Since the handler interceptors have been removed, web endpoints
are all disabled by default to prevent accidental exposure of
sensitive information.
Closes gh-7958
This commit combines security autoconfigurations for
management endpoints and the rest of the application. By default,
if Spring Security is on the classpath, it turns on @EnableWebSecurity.
In the presence of another WebSecurityConfigurerAdapter this backs off
completely. A default AuthenticationManager is also provided with a user
and generated password. This can be turned off by specifying a bean of
type AuthenticationManager, AuthenticationProvider or UserDetailsService.
Closes gh-7958
This commit makes sure tht `HealthIndicatorAutoConfiguration` runs after
any producers of a `ConnectionFactory` and not only ActiveMQ. This was
identified as part of #10081: `JmsAutoConfiguration` is actually the
one that isn't necessary (spring-boot-actuator has no import on the
`org.springframework.jms` and only `javax.jms.ConnectionFactory` is used
as part of the JMS health indicator.
This library is required for parsing multipart requests asynchronously
in Spring WebFlux. Framework treats this as an optional dependency, but
Boot auto-configures multipart support with Servlet by default.
Closes gh-10073
This commit creates our own version of javax.servlet.DispatcherType for
configuration purpose as we can use the other one now the servlet api
is optional.
Closes gh-9856
This commit improves the json starter to bring the core starter (as any
other starters do). `spring-web` is now also added as it contains the
Spring's core jackson support.
Closes gh-10031
This commit moves CORS properties out of the endpoints namespace as they
do not refer to a "cors" endpoint but rather to the CORS configuration
of all endpoints.
Closes gh-10053
This commit removes an import on a class in "spring-web" as this class
is also meant to be used with Jersey only (i.e. when "spring-web" is
not present on the classpath).
Closes gh-10051
Madhura Bhave
Stephane Nicoll
Johnny Lim
Brian Clozel
Juan Pablo Santos Rodríguez