Commit Graph

1265 Commits (3b588aabbc9b03d5d144fb0e5554c07fbc093bb3)

Author SHA1 Message Date
Andy Wilkinson f3c2f55cbe Merge branch '1.5.x' 8 years ago
Andy Wilkinson 2e76687d17 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 5f44598d8b Remove use of static import that Checkstyle prohibits 8 years ago
Andy Wilkinson 04a869bbe7 Merge branch '1.5.x' 8 years ago
Andy Wilkinson 218d28f74c Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 33dcd853fd Ensure that health endpoint remains insecure without Spring Security
The changes made in 6a2ac080 mean that getSecurity() on
ManagementServerProperties will no longer return null when Spring
Security is on the classpath. This had the unwanted side-effect of
causing the health endpoint to hide its details when Spring Security
was not on the classpath.

This commit reinstates the previous behaviour by only considering
the health endpoint to be secure if Spring Security is on the
classpath and management.security.enabled is true.

Closes gh-7345
8 years ago
Madhura Bhave 372cfb3dff Merge branch '1.5.x' 8 years ago
Madhura Bhave 82f89b4ac1 Add custom headers to allowed CORS headers for CF actuators
Update CORS configuration to support Authorization and X-Cf-App-Instance.

See gh-7108
8 years ago
Stephane Nicoll d32da0d692 Merge branch '1.5.x' 8 years ago
Stephane Nicoll 01e66ecbd5 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 2c71cb8efd Polish 8 years ago
Stephane Nicoll 4407194c00 Replace sample by integration test
Closes gh-3888
8 years ago
Stephane Nicoll 71bbd9faaf Polish
See gh-7322
8 years ago
Phillip Webb 3435fdf7fd Merge branch '1.5.x' 8 years ago
Phillip Webb 6c76353682 Default `management.cloudfoundry.enabled` to true
Update `CloudFoundryActuatorAutoConfiguration` so that it is enabled
when `management.cloudfoundry.enabled` is missing.

See gh-7108
8 years ago
Madhura Bhave a77cfc3b0e Skip SSL validation when calling Cloud Foundry
Update CloudFoundrySecurityService so that SSL validation is not
required. We're unlikely to have configured public keys for the
REST endpoints we need to call. Since the endpoints are provided via
environment variables we can implicitly trust them.

See gh-7108
8 years ago
Madhura Bhave 862a06eb7a Add POST to allowed CORS methods for CF actuators
Update CORS configuration to support POST.

See gh-7108
8 years ago
Madhura Bhave 1005feb27d Update discovery endpoint to respect AccessLevel
Change `CloudFoundryDiscoveryMvcEndpoint` so that `AccessLevel` rights
are consulted so that only accessible links are returned.

See gh-7108
8 years ago
Madhura Bhave 340f1d5574 Add security for Cloud Foundry actuators
Add security to Cloud Foundry actuator endpoints. Security is enforced
by a `HanderInterceptor` on `CloudFoundryEndpointHandlerMapping`. Each
endpoint call expects an 'Authorization' header containing a bearer
token. The token signature is checked against the UAA public keys then
passed to the Cloud Controller to obtain an ultimate access level.

The client may either have 'RESTRICTED' or FULL' access, with the latter
only providing access to a limited set of endpoints.

See gh-7108
8 years ago
Phillip Webb 0cdde3b83c Merge branch '1.5.x' 8 years ago
Phillip Webb 81c5753f4d Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 6a2ac080ac Create our own SessionCreationPolicy enum
Update `ManagementServerProperties` so that `security.sessions` no
longer uses `SessionCreationPolicy` from Spring Security. We now
use our own enun which allows `management.security.*` properties to
be set without the risk of a `ClassNotFoundException`.

Fixes gh-3888
8 years ago
Andy Wilkinson f7618cb421 Merge branch '1.5.x' 8 years ago
Andy Wilkinson bdfceae24c Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 97e5e32496 Make sure the MetricsFilter uses committed response's status
Previously, if an exception was thrown during request handling after
the response had been committed, i.e. after the status and headers
had been written, the metrics filter would assume that it was a 500
response. This was potentially inaccurate as the status had already
been sent to the client and before the exception was thrown and it
may have been something other than a 500.

This commit updates MetricsFilter so that it will use the
status from the response if the response has been committed even when
an exception is thrown.

Closes gh-7277
8 years ago
Andy Wilkinson 8026b2e7a0 Merge branch '1.5.x'
See gh-6982
8 years ago
Andy Wilkinson fe50b2019e Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson b191974faa Reflect Java 7/8 differences in javadoc for metric repository auto-config
Closes gh-6985
8 years ago
Phillip Webb 98a3ae9ac4 Merge branch '1.5.x' 8 years ago
Phillip Webb 5b66ffbb4b Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 60355e0e11 Fix ResourceHttpRequestHandler delegate
Fix ResourceHttpRequestHandler to set the ServletContext following the
Spring Framework update for SPR-14851.
8 years ago
Stephane Nicoll 236f03c4bb Merge branch '1.5.x' 8 years ago
Johnny Lim 7bb63238ab Fix typo
Closes gh-7253
8 years ago
Stephane Nicoll 99af8ca414 Merge branch '1.5.x' 8 years ago
Stephane Nicoll c4d8fb1c09 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 6d50e26b70 Polish contribution
Closes gh-7215
8 years ago
Madhura Bhave 08229899b1 Merge branch '1.5.x' 8 years ago
Madhura Bhave 9bde1e89cb Move some tests to AbstractEndpointHandlerMapping
See gh-7108
8 years ago
Phillip Webb 2e4edf1804 Merge branch '1.5.x' 8 years ago
Phillip Webb a448183681 Polish `/loggers` actuator endpoint
See gh-7086
8 years ago
Ben Hale 06cb4fcca5 Add `/loggers` actuator endpoint
Add `LoggersEndpoint` that can enables listing and configuration of log
levels. This actuator builds on top of the `LoggingSystem` abstraction
and implements support for Logback, Log4J2, and JUL.  The LoggingSystem
interface is modified to require each implementation to list the
configuration of all loggers as well as an individual logger by name.

The MVC endpoint exposes these behaviors at `GET /loggers` and
`GET /loggers/{name}` (much like the metrics actuator).

In addition `POST /loggers/{name}` allows users to modify the level for a given
logger. This modification is passed to the logging implementation, which
then decides, as an internal implementation detail, what the final outcome
of the modification is (e.g. changing all unconfigured children). Users
are then expected to request the listing of all loggers to see what has
changed internally to the logging system.

Closes gh-7086
8 years ago
Stephane Nicoll 0541c14684 Merge branch '1.5.x' 8 years ago
Stephane Nicoll aec85787d2 Merge branch '1.4.x' into 1.5.x 8 years ago
Johnny Lim eb7c0e4dc8 Remove unused
Closes gh-6966
8 years ago
Phillip Webb df3c152813 Merge '1.5.x' 8 years ago
Phillip Webb 2ba978b4ad Polish 8 years ago
Phillip Webb 1e1d929dde Merge branch '1.5.x' 8 years ago
Madhura Bhave ab81d993e6 Add CloudFoundryDiscoveryMvcEndpoint
Update Cloud Foundry support with a discovery endpoint that shows what
endpoints are available.

See gh-7108
8 years ago
Madhura Bhave 7afb161fcf Add CloudFoundry EndpointHandlerMapping
Add a CloudFoundryEndpointHandlerMapping that can expose actuator
endpoints for Cloud Foundry "appsmanager" to use.

See gh-7108
8 years ago
Andy Wilkinson a416f496c0 Clean up deprecation and unused code warnings 8 years ago