Aether apparently doesn't use the java.net.* APIs for
TCP connections so it doesn't notice when a user sets
-Dhttp.Proxy*. To fix it is painful, and leads me to
suspect that actually we might want to parse a
settings.xml at some point (however unpalatable that
is).
For now I have added a Proxy to all RemoteRepository
instances that we create in the CLI if the user
has set -Dhttp.proxyHost (and/or -Dhttps.proxyHost for
a secure repository).
TODO: authentication. Is there a standard way to specify
that globally via system properties.
TODO: maybe use per-repository settings if provided
(e.g. in settings.xml).
Previously all EventListeners were eagerly instantiated
but that can cause problems because it happens quite early
in the lifecycle. Better to be explicit about the
supported types.
* Underscores are allowed as nested property field separators
* System and env vars are only considered for binding if they
look like they apply to a given bean when ignoreUnknownFields
is false
In case Spring Security is missing from the class path, shell auto configuration will now fall back gracefully to simple authentication and emit warning to the console.
fixes#114
@ConfigurationProperties(ignoreUnkownFields=false,ignoreNestedFields=true)
is now a useful option for binding to "top-level" command line options
(without a prefix). In that case we don't try to bind to `server.*` and
other common prefixed property values (at the cost of not being able to
bind to nested beans).
This leverages existing capabilities of teh JDK and the OS
to grab a port at random and not have it stolen by another
process. It's very hard to avoid that race condition in
pure Java code, so why bother?
User can set port<0 to disable autoStart of connectors (e.g.
to start a web application context but not have it listen on
any port). In that case the actual socket port will be set to
0 (and therefore if it ever starts up the local port will
be random).
Now simple authentication for the crsh shell can we configured using shell.auth.simple.user.name and shell.auth.simple.user.password. This is consistent with security.user.name and security.user.password.
fixes#113
The AutoConfigurationReportLoggingInitializer wasn't working in
non-GenericApplicationContext becasue teh BeanFatcory wasn't available
for registering its listener during initialization. Instead of
relying on that rather fragile state I decided to give any
ApplicationContextInitializer that was itself an ApplicationListener
an explicit callback with a ContextRefreshedEvent, and move that
interface up a level in the logging initializer. Works much better.
In case a Spring Security AuthenticationManager is found in the app context the auto configuration will change default shell authentication method to auth against Spring Security. In addition shell access will get protected by the specific role configured in SecurityProperties.Management.
Certainly this can be overridden by providing shell.auth and shell.auth.spring.roles.
Dave Syer
Phillip Webb
Christian Dupuis
nitram509