Commit Graph

420 Commits (7728ae4e00d939d8c26d9354c464659ee1a80830)

Author SHA1 Message Date
Scott Frederick 51343139c2 Remove empty files
See gh-30875
3 years ago
Scott Frederick 03d17dd04a Merge branch '2.7.x' 3 years ago
Scott Frederick 576b72a7a1 Merge branch '2.6.x' into 2.7.x
Closes gh-30877
3 years ago
Scott Frederick 6098b0c91f Merge branch '2.5.x' into 2.6.x
Closes gh-30876
3 years ago
Scott Frederick 8fe47aaebd Remove smoke tests that do nothing without a server
Fixes gh-30875
3 years ago
Scott Frederick 7f395941c7 Add timezone offset to default logging date format patterns
Closes gh-28654
3 years ago
Andy Wilkinson 541ab69aff Merge branch '2.7.x' 3 years ago
Andy Wilkinson 4cd850cfc0 Merge branch '2.6.x' into 2.7.x
Closes gh-30851
3 years ago
Andy Wilkinson fa327a783d Merge branch '2.5.x' into 2.6.x
Closes gh-30850
3 years ago
Andy Wilkinson 4fd2e0c916 Polish "Fix typos"
See gh-30773
3 years ago
Andy Wilkinson f6d24dc1a8 Fix typos
See gh-30773
3 years ago
Moritz Halbritter 85a4c94dea Merge branch '2.7.x' 3 years ago
Moritz Halbritter b406971094 Remove hyphen from asserting-party
spring.security.saml2.relyingparty.registration.*.asserting-party.* is
now named spring.security.saml2.relyingparty.registration.*.assertingparty.*

Closes gh-30785
3 years ago
Andy Wilkinson 061d86e037 Reinstate Session Redis smoke test
See gh-30673
3 years ago
Phillip Webb c7374fd415 Update copyright year of changed files 3 years ago
Moritz Halbritter 1950d06585 Merge branch '2.7.x' 3 years ago
Moritz Halbritter 6c400daa48 Rename 'identityprovider' property to 'asserting-party'
Rename spring.security.saml2.relyingparty.registration.*.identity-provider.*
to spring.security.saml2.relyingparty.registration.*.asserting-party.*

The old property names are still supported, but will lead to a warning
in the logs.

Closes gh-30642
3 years ago
Brian Clozel 21eab010de Disable Redis Session smoke test
This commit temporarily disables the Redis Session smoke test, as it
relies on the Session Actuator endpoint being present.

Since spring-projects/spring-session#1711, the default session
repository contributed is not of type `FindByIndexNameSessionRepository`
and thus cannot support the Session endpoint use case.

Until gh-30673 is resolved, this test is disabled.

See gh-30673
3 years ago
Andy Wilkinson 9658661bd4 Merge branch '2.7.x' 3 years ago
Andy Wilkinson 7789a18d23 Merge branch '2.6.x' into 2.7.x
Closes gh-30667
3 years ago
Andy Wilkinson d4348279a7 Merge branch '2.5.x' into 2.6.x
Closes gh-30666
3 years ago
Andy Wilkinson 8f1b8622ba Ensure that webEnvironment=NONE creates non-web context
Previously, if spring.main.web-application-type was configured in
application.properties to servlet or reactive, setting
webEnvironment=NONE on @SpringBootTest would not work correctly and
a servlet or reactive web application context would be created
based on the value of spring.main.web-application-type.

This commit updates the test context bootstapper to set
spring.main.web-application-type to none when webEnvironment has been
set to none. This is done in the merged context configuration's
property source properties which are applied to the environment in a
high-precedence test property source that will override configuration
in application.properties.

