run the application a first time, and then use the generated "change password" form to modify those passwords.

Here are the provided user accounts:

  • "admin" is an admin user, with the "ROLE_USER" and "ROLE_ADMIN" authorizations.
  • "system" is used for auditing purposes, when an action is done automatically (the action is done by the system, not by a user). You should not be able to login with this user. It has the "ROLE_USER" and "ROLE_ADMIN" authorizations.
  • "user" is a standard user, with the "ROLE_USER" authorization.
  • "anonymousUser" is for non-authenticated users, so it doesn't have any authorization. This user can be useful for some Spring Security configurations, but we don't use it by default.