Update `spring-boot-smoke-test-ant` so that the ant lib folder is always
cleaned. Prior to this commit, it was possible for the folder to contain
stale artifacts.
Remove `spring-boot-smoke-test-webflux-ssl` since it's more of
an integration test than a smoke test. We could consider
relocating it to `spring-boot-integration-tests` but since we
have unit tests with a mock PCKCS11 security it's probably
best to see if we can get away without it.
See gh-32179
Rename `/actuator/httptrace` to `/actuator/httpexchanges` to better
describe its purpose and to remove confusion with distribute tracing.
This change also takes the opportunity to improve the code by making
the `HttpExchange` class (previously `HttpTrace`) fully immutable.
Closes gh-32885
Co-authored-by: Andy Wilkinson <wilkinsona@vmware.com>
Spring Security now re-applies the authorization rules
to the error page by default. Additionally, it configures
RequestAttributeSecurityContextRepository as the default for
stateless applications allowing those applications to have access
to the original authentication during an error dispatch.
Closes gh-31703
As htttpclient 4.x is not supported anymore by `RestTemplate`, this
commit changes such dependencies to httpclient5 instead. In some cases,
the httpclient 4.x was transitively brought by a non-Spring dependency.
See gh-32461
This commit updates Servlet based Spring Security auto-configuration
to use AuthorizationFilter, which is intended to supersede
FilterSecurityInterceptor.
See gh-31255