Commit Graph

580 Commits (88d72e059888a603b0dc23e1df741681b39e726d)

Author SHA1 Message Date
Phillip Webb 98135c964b Remove Principal handler logic from security
Update ManagementSecurityAutoConfiguration so that MVC Endpoints that
have Principal arguments are not treated in any special way. This
restores Spring Boot 1.1.x behavior where the 'sensitive' flag is used
to determine access rules.

The HealthMvcEndpoint still uses the Principal (when available) to
determine if full status information can be displayed. It now also
explicitly checks the environment for `endpoints.health.sensitive`
to determine if the user has opted-out and requires complete health
details.

The health MVC endpoint should now work as follows:

* Default configuration - No login is required, full information is only
  displayed if a Principal is available.
* endpoints.health.sensitive=true - Login is required, full information
  is displayed.
* endpoints.health.sensitive=false - Login is not required, full
  information is displayed.

Fixes gh-2211
10 years ago
Phillip Webb 8628adcb74 Order EmbeddedServletContainerCustomizers
Add Ordered interface to all EmbeddedServletContainerCustomizers with
a value of 0. Prior to this commit it was difficult for a user to
define a customizer that would be applied before ours, even if they
implemented Ordered or added @Order annotations.

Fixes gh-2123
10 years ago
izeye 3784959b6f Rename SecurityPrequisite -> SecurityPrerequisite
Closes gh-2179
10 years ago
Alex Panchenko 8f869e6be3 Remove duplicate "should" word from README 10 years ago
Phillip Webb 9f31e09cf0 Fix 'pid' references in the PortFileWriter
Fix numerous copy-paste errors in EmbeddedServerPortFileWriter
where PID concepts are referenced.

Fixes gh-2161
10 years ago
Phillip Webb 5dd40e6999 Polish 10 years ago
Stephane Nicoll 11f5c76968 Properly guard ManagementSecurityAutoConfiguration
ManagementSecurityAutoConfiguration fully relies on the presence of a
web environment, yet the configuration class itself was not guarded by
`@ConditionalOnWebApplication` (while nested config where).

This turned out to be a problem for command-line applications using
spring security (i.e. CRaSH integration).

Fixes gh-2112
10 years ago
Stephane Nicoll e96f75fdc1 Fix management endpoint without Spring Security
The method 'injectIntoSecurityFilter' added In 3c1e48c assumes that
Spring security is in the classpath so any management endpoints that are
deployed on a different port requires Spring Security all the sudden.

This commit separates the creating of the EndpointHandlerMapping in two
mutually exclusive @Configuration: one that is triggered if Spring
Security is not in the classpath and one that is triggered if Spring
Security is in the classpath. The latter apply the security filter in the
endpoint mapping if it exists.

Fixes gh-2124
10 years ago
Stephane Nicoll f8141cbb95 Restore use of management.health.*.enabled keys
The move of health.* keys to management.health.* broke them as they
are not defined as configuration keys and `ManagementServerProperties`
is strict on the whole management namespace.

This commit updates the tests to actually include that properties class
and relax the "ignoreUnknownFields" condition so that extra attributes
can be defined on the "management" namespace.

Fixes gh-2115
10 years ago
Spring Buildmaster 63e6a25097 Next development version 10 years ago
Spring Buildmaster 1a788c1741 Next development version 10 years ago
Phillip Webb c678c1f788 Polish 10 years ago
Phillip Webb a27217ae43 Provide a way to opt-in to endpoint enablement
Update AbstractEndpoint so that the `enable` property is optional and
when it not specified the `endpoints.enabled` property will be used.

This allows users to switch the way that endpoints are enabled. Rather
than opting-out specific endpoint enablement the `endpoints.enabled`
property can be set to `false` and specific endpoints can be opted-in.

Fixes gh-2102
10 years ago
Dave Syer de3ce18ad6 Defensive check for cglib proxy in RequestMappingEndpoint
Since AbstractHandlerMethodMapping.getHandlerMap() is final it can't
be cglibbed and a proxy will barf if you try and call that method.
The RequestMappingEndpoint can be protected simply by defensively
checking if the mapping is a proxy before trying to inspect it.
10 years ago
Phillip Webb b63922d59d Polish 10 years ago
Stephane Nicoll d33c0ebf8f Fix data type of telnet and ssh ports
Define shell.ssh.port and shell.telnet.port as integer properties
so that the generated meta-data exposes the proper type.

