diff --git a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/appendix-executable-jar-format.adoc b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/appendix-executable-jar-format.adoc index f8c8321fd2..d4a6fe78ae 100644 --- a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/appendix-executable-jar-format.adoc +++ b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/appendix-executable-jar-format.adoc @@ -90,8 +90,8 @@ Any dependencies that are required when running embedded but are not required wh [[executable-jar-war-index-files]] === Index Files Spring Boot Loader-compatible jar and war archives can include additional index files under the `BOOT-INF/` directory. -A `classpath.idx` file can be provided for both jars and wars, it provides the ordering that jars should be added to the classpath. -The `layers.idx` file can be used only for jars, it allows a jar to be split into logical layers for Docker/OCI image creation. +A `classpath.idx` file can be provided for both jars and wars, and it provides the ordering that jars should be added to the classpath. +The `layers.idx` file can be used only for jars, and it allows a jar to be split into logical layers for Docker/OCI image creation. Index files follow a YAML compatible syntax so that they can be easily parsed by third-party tools. These files, however, are _not_ parsed internally as YAML and they must be written in exactly the formats described below in order to be used. diff --git a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/howto.adoc b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/howto.adoc index d36aba418e..9c0908c1b1 100644 --- a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/howto.adoc +++ b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/howto.adoc @@ -2439,10 +2439,10 @@ To configure Spring Security to require a secure channel for all (or some) reque [source,java,indent=0,subs="verbatim,quotes,attributes"] ---- @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - // Customize the application security + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + // Customize the application security http.requiresChannel().anyRequest().requiresSecure(); - return http.build(); + return http.build(); } ---- diff --git a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/production-ready-features.adoc b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/production-ready-features.adoc index 915de36495..5913d7e6c9 100644 --- a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/production-ready-features.adoc +++ b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/production-ready-features.adoc @@ -359,12 +359,12 @@ A typical Spring Security configuration might look something like the following [source,java,indent=0] ---- - @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) -> - requests.anyRequest().hasRole("ENDPOINT_ADMIN")); - http.httpBasic(); - return http.build(); + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) -> + requests.anyRequest().hasRole("ENDPOINT_ADMIN")); + http.httpBasic(); + return http.build(); } ---- @@ -388,12 +388,12 @@ Additionally, if Spring Security is present, you would need to add custom securi [source,java,indent=0] ---- - @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) -> + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) -> requests.anyRequest().permitAll()); - return http.build(); - } + return http.build(); + } ---- NOTE: In both the examples above, the configuration applies only to the actuator endpoints. diff --git a/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/context/config/ProfilesTests.java b/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/context/config/ProfilesTests.java index 00468e548e..e0a9bb456c 100644 --- a/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/context/config/ProfilesTests.java +++ b/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/context/config/ProfilesTests.java @@ -360,7 +360,7 @@ class ProfilesTests { } @Test - void simpleRecursiveReferenceInProfileGroupThrowsException() { + void simpleRecursiveReferenceInProfileGroupIgnoresDuplicates() { MockEnvironment environment = new MockEnvironment(); environment.setProperty("spring.profiles.active", "a,b,c"); environment.setProperty("spring.profiles.group.a", "a,e,f"); diff --git a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator-custom-security/src/test/java/smoketest/actuator/customsecurity/CorsSampleActuatorApplicationTests.java b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator-custom-security/src/test/java/smoketest/actuator/customsecurity/CorsSampleActuatorApplicationTests.java index e077b45d17..13d44c7d68 100644 --- a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator-custom-security/src/test/java/smoketest/actuator/customsecurity/CorsSampleActuatorApplicationTests.java +++ b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator-custom-security/src/test/java/smoketest/actuator/customsecurity/CorsSampleActuatorApplicationTests.java @@ -66,9 +66,9 @@ class CorsSampleActuatorApplicationTests { @Test void preflightRequestToEndpointShouldReturnOk() throws Exception { - RequestEntity healthRequest = RequestEntity.options(new URI("/actuator/env")) + RequestEntity envRequest = RequestEntity.options(new URI("/actuator/env")) .header("Origin", "http://localhost:8080").header("Access-Control-Request-Method", "GET").build(); - ResponseEntity exchange = this.testRestTemplate.exchange(healthRequest, Map.class); + ResponseEntity exchange = this.testRestTemplate.exchange(envRequest, Map.class); assertThat(exchange.getStatusCode()).isEqualTo(HttpStatus.OK); } diff --git a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator/src/test/java/smoketest/actuator/CorsSampleActuatorApplicationTests.java b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator/src/test/java/smoketest/actuator/CorsSampleActuatorApplicationTests.java index a2837d7c7a..8cc032e44a 100644 --- a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator/src/test/java/smoketest/actuator/CorsSampleActuatorApplicationTests.java +++ b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator/src/test/java/smoketest/actuator/CorsSampleActuatorApplicationTests.java @@ -66,9 +66,9 @@ class CorsSampleActuatorApplicationTests { @Test void preflightRequestToEndpointShouldReturnOk() throws Exception { - RequestEntity healthRequest = RequestEntity.options(new URI("/actuator/env")) + RequestEntity envRequest = RequestEntity.options(new URI("/actuator/env")) .header("Origin", "http://localhost:8080").header("Access-Control-Request-Method", "GET").build(); - ResponseEntity exchange = this.testRestTemplate.exchange(healthRequest, Map.class); + ResponseEntity exchange = this.testRestTemplate.exchange(envRequest, Map.class); assertThat(exchange.getStatusCode()).isEqualTo(HttpStatus.OK); }