Fixes an issue where auto-configuration for Spring Authorization Server
was overriding the default exception handling (AuthenticationEntryPoint)
resulting in anonymous requests to the token endpoint being redirected
to the Spring Security login page instead of returning 401 Unauthorized.
Auto-configuration now registers a defaultAuthenticationEntryPointFor
that is added to any other entry points already configured.
See gh-35368
Replace `SessionRepositoryFilterConfiguration` filter registration bean
with a `DelegatingFilterProxyRegistrationBean` so that
`SessionRepository` beans are not initialized early.
Fixes gh-35240
The properties `spring.couchbase.env.ssl.key-store`
and `spring.couchbase.env.ssl.key-store-password`
are deprecated in favor of configuring an SSL bundle with
`spring.couchbase.env.ssl.bundle`. The older properties
have somewhat confusing names, since they are used to
configure a trust store in Couchbase, and they don't
provide all the options that an SSL bundle provides.
Closes gh-35135
Introduce `WebClientSsl` interface and auto-configuration to allow a
WebClient builder to have custom SSL configuration applied.
The previous `ClientHttpConnectorConfiguration` has been been changed
to now create `ClientHttpConnectorFactory` instances which can be used
directly or by `AutoConfiguredWebClientSsl`.
Closes gh-18556
Update `SslOptions` so that `null` is used for default values rather
than empty sets. Most libraries use `null` to indicate defaults so
aligning our class makes things easier.
See gh-34814
Update Tomcat, Jetty, Undertow and Netty servers so that an SslBundle
is used to apply SSL configuration. Existing `Ssl` properties are
internally adapted to an `SslBundle` using the `WebServerSslBundle`
class. Additionally, if `Ssl.getBundle()` returns a non-null value the
the `SslBundles` bean will be used to find a registered bundle by name.
See gh-34814
Add auto-configuration for SSL bundles including new configuration
properties that can be used to define a bundle.
SSL bundle properties are provided under the `spring.ssl.bundle` key.
Currently `jks` and `pem` variants are support. Both are configured
as a `Map` where the bundle name is the key.
A typical example would be:
spring:
ssl:
bundle:
pem:
mybundle
key:
password: secret
keystore:
certificate: classpath:mycert.pem
private-key: classpath:mykey.pem
A `SslBundleRegistrar` interface is also provided to allow programmatic
contributions to the auto-configured `SslBundleRegistry`.
See gh-34814
Prior to this commit, a failure to load a ConnectionDetailsFactory
caused startup to fail. This causes problems when some of a
factory's required classes were not available, for examle when using
spring-boot-docker-compose without Actuator.
Fixes gh-35100
This commit deprecates OAuth2ClientPropertiesRegistrationAdapter as
it wasn't really an adapter because it provides a static utility
method rather than adapting one contract to another. A replacement,
OAuth2ClientPropertiesMapper, is introduced that maps the OAuth2
client properties to the required types.
Closes gh-34714
This commit adds the following properties under
spring.security.oauth2.authorizationserver.client.[registration-id]:
* endpoint.device-authorization-uri
* endpoint.device-verification-uri
* token.device-code-time-to-live
See gh-34957
Previously, FlywayProperties returned an empty string when its
password had not been set. This prevented the desired fallback to
JdbcConnectionDetails.
Fixes gh-35046
Update restcontainers service connections support so that
technology specific `@ServiceConnector` annotations are not longer
required.
A single `@ServiceConnector` annotation can now be used to create
all `ConnectionDetail` beans.
Closes gh-35017
Update the auto-configuration gradle plugin so that the
configuration-properties plugin is not longer automatically applied.
This allows us to have auto-configuration modules that don't ship
configuration properties.
Closes gh-35028
Moritz Halbritter
Steve Riesenberg
Christoph Dreis
Stefano Cordio
Johnny Lim
Andy Wilkinson
davin111
Scott Frederick
Marc Leroux
Phillip Webb
Juhan Aasaru
Stephane Nicoll
Taeik Lim
Claudio Nave
Martin BENDA