Update ElasticsearchAutoConfiguration to ensure that local nodes are
closed when the context is closed. Prior to this commit the close()
method of the Client would be called which had no effect for local
Nodes.
Fixes gh-2480
Undertow’s WebSocket client sends an illegal Origin header – it does
not include the scheme, e.g. it’ll send “localhost” rather than
“http://localhost”. This commit works around the problem by allowing
access to the SockJS endpoints from any origin, thereby disabling
OriginHandlerInterceptor’s checking of the Origin header.
Spring Integration's FileWritingMessageHandler uses a .writing file
while it's in the process of writing a message to disk and then
performs a rename (depending on the OS and filesystem this may or may
not be atommic) to create the .msg file. Prior to this commit the
test was finding the temporary .writing files and examining them. This
could lead to a FileNotFoundException being thrown as the temporary
file was deleted while the test was trying to read its contents.
This commit updates the test to only look for files with a .msg suffix
Fixes gh-2428
Previously, SampleIntegrationParentApplicationTests assumed that when
an output file existed on disk its contents would have been written
in their entirety. This assumption does not hold true and causes the
test to fail intermittently as it incorrectly determines that the test
has produced no output.
This commit updates the test to wait for up to 30 seconds for the
output files to appear on disk and for the expected content to be
found in one of those files. If the files exist but do not
contain the expected content the test will keep trying until it does
or until too much time as elapsed.
Fixes gh-2380
Previously, the documentation only provided examples of the required
configuration for Maven users. This commit adds equivalent configuration
snippets for those using Gradle. It also removes the recommendation to
override the version of the Servlet API as this is unnecessary. The pom
files for the Jetty 8 and Tomcat 7 samples have also been updated
accordingly.
Closes gh-2346
Undertow, like Tomcat, uses "" for the context path of the root
context. Previously, the Undertow deployment was being configured with
"/" for the root context. This was leading to a silent failure in
AsyncContextImpl.dispatch when it failed to look up the deployment
manager for the current request.
This commit updates UndertowEmbeddedServletContainerFactory to use the
correct context path (an empty String) for the root context.
Fixes gh-2365
A dependency on org.glassfish.jersey.ext:jersey-bean-validation has
been added to spring-boot-starter-jersey. jersey-bean-validation’s EL
dependencies have been excluded in favour of those provided by
spring-boot-starter-tomcat (or starter-jetty or starter-undertow should
the user choose to use a different embedded container).
Closes gh-2315
The package names changed a bit from the prototype project, but wuth vanilla
autconfiguration usage that shouldn't matter. Follows closely the Groovy
templates support. Templates live in classpath:/templates/*.html by default.
Fixes gh-2242
Update ManagementSecurityAutoConfiguration so that MVC Endpoints that
have Principal arguments are not treated in any special way. This
restores Spring Boot 1.1.x behavior where the 'sensitive' flag is used
to determine access rules.
The HealthMvcEndpoint still uses the Principal (when available) to
determine if full status information can be displayed. It now also
explicitly checks the environment for `endpoints.health.sensitive`
to determine if the user has opted-out and requires complete health
details.
The health MVC endpoint should now work as follows:
* Default configuration - No login is required, full information is only
displayed if a Principal is available.
* endpoints.health.sensitive=true - Login is required, full information
is displayed.
* endpoints.health.sensitive=false - Login is not required, full
information is displayed.
Fixes gh-2211
Shares the /health endpoint request mapping between security config
and MVC dispatcher. Generalizes so that instead of a marker
interface (AnonymouslyAccessibleMvcEndpoint), an MvcEndpoint
signals that it wants to control its own access rules by adding
a Principal to the @RequestMapping method parameters (more @MVC).
Fixes gh-2015 slightly differently
The changes in 3bb598a overload the health endpoint's sensitive
property such that it's now considered sensitive if management
security is enabled. When an endpoint is sensitive anonymous
access is prevented. This breaks the health endpoint which should
return a filtered view of the server's health when it's accessed
anonymously rather than rejecting the request.
This commit introduces AnonymouslyAccessibleMvcEndpoint, a marker
extension of the MvcEndpoint interface. It is implemented by
HealthMvcEndpoint. ManagementSecurityAutoConfiguration has been
updated to allow anonymous access to endpoints that aren't sensitive
or that implement AnonymouslyAccessibleMvcEndpoint.
Fixes gh-2015
Previously, index.html used absolute paths to load its CSS and
JavaScript. This meant that it had to be deployed to /. This commit
updates the HTML to use relative paths for its CSS and JavaScript,
thereby ensuring that they can be loaded irrespective of the context
path to which the application is deployed.