Fixes gh-2076
10 years ago
Phillip Webb 4b7c6f61b4 Polish 10 years ago
Phillip Webb fc746b802a Polish 10 years ago
Stephane Nicoll f40f17a758 Add missing description 10 years ago
Phillip Webb d7c61ef01c Drop ShellProperties.setAdditionalProperties
Drop the setAdditionalProperties method from ShellProperties to ensure
that it is not included in the meta-data JSON. The additional properties
are usually wired in using @Autowired and it is pretty unlikely that
anyone is using the setter directly.

Fixes gh-2055
10 years ago
Dave Syer 0b19884f58 Remove unecessary reflection hacks 10 years ago
Phillip Webb 4c7cc58a19 Correct ApplicationPidFileWriter property javadoc
Fixes gh-2041
10 years ago
Dave Syer 9de82f9c69 Add some space between the trace filter and the end of the chain 10 years ago
Phillip Webb 09dac5ff00 Apply formatting and cleanup rules 10 years ago
Phillip Webb 48db5457f1 Polish 10 years ago
Phillip Webb 237defaf18 Merge branch '1.1.x' 10 years ago
Phillip Webb 41c15f205f Polish concurrent gaugeLocks map access
See gh-1995
10 years ago
Phillip Webb 53637eaa7c Merge branch '1.1.x'
Conflicts:
	spring-boot/src/main/java/org/springframework/boot/logging/LoggingApplicationListener.java
10 years ago
Phillip Webb 49858a0ff1 Fix concurrent gaugeLocks map access
Use putIfAbsent to ensure atomic creation of lock objects.

Fixes gh-1995
10 years ago
Dave Syer 3c1e48c89a Better handling of anonymously accessible endpoints
Shares the /health endpoint request mapping between security config
and MVC dispatcher. Generalizes so that instead of a marker
interface (AnonymouslyAccessibleMvcEndpoint), an MvcEndpoint
signals that it wants to control its own access rules by adding
a Principal to the @RequestMapping method parameters (more @MVC).

Fixes gh-2015 slightly differently
10 years ago
Andy Wilkinson 2ce057ca96 Allow /health to be accessed anonymously irresepctive of its sensitivity
The changes in 3bb598a overload the health endpoint's sensitive
property such that it's now considered sensitive if management
security is enabled. When an endpoint is sensitive anonymous
access is prevented. This breaks the health endpoint which should
return a filtered view of the server's health when it's accessed
anonymously rather than rejecting the request.

This commit introduces AnonymouslyAccessibleMvcEndpoint, a marker
extension of the MvcEndpoint interface. It is implemented by
HealthMvcEndpoint. ManagementSecurityAutoConfiguration has been
updated to allow anonymous access to endpoints that aren't sensitive
or that implement AnonymouslyAccessibleMvcEndpoint.

Fixes gh-2015
10 years ago
Stephane Nicoll 65e9d6a6e0 Add property description
Set the field javadoc of many properties that are managed via
configuration so that the "description" field is available in the
meta-data.

Closes gh-1808
10 years ago
Spencer Gibb 2fb4d2ece6 Check if managementServerProperties.getSecurity() is not null
before checking isEnabled(). It is explicitly constructed as null
in ManagementServerProperties to prevent class not found errors
at runtime when Security is not on the classpath.

Fixes gh-2003, fixes gh-2004
10 years ago
Dave Syer 3bb598a421 Only hide /health details if the app is actually secure
Also gives the user the option to override (by setting
endpoints.health.sensitive=false).

Fixes gh-1977 in a slightly different way
10 years ago
Andy Wilkinson 337e9bd013 Use and wait for a latch to check that the interceptor is called
Spring MVC drives the postHandle method on any interceptors after the
response has been sent to the client. This meant that there was a
race between the test receiving the response and asserting that the
interceptor had been driven and Spring MVC driving the interceptor.

This commit updates the interceptor to use a CountDownLatch to track
whether or not it's been called. The test now waits for up to 30
seconds for the latch to be decremented.

Closes gh-1997
10 years ago
Andy Wilkinson 26a511495e Allow the user to opt-out of anonymous access restrictions for /health
By default, when /health is accessed anonymously, the details are
stripped, i.e. the response will only indicate UP or DOWN. Furthermore
the response is cached for a configurable period to prevent a denial
of service attack.

This commit adds a configuration property,
endpoints.health.restrict-anonymous-access, that can be set to false
to allow full anonymous access to /health. When full access is
allowed, the details will be included in the response and the response
will not be cached.

