Previously, SpringBootApplication relied on implicity aliasing of
exclude and excludeName that worked because the two attributes have
the same names as the equivalent attributes on
EnableAutoConfiguration.
This commit updates SpringBootApplication to make the aliases explicit
and also adds tests to EnableAutoConfigurationImportSelectorTests to
verify that the aliasing is working as intended.
Closes gh-7951
Replace JSR-330 validation annotations from all internal
`@ConfigurationProperties` classes with standard Asserts.
Prior to this commit validation of our own configuration properties
would only occur when the user happens to have compliant JSR-330
implementation on their classpath.
See gh-7579
This commit provides an order of zero for the RepositoryRestConfigurer
that is used internally to configure the `RepositoryRestConfiguration`. In
practice, an unordered `RepositoryRestConfigurer` will run after ours.
Closes gh-7981
Previously, OAuth2MethodSecurityConfiguration set the
PermissionEvaluator on the expression evaluator by looking in the
context for a PermissionEvaluator bean. This is unnecessary as
GlobalMethodSecurityConfiguration already does the same thing and does
so after the post-processor in OAuth2MethodSecurityConfiguration has
run. This commit removes the redundant logic and adds tests to check
that both the PermissionEvaluator and the RoleHierarchy are set use
beans in the context.
Closes gh-7979
The default is now SecurityProperties.ACCESS_OVERRIDE_ORDER-1
(instead of 3), and the user can set it with
security.oauth2.resource.filter-order (as opposed to being hard
coded). The filter is provided by Spring OAuth2 so this change is
a BeanPostProcessor to call a setter on that object.
Fixes gh-5072
Upgrade to `hibernate-validator` 5.3.4 and introduce a new
`MessageInterpolatorFactory` that creates a suitable
`MessageInterpolator` (taking into account missing EL dependencies).
Rework `ConfigurationPropertiesBindingPostProcessor` and
`ValidationAutoConfiguration` to make use of the new factory.
Fixes gh-7598
This commit removes the automatic enabling of Redis as the Spring Session
store when it is available. This case is covered by a warning in `1.4.x`
that this commit removes as well.
Closes gh-7858
Andy Wilkinson
Stephane Nicoll
Phillip Webb
Kazuki Shimizu
Johnny Lim
Vedran Pavic
Eddú Meléndez
Dave Syer