For the convenience of users who want to selectively override the
access rules in an application without taking complete control of the
security configuration we now have some constants:
* SecurityProperties.ACCESS_OVERRIDE_ORDER for overriding just the
application endpoint access rules
* ManagementServerProperties.ACCESS_OVERRIDE_ORDER for overriding the
application endpoint and management endpoint access rules
Fixes gh-803
In addition to the upgrade to Dijkstra (#743) Spring HATEOAS has been
upgraded to 0.11.0 (#801) and Mongo's Java driver has been upgraded to
2.12.1 (#689). In both cases this is the same version as is used by
Dijkstra RC1.
The new version of Mongo's Java driver changes the exception that's
thrown when Mongo isn't running and a connection attempt fails. The
Mongo sample has been updated accordingly.
RepositoryRestMvcAutoConfiguration has been updated to be configured
before JpaRepositoriesAutoConfiguration. This ensures that the
former's transitive import of SpringDataJacksonConfiguration takes
precedence over the latter's import of the same. This is necessary as
RepositoryRestMvcConfiguration requires a bean that's declared by
SpringDataJacksonConfiguration and, if JpaRepositoriesAutoConfiguration
is processed first, its conditions may cause the import
SpringDataJacksonConfiguration to be skipped causing instantiation
of RepositoryRestMvcConfiguration to fail.
Closes#689Closes#743
This commit harmonizes the dependency management of internal modules
so that versions can be omitted everywhere. Update the maven coordinates
to provide the full groupId for consistency
Previous to this commit, the remote shell security configuration
described that a default password will be generated with no extra
configuration. Actually, when Spring Security is configured for the
application, the remote shell reuses that configuration by default.
It turns out that the default log message is confusing as it was
referring to "application endpoints". Updated that log to a more
generic log message and updated doc accordingly.
Fixes gh-779
Restore `freemarker.template.Configuration` bean for the
FreeMarkerWebConfiguration. The @Bean method no longer uses a
@Condition since `FreeMarkerConfig` must already exist.
If Liquibase is on the classpath it will fire up on startup. Various
config options are available (as well as the option to disable it).
Liquibase uses a YAML format for changes (in classpath:db/changelog).
Remove `freemarkerConfiguration` from the FreeMarkerAutoConfiguration
since it should not be needed for most applications.
The previous code also caused problems since it included a
@ConditionalOnBean annotation on a bean that was created in the same
configuration.
The existing freemarker support only works in a webapp. This
change adds a FreeMarker Configuration bean (in both web- and
non webapps) so it can be used to load a Template and render it
(e.g. with Spring's FreeMarkerTemplateUtils).
See gh-679
Two modules are still relying on the spring-boot test-jar but it was
not generated anymore. Adding the generation of test-jar again as
a workaround until we completely removes the use of it.
We still prefer Tomcat if it is available (that can change
if the community asks loudly enough). Hikari is supported
via the same spring.datasource.* properties as Tomcat (and
DBCP), with some modifications:
* The validation and timeout settings are not as fine-grained
in Hikari, so many of them will simply be ignored. The most
common options (url, username, password, driverClassName) all
work as expected.
* The Hikari team recommends using a vendor-specific DataSource
via spring.datasource.dataSourceClassName and supplying it with
Properties (spring.datasource.hikari.*).
Hikari prefers the JDBC4 isValid() API (encapsulates vendor-
specific queries) which is probably a good thing, but we
haven't provided any explicit support or testing for that yet.
Fixes gh-418
This commit adds auto-configuration and a starter,
spring-boot-starter-freemarker, for using FreeMarker view templates in
a web application.
A new abstraction, TemplateAvailabilityProvider, has been introduced.
This decouples ErrorMvcAutoConfiguration from the various view
technologies that Spring Boot now supports, allowing it to determine
when a custom error template is provided without knowing the details of
each view technology.
Closes#679
Salvatore has indicated that Jedis is his Java Redis client of choice.
This commit updates the auto-configuration support, actuator and
Redis starter accordingly.
Completes #745
Reverting arguments in assertEquals where constant was placed on
the "actual" place. Replacing assertEquals with assertFalse, assertTrue
and assertNull where applicable.
Fixes gh-735
For some reason the exception mappings are only created with the
publisher is initialized in the constructor of DefaultAuthenticationEventPublisher.
Changed SpringBootWebSecurityConfiguration to do that rather then
relying on the ApplicationEventPublisherAware behaviour to inject it.
Fixes gh-719
The username/password option stil lonly works for a single host (to
connect to a cluster I suspect you need to set the URI). Also added
a MongoClientOptions (if a bean of that type exists it will be
used to populate the options that aren't in the URI).
Fixed gh-536
Polish couchbase support to:
- Extract properties into its own class
- Remove unnecessary inner configuration class
- Add since tags
- Format code and add `this.` references
Lukasz Kryger
Phillip Webb
Maciej Walkowiak
Dave Syer
Andy Wilkinson
Greg Turnquist
Stephane Nicoll
Marcel Overdijk
Artem Bilan
sopov.ivan