The default is now SecurityProperties.ACCESS_OVERRIDE_ORDER-1
(instead of 3), and the user can set it with
security.oauth2.resource.filter-order (as opposed to being hard
coded). The filter is provided by Spring OAuth2 so this change is
a BeanPostProcessor to call a setter on that object.
Fixes gh-5072
This commit removes the automatic enabling of Redis as the Spring Session
store when it is available. This case is covered by a warning in `1.4.x`
that this commit removes as well.
Closes gh-7858
Improve support for MBeans without a backing endpoint by introducing
a `JmxEndpoint` interface. The `JmxEndpoint` is intentionally
similar in design to the `MvcEndpoint` from the `mvc` package and
allows for completely custom JMX beans that are not backed by any
real actuator `Endpoint`.
The `AuditEventsMBean` has been refactored to use the new interface and
has been renamed to `AuditEventsJmxEndpoint`.
See gh-6579
Add a `TransactionManagerCustomizer` callback interface that can be
used to customize auto-configured `PlatformTransactionManagers`.
Also update `...transaction.*` properties under a single unified
`spring.transaction...` key since the existing auto-configurations
would often share a transaction manager (the technology specific
transaction managers are `@ConditionalOnMissingBean` and may use
a manager created by a previous auto-configuration).
See gh-7561
Since the `JestClient` is auto-configured as a bean, it must have its
multi-threaded support enabled by default. This commit exposes a new
`spring.elasticsearch.jest.multi-threaded` property that is `true` by
default.
Closes gh-6806
Phillip Webb
Stephane Nicoll
Dave Syer
Vedran Pavic
Johnny Lim
arthur-noseda
Shubham Aggarwal
Spring Buildmaster