Closes gh-29695
3 years ago
Andy Wilkinson b871a1e457 Merge branch '2.7.x' 3 years ago
Andy Wilkinson 48f8021d88 Migrate @Local*Port annotations to spring-boot-test
Closes gh-29589
3 years ago
Brian Clozel d476d8e37b Move GraphQL test document files
After changes performed in spring-projects/spring-graphql#338, GraphQL
test documents now have a different test location.
3 years ago
Moritz Halbritter 1d29081e61 Merge branch '2.7.x' 3 years ago
Moritz Halbritter 3e26c584fd Merge branch '2.6.x' into 2.7.x 3 years ago
Moritz Halbritter 27ddcbd551 Merge branch '2.5.x' into 2.6.x 3 years ago
Moritz Halbritter cd5d3dbf8d Disable SampleSessionWebFluxApplicationTests on Linux aarch64
These tests use embedded mongo under the hood.

See gh-30082
3 years ago
Moritz Halbritter 1cd16f6718 Merge branch '2.7.x' 3 years ago
Moritz Halbritter 1fec2f0e9b Merge branch '2.6.x' into 2.7.x 3 years ago
Moritz Halbritter 4e09289076 Merge branch '2.5.x' into 2.6.x
# Conflicts:
#	spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-data-mongodb/src/test/java/smoketest/data/mongo/SampleMongoApplicationTests.java
3 years ago
Moritz Halbritter 1d15e8c8e2 Disable SampleMongoApplicationTests on Linux aarch64
See gh-30082
3 years ago
Andy Wilkinson 1ee7ac3cd6 Merge branch '2.7.x' 3 years ago
Andy Wilkinson 7eff00b818 Merge branch '2.6.x' into 2.7.x
Closes gh-30360
3 years ago
Andy Wilkinson f04a85957e Merge branch '2.5.x' into 2.6.x
Closes gh-30359
3 years ago
Andy Wilkinson 5473cd3abc Try to stabilize SampleSessionWebFluxApplicationTests
Closes gh-30353
3 years ago
Brian Clozel 755836aab8 Update formlatest GraphQlTester changes
See spring-projects/spring-graphql#278
3 years ago
dreis2211 be981e45d1 Remove checks for Java 9 compatibility in build.gradle files
See gh-30335
3 years ago
Chris Dennis 3ed3d3eb36 Restore Ehcache 3 Support
See gh-30002
3 years ago
Brian Clozel 81754c8bc4 Upgrade to Spring GraphQL 1.0.0-SNAPSHOT
This commit switches to 1.0.0-SNAPSHOT for Spring GraphQL, before its
upcoming 1.0.0-M6 version.

This commit adapts to the changes introduced in
spring-projects/spring-graphql#317 : now that `GraphQlClient` has been
introduced, `GraphQlTester` has been aligned with the new
infrastructure. The `@GraphQlTest` and `@SpringBootTest` testing support
is now using different variants for each.

All samples have been updated to use the proper GraphQL terminology, see
and spring-projects/spring-graphql#310 .

See gh-29637
3 years ago
Andy Wilkinson 0bf1090e29 Merge branch '2.7.x' 3 years ago
Andy Wilkinson a3cdc4e799 Merge branch '2.6.x' into 2.7.x
Closes gh-30088
3 years ago
Andy Wilkinson 344f71c75a Merge branch '2.5.x' into 2.6.x
Closes gh-30087
3 years ago
Andy Wilkinson 4bcb7e2f77 Prevent ActiveProfilesTests from binding to 8080
Due to gh-29695, smoketest.profile.ActiveProfilesTests starts a web
server bound to the default port (8080) despite the test setting
`webEnvironment` to `NONE`.

This commit works around the problem by running the tests with
server.port set to zero.

Closes gh-30086
3 years ago
Andy Wilkinson ddc953468c Merge branch '2.7.x' 3 years ago
Andy Wilkinson 308fe7c552 Merge branch '2.6.x' into 2.7.x
Closes gh-30047
3 years ago
Andy Wilkinson 97222236fe Merge branch '2.5.x' into 2.6.x
Closes gh-30046
3 years ago
Andy Wilkinson 57f935faed Use a more relaxed AliasCheck for CI on Windows
ContextHandler.ApproveAliases has been deprecated. We tried to
replace it with AllowedResourceAliasChecker but it does not
behave in the same way and causes CI failures on Windows.
ContextHandler.ApproveAliases always returns true so we should
hardcode our own implementation that does the same.