Closes gh-1977
10 years ago
Andy Wilkinson 5854ea189e Make TestInterceptor thread-safe
Previously, TestInterceptor used an int to keep a count of how often
it had been called. The count was incremented on one thread and
read on another thread. This lead to intermittent test failures as the
field was not declared volatile and a stale value would sometimes be
returned.

This commit updates TestInterceptor to use an AtomicInteger that's
held in a final field. This ensures that getCount() will not return
stale values and also ensures that the count can safely be incremented
concurrently.

Closes gh-1997
10 years ago
Stephane Nicoll 76451d13f5 Add metadata for info.*
Closes gh-1993
10 years ago
Dave Syer 9db86bbd2a Lookup metadata bean from context instead of injecting
That way, if there is one, it will always be the right one
(otherwise you might be processing teh parent context with
metadata from the child).

Fixes gh-1982
10 years ago
Stephane Nicoll 7b4de0921f Remove useless @ConfigurationProperties
Fixes gh-1972
10 years ago
Dave Syer cd092e02dc Remove unecessary Jackson dependency in trace filter 10 years ago
Stephane Nicoll 11894a5412 Fix manual metadata format inconsistency
Fixes gh-1961
10 years ago
Phillip Webb c34cfb27a3 Polish 10 years ago
Dave Syer ae23ba13b5 Fix for Java < 1.8
Uses raw class instead of Java Type API (which has a
default method in 1.8, unavailble in 1.7).
10 years ago
Dave Syer 5d2d39e87d Add EndpointHandlerMappingCustomizer callback
Users can add @Beans of this type to customize the
EndpointHandlerMapping (e.g. add interceptors) even if
it is in a child context.

Fixes gh-1933
10 years ago
Dave Syer 1254508357 Fix tests some more
Eclipse (by default) does not create the JSON metadata when
it compiles the @ConfigurationProperties beans. So running on
the command lilne gets scarily different than in an IDE. Fixed
by externalizing the metadata location and setting it to something
empty in the tests.
10 years ago
Dave Syer 0757d24d91 Fix /configprops tests 10 years ago
Dave Syer 6ad626de49 Allows /configprops endpoint to show nested properties
Including maps and lists. Beans with no metadata (in
/META-INF/*spring-configuration-metadata.json) are just serialized
as they come (so might have problems like cycles). Serialization
errors are caught and rendered as an "error" for that bean. Any
problems can be fixed by preparing metadata and specifying which
properties are to be rendered that way.

Fixes gh-1746, fixes gh-1921
10 years ago
Phillip Webb b583262211 Use SmartInitializingSingleton when possible
Switch implementations of ApplicationListener<ContextRefreshEvent> for
SmartInitializingSingleton when possible.

Fixes gh-1939
10 years ago
Phillip Webb 6cdd27a34d Merge branch '1.1.x' 10 years ago
Phillip Webb f224c7ac9e Find @ConfigurationProperties annotation on proxy
Update ConfigurationPropertiesReportEndpoint to find
@ConfigurationProperties using `context.findAnnotationOnBean` rather
than `AnnotationUtils.findAnnotation`. This will correctly find the
annotation even if the bean is an interface based proxy.

Fixes gh-1927
10 years ago
Stephane Nicoll 16e2130896 Add missing properties metadata
Fixes gh-1829
10 years ago
Phillip Webb 0a6c635f5e Use getMaxActiveSessions() in Tomcat metrics
Replace the getMaxActive() call with getMaxActiveSessions().

Fixes gh-1902
10 years ago
Dave Syer 90d25bd582 Use Set (again) for enumerating MvcEndpoints
This reverts a change that I assume was orphaned from work in
progress to address #1353, but is no longer needed. Anyway
there is no reason to restrict MvcEndpoints to be unique by
path since they can declare their own @RequestMappings
(and if there are duplicates they will be detected when those
are scanned).

