Update `Saml2RelyingPartyRegistrationConfiguration` so that
`RelyingPartyRegistrations` uses `collectionFromMetadataLocation`
rather than `fromMetadataLocation` and searches candidates for a
matching entity ID.
Prior to this commit, it was possible for the wrong provider to be
used if multiple candidates existed in the returned metadata.
See gh-35902
Update `ReactorClientHttpConnectorFactory` to that SSL configuration
is applied in addition to any configured mappers.
Prior to this commit, SSL configuration would prevent configured
mappers from being applied.
See gh-35914
In Spring Framework 5.x with Jetty 9, the reactive
JettyRequestUpgradeStrategy was able to initialize Jetty's WebSocket
infrastructure itself. With Jetty 10 this is no longer possible and
Boot must perform the initialization as part of preparing the
reactive JettyWebServer.
This commit updates the reactive WebSocket auto-configuration to
initialize Jetty's WebSocket infrastructure as part of creating the
reactive JettyWebServer.
Fixes gh-33347
When Hazelcast is started on a fixed port and that port is already in
use, it does not fail to start which makes the problem hard to
detect. A symptom of the problem is that clients will not be able to
connect and will either retry indefinitely or will timeout depending
on their configuration.
This commit updates the Hazelcast client tests to start the Hazelcast
instance on an ephemeral port and to customize the client
configuration with the instance's address before use. This should
allow the client tests to work reliably in an environment where
Hazelcast's default port is already in use.
Closes gh-35903
Properties `ssl.bundle.pem.mybundle.keystore.private-key-password`
and `ssl.bundle.pem.mybundle.truststore.private-key-password` have
been added for configuring the password required to decrypt an
encrypted private key.
Only PKCS8 private keys with encryption are supported. PKCS1 and EC
private keys with encryption are much more complex to decrypt, and
are not supported.
Fixes gh-35652
As discussed on issue #35628, at some point the host property accepted
multiple comma-separated hosts. However, this was not intended, and for
better clarification, it was decided to implement a clearer error
message for this situation.
See gh-35684