Closes gh-30045
3 years ago
Andy Wilkinson 132bf686f8 Merge branch '2.7.x' 3 years ago
Andy Wilkinson 2d9177dd9d Merge branch '2.6.x' into 2.7.x
Closes gh-29955
3 years ago
Andy Wilkinson 3614c8d1f8 Merge branch '2.5.x' into 2.6.x
Closes gh-29954
3 years ago
Andy Wilkinson 1e8d29f7aa Configure Kotlin compilation JVM target by convention
Closes gh-29952
3 years ago
Phillip Webb ff4b92a3ba Update copyright year of changed files 3 years ago
Stephane Nicoll 39e230b5d6 Merge branch '2.6.x' into 2.7.x 3 years ago
Stephane Nicoll 78797572ac Merge branch '2.5.x' into 2.6.x 3 years ago
Stephane Nicoll fa6a1463d0 Polish 3 years ago
Stephane Nicoll 587b278bb4 Merge branch '2.7.x' 3 years ago
Stephane Nicoll 719fb2e8e5 Upgrade to Jetty 9.4.45.v20220203
Closes gh-29843
3 years ago
Stephane Nicoll dc171c6462 Upgrade to Jetty 9.4.45.v20220203
Closes gh-29791
3 years ago
Stephane Nicoll a99582a3bb Upgrade to Jetty 9.4.45.v20220203
Closes gh-29771
3 years ago
Stephane Nicoll 3b4832445b Merge branch '2.7.x' 3 years ago
Stephane Nicoll 098a57affb Upgrade to R2DBC Borca-RELEASE
See gh-28524
3 years ago
Stephane Nicoll 8c8c9c5f28 Upgrade to H2 2.1.210
H2 2.x contains several important changes such as moving the primary key
generation mechanism to a sequence-based identifier. This commit fixes
a number of tests that were failing.

Closes gh-29651

Co-authored-by: Andy Wilkinson <wilkinsona@vmware.com>
3 years ago
Stephane Nicoll b22e3d51dc Merge branch '2.7.x' 3 years ago
Henning Poettker e3d0f1feee Adjust IDENTITY in DDLs for H2 2.x compatibility
See gh-29200
3 years ago
Phillip Webb a282f912e6 Organize imports
Organize imports according to updated checkstyle rules.
3 years ago
Stephane Nicoll 41fb9cf562 Merge branch '2.7.x' 3 years ago
Stephane Nicoll f812b33cbd Merge branch '2.6.x' into 2.7.x
Closes gh-29613
3 years ago
Stephane Nicoll 136b5959c3 Merge branch '2.5.x' into 2.6.x
Closes gh-29612
3 years ago
Stephane Nicoll 7f17f819a6 Polish "Enforce use of BDDMockito"
See gh-29178
3 years ago
Yanming Zhou b49418aaaf Enforce use of BDDMockito
1. Replace Mockito.verify*() with BDDMockito.then()
2. Replace Mockito.doReturn() with BDDMockito.willReturn()
3. Adjust checkstyle rule

See gh-29178
3 years ago
Andy Wilkinson 35b5b5672d Merge branch '2.7.x' 3 years ago
Andy Wilkinson 2c049f2b40 Merge branch '2.6.x' into 2.7.x
Closes gh-29501
3 years ago
Madhura Bhave 3460c24a16 Ignore context path when calling privilege evaluator
Previously, the error page security filter passed the request's URI
to the privilege evaluator. This was incorrect in applications with
a custom context path as the privilege evaluator must be passed a
path that does not include the context path and the request URI
includes the context path.

This commit updates the filter to use UrlPathHelper's
pathWithinApplication instead. The path within the application does
not include the context path. In addition, pathWithinAppliation
also correctly handles applications configured with a servlet
mapping other than the default of /.