Fixes gh-1911
10 years ago
Spring Buildmaster 46b7738334 Next development version 10 years ago
Johannes Stelzer c2a3ccde3e Add Tomcat public metrics for session usage
Fixes gh-1860
10 years ago
Phillip Webb d8c5c3262a Co-locate PublicMetrics auto-configuration
Fixes gh-1900
10 years ago
Phillip Webb 3e02b81e98 Merge branch '1.1.x' 10 years ago
Phillip Webb 52967017a0 Polish 10 years ago
Johannes Stelzer 7770b92411 Add systemload.average to SystemPublicMetrics
Fixes gh-1865
10 years ago
Phillip Webb d097c9a2f9 Formatting 10 years ago
Stephane Nicoll 6df001d30f Fix json format 10 years ago
Stephane Nicoll 00961611b2 Move health.* properties to management.health.*
Fixes gh-1841
10 years ago
Phillip Webb 004904af87 Fix meta-data JSON formatting error 10 years ago
Phillip Webb ea6162254d Update pidfile property and add documentation
Change the pidfile property from `spring.application.pidfile` to
`spring.pidfile` (to save confusion with SpringApplication properties).

Also added documentation and meta-data information.

See gh-1579
10 years ago
Phillip Webb 026b89f58c Support PID file location in Spring Environment
Update ApplicationPidFileWriter to support the Spring Environment,
picking up the `spring.application.pidfile` property if specified.

Fixes gh-1579
10 years ago
Stephane Nicoll fbf8f56a97 Generate standard configuration meta-data
Update the `spring-boot`, `spring-boot-autoconfigure` and
`spring-boot-actuator` project to generate configuration meta-data
files during compilation.

See gh-1001
10 years ago
Phillip Webb d6f2f0deee Merge branch '1.1.x' 10 years ago
Phillip Webb 5f80f3556b Use more specific WebSecurityConfigurer @Bean type
Update ManagementSecurityAutoConfiguration to return
IgnoredPathsWebSecurityConfigurerAdapter rather than
WebSecurityConfigurer<WebSecurity>.
10 years ago
Dave Syer 49fbf215a1 Switch to Dropwizard metrics 3.1.0
Fixes gh-1775
10 years ago
Dave Syer afb7156804 Add missing method for Java 1.7 10 years ago
Dave Syer a284d7bd3f Add Codahale metrics to /metrics endpoint
All metrics in the MetricRegistry have been added unconditionally for now.

Fixes gh-1795
10 years ago
Phillip Webb cf24af0bfb Rework logging to prevent double initialization
Prior to this commit LoggingSystem initialization would happen multiple
times. Once to configure "quiet" logging, and again to configure correct
settings once the Application was initialized. This could cause problems
if `logging.groovy` logback files were used.

The logging system is now only initialized once (when possible) by
following these steps:

- Standard logging initialization occurs via the actual logging
  implementation used (e.g. logback will load a logback.xml file if it
  exists)
- beforeInitization() is called to prevent early log output.
  Implementations now either use a Filter or simply set the root logging
  level.
- initialize() is called with an optional log configuration file (e.g
  a custom logback.xml location) and an optional log output file (the
  default is null indicating console only output).

The initialize() method will attempt to prevent double initialization
by checking if a standard configuration file exists. Double
initialization now only occurs in the following situations:

- The user has a standard configuration file (e.g. classpath:logback.xml)
  but also specifies a logging.config property. Double initialization is
  required since the specified configuration file supersedes the default.
- The user has a standard configuration file (e.g. classpath:logback.xml)
  and specifies a logging.file property. Double initialization is
  required since the standard configuration may use a ${LOG_FILE}
  reference.

In addition this commit removes the `logging.console` option and now
assumes that logging either occurs only to console or to both the
console and a file. This restriction helps simplify the LoggingSystem
implementations. If file only logging is required a custom logback.xml
can be used.

Fixes gh-1091
See gh-1612, gh-1770
10 years ago
Phillip Webb d17b7c8195 Polish 10 years ago
Christian Dupuis 6c66ff78c0 Fix health status aggregation bug 10 years ago
Dave Syer 24e71e868f Allow /health and /info to authenticate anonymously
Then we can optionally find a non-anonymous principal if there
is one. If the user is anonymous then the health result is cached
up to endpoints.health.ttl (default 1000ms) to prevent a DOS attack.

Fixes gh-1353
10 years ago
Phillip Webb 2e7aa4685b Polish 10 years ago
Brett Wooldridge 9984939c47 Update HikariCP to 2.1.0, compile against the Java 6-compatible artifact
For those running applications on Java 8, dependency management for the
Java 8-compatible artifact is also provided.

Closes gh-1721
10 years ago
Dave Syer d251b51338 Integrate with @TestPropertySource
Spring 4.2 has a @TestPropertySource which has some of the features of
@IntegrationTest. This change adds @TestPropertySource to the @IntegrationTest
annotation, so that (for instance) the cache key for the context includes
properties for the test.