Closes gh-29299

Co-Authored-By: Andy Wilkinson <wilkinsona@vmware.com>
3 years ago
Andy Wilkinson 26fecbe230 Upgrade to Thymeleaf and Security Extras 3.1.0-M1
Closes gh-49452
Closes gh-49453
3 years ago
Andy Wilkinson 12cd97a20c Reinstate support for Thymeleaf 3 years ago
Phillip Webb cb97aff1e7 Merge branch '2.7.x' 3 years ago
Phillip Webb 9278a502c7 Merge branch '2.6.x' into 2.7.x 3 years ago
Phillip Webb 14fe9347b5 Merge branch '2.5.x' into 2.6.x 3 years ago
Phillip Webb 3f7bf7d34f Modify SpringApplication Environment rather than setting it
Update `SpringBootContextLoader` so that when possible the
`SpringApplication` remains in control of creating the `Environment`
instance.

Prior to this commit, we would always create the `Environment` in the
`SpringBootContextLoader` and then call `setEnvironment` on the
`SpringApplication`. This meant that the `ApplicationEnvironment`
classes were not used and that `isCustomEnvironment` was set to `true`
so no conversion was applied.

With the updated code, an `ApplicationListener` is used to mutate the
`Environment` instance and add the required test property sources.

Fixes gh-29169
3 years ago
Phillip Webb 8147eb6d6d Merge branch '2.6.x' into 2.7.x 3 years ago
Phillip Webb 3d6840e715 Merge branch '2.7.x'
Closes gh-29376
3 years ago
Phillip Webb fee45e056a Merge branch '2.6.x' into 2.7.x
Closes gh-29375
3 years ago
Phillip Webb 91d2b1b988 Merge branch '2.5.x' into 2.6.x
Closes gh-29374
3 years ago
Phillip Webb eb6b48fff0 Use side-effect free environment with tests rather than converting
Refine the logic introduced in 64270eca to use a side-effect free
Environment implementation rather than converting the Environment early.

Early conversion can cause condition evaluation issues if
`src/test/resources/application.properties` files are bound to the
`SpringApplication`. Specifically the `spring.main.web-application-type`
property can change the `Environment` type which must happen before
conditions are evaluated.

Fixes gh-29169
3 years ago
Stephane Nicoll 69d1c3674a Upgrade to latest Hazelcast 3.x in integration tests 3 years ago
Stephane Nicoll a780e87e9c Upgrade to Hazelcast 5.0.2
See gh-29265
3 years ago
Phillip Webb 06398eabed Merge branch '2.7.x' 3 years ago
Phillip Webb b25e92f3e2 Merge branch '2.6.x' into 2.7.x 3 years ago
Phillip Webb 760dcffd8b Merge branch '2.7.x' 3 years ago
Andy Wilkinson 1dbfcf8b57 Reinstate support for Spring Data Couchbase
Closes gh-28976
3 years ago
izeye 728206dba0 Polish GraphQL changes
See gh-29140
Closes gh-29194
3 years ago
Brian Clozel 88ee4fab36 Polish
See gh-29140
3 years ago
Brian Clozel f61c87c3a7 Revert "Merge branch '2.7.x'"
This reverts commit f0677a119c, reversing
changes made to 938d58f32c.
3 years ago
Brian Clozel f0677a119c Merge branch '2.7.x' 3 years ago
Brian Clozel c522a8007b Add smoke test for Spring GraphQL
See gh-29140
3 years ago
Madhura Bhave 48a6470ddb Merge branch '2.7.x' into main 3 years ago
Madhura Bhave d9d161cd6b Allow previously authorized users to access the error page
Prior to this commit, the `ErrorPageSecurityFilter` verified if
access to the error page was allowed by invoking the
`WebInvocationPrivilegeEvaluator` with the Authentication from the
`SecurityContextHolder`.
This meant that access to the error page was denied for a `null` Authentication
 or `AnonymousAuthenticationToken` in cases where the error page required
authenticated access. This prevented authorized users from accessing the
error page in case the Authentication wasn't retrievable for the error dispatch,
which is the case for `@Transient` authentication or stateless session policy.

This commit updates the `ErrorPageSecurityFilter` to check access to the error page
only if the error is an authn or authz error in cases where an authentication object
is not found in the SecurityContextHolder. This makes the error response consistent
when bad credentials or no credentials are used while also allowing access to previously
authorized users.

Fixes gh-28953
3 years ago
Phillip Webb 7981a82785 Merge branch '2.7.x' 3 years ago