Since @IntegrationTest has slightly different semantics I do not propose to
deprecate it. Users can use it or @TestPropertySource, the main difference being that
with @IntegrationTest the Spring Boot context loader is aware of the annotation
and it will set sensible defaults for server.port and spring.jmx.enabled.

There are some reflection hacks to overcome the usual fortifications of Spring Test.

Fixes gh-1697
10 years ago
Andy Wilkinson 7211571969 Fix some grammar issues in docs
Closes gh-1695
10 years ago
Eric Dahl 16937746a0 Fix some grammar issues in docs 10 years ago
Phillip Webb c90633aab6 Polish 10 years ago
Spring Buildmaster 3e71a21b30 Next development version 10 years ago
Phillip Webb dca637f51f Replace @ConditionalOnExpression with OnProperty
Replace where possible all @ConditionalOnExpression annotations with
@ConditionalOnProperty which is both faster to run and more descriptive.

Fixes gh-1685
10 years ago
Andy Wilkinson 6ec0b4ca81 Only consider letters when checking if a name is upper-case
Previously, for a string to be considered upper-case,
EmbeddedServerPortFileWriter required every character in the
string to be upper-case. This meant that strings containing numbers were
considered lower-case even if every letter in the string was upper-case.
OS X’s case-preserving, case-insensitive file system masked this problem
as the tests were still able to find the created file, even though the
case of its name was not as expected.

This commit updates EmbeddedServerPortFileWriter to only require
characters that are letters (as defined by Character.isLetter()) to be
upper-case. It also updates the tests to verify that the case of the
created file’s name is correct in such a way that it will fail, even
on OS X, when it is not.

Fixes gh-1676
10 years ago
Phillip Webb 6a423d7ad1 Add EmbeddedServerPortFileWriter
Add a EmbeddedServerPortFileWriter which can be used to write server
port information to a file.

Fixes gh-1275
Closes gh-1491
10 years ago
Phillip Webb 77ccd9a80b Rename ApplicationPidListener
Rename ApplicationPidListener to ApplicationPidFileWriter (keeping the
old class in a deprecated form)

Fixes gh-1673
10 years ago
Phillip Webb 4c51aa8e28 Polish 10 years ago
Andy Wilkinson b8eb13d827 Fix tests after addition of disk space health indicator 10 years ago
Andy Wilkinson 97178915a4 Polish disk space health indicator
- Supply auto-configuration for the new indicator
 - As suggested in the pull request, include the free disk space and
   configured threshold in the health details
 - Update the documentation to describe the indicator and its
   two configuration settings
 - Use @ConfigurationProperties to bind the indicator's configuration.
   This should make the changes sympathetic to the work being done
   to automate the configuration properties documentation

Closes gh-1297
10 years ago
Mattias Severson 78d7fe9cb5 Add HealthIndicator that checks free disk space
See gh-1297
10 years ago
Phillip Webb 62eb01f0b8 Polish 10 years ago
Phillip Webb 872f30e5d0 Merge branch '1.1.x'
Conflicts:
	spring-boot-actuator/src/main/java/org/springframework/boot/actuate/metrics/repository/redis/RedisMetricRepository.java
10 years ago
Phillip Webb 9dfbc25eaa Polish 10 years ago
Andy Wilkinson 06e18c6a46 Merge branch 'gh-1664' 10 years ago
Andy Wilkinson e90c8548a2 Make MetricFilter auto-configuration conditional on OncePerRequestFilter
In addition to requiring the Servlet API to be on the classpath,
MetricFilter requires spring-web to also be on the classpath as it
extends OncePerRequestFilter. This commit updates the auto-configuration
for MetricFilter so that it will be disabled in the absence of a 
dependency on spring-web.

Fixes gh-1664
10 years ago
Dave Syer d63bbdfe44 Change constructor signature for RedisMetricRepository
Otherwise we had to rely on afterPropertiesSet() being called to
validate and compute the prefix and key (which depend on each
other).
10 years ago
Dave Syer c18b4248e5 Merge 1.1.x with minor conflict 10 years ago
Dave Syer e913b35227 Merge 1.1.x with minor conflict 10 years ago
Dave Syer d724c9062b Change key value if prefix changes
Some weird looking test failures led me to track this down.
If the user changes the prefix for metric names, he probably wanted
to change the keys as welll (otherwise 2 repositories can use the
same key, which is why the test was failing for me). We can do that
in an afterPropertiesSet().
10 years ago