Closes gh-1988
If you inject the class (via a servlet parameter) it seems that
Jersey tries to create all the beans for you (and fails). I thought
it was supposed to work (according to the docs), so I'm a bit confused
but the sample now has Spring DI and the tests pass.
Fixes gh-1981
Update MongoDataAutoConfiguration to provide easier configuration of
CustomConversions, the MappingMongoConverter, MongoMappingContext
and an authentication database.
Fixes gh-1619
Fixes gh-1730
Including maps and lists. Beans with no metadata (in
/META-INF/*spring-configuration-metadata.json) are just serialized
as they come (so might have problems like cycles). Serialization
errors are caught and rendered as an "error" for that bean. Any
problems can be fixed by preparing metadata and specifying which
properties are to be rendered that way.
Fixes gh-1746, fixes gh-1921
The http.mappers.* configuration properties assumed that the mapping
was JSON (on of the property names was jsonPrettyPrint) and also only
exposed a small subset of the configuration options supported by
Jackson (and GSON). The property names implied that it would configure
all HTTP mapping, however it was ignored by GsonAutoConfiguration.
This commit deprecates the support for http.mappers.* in favour of
configuring Jackson or Gson instead. Jackson can be configured
declaratively using the spring.jackson.* properties or programtically.
Gson can be configured programatically by using a GsonBuilder to
create a Gson instance with the desired configuration.
gh-1946 has been opened to add support for declarative configuration
of Gson.
Closes gh-1945
ServerConnector is in different packages in Jetty 8 and Jetty 9 which
was leading to a NoClassDefFounderError when SSL was used with
Jetty 8.
This commit updates SslServerConnectorFactory to return an
AbstractConnector, a super class of ServerConnector, that is in the
same package in both Jetty 8 and Jetty 9. This class does not provide
a setPort method so the setting of the port has been pushed down into
the SslServerConnectorFactory implementation.
SSL samples for both Jetty 8 and Jetty 9 have been added to verify
SSL with both supported versions of Jetty.
Closes gh-1925
The exception message for a connection timeout has been updated to
include the timeout period. The tests for the sample have been updated
accordingly.
Closes gh-1884
Traditionally, a @ServerEndpoint-annotated bean is found by a servlet
container initialiser, however Boot does not run servlet container
initialisers when an embedded container is being used. To be able to use
@ServerEndpoint in a Boot app that uses embedded Tomcat a
ServerEndpointExporter bean must be declared.
This commit updates the documentation to describe this requirement and
also updates the WebSockets sample to illustrate the use of
ServerEndpointExporter. The version of Spring Framework has been updated
to 4.0.8.BUILD-SNAPSHOT. This picks up the fix for SPR-12340.
Closes gh-1722
Change the default value of spring.datasource.jmx-enabled to false
to prevent InstanceAlreadyExistsException problems when using the
Spring Test Framework.
Fixes gh-1590
Switch the Tomcat 8 and Jetty 9 samples to Tomcat 7 and Jetty 8. Since
Tomcat 8 and Jetty 9 are now the default versions the previous samples
are no longer relevant, however, we do need integration tests to check
that we remain compatible with Tomcat 7 and Jetty 8.
See gh-1832
It *is* very useful to have filtering on by default, so that is now
the case (in spring-boot-starter-parent). Users can filter resources
by default by adding @*@ placeholders (so as not to clash with Spring
${} placeholders).
Fixes gh-1199
Prior to this commit LoggingSystem initialization would happen multiple
times. Once to configure "quiet" logging, and again to configure correct
settings once the Application was initialized. This could cause problems
if `logging.groovy` logback files were used.
The logging system is now only initialized once (when possible) by
following these steps:
- Standard logging initialization occurs via the actual logging
implementation used (e.g. logback will load a logback.xml file if it
exists)
- beforeInitization() is called to prevent early log output.
Implementations now either use a Filter or simply set the root logging
level.
- initialize() is called with an optional log configuration file (e.g
a custom logback.xml location) and an optional log output file (the
default is null indicating console only output).
The initialize() method will attempt to prevent double initialization
by checking if a standard configuration file exists. Double
initialization now only occurs in the following situations:
- The user has a standard configuration file (e.g. classpath:logback.xml)
but also specifies a logging.config property. Double initialization is
required since the specified configuration file supersedes the default.
- The user has a standard configuration file (e.g. classpath:logback.xml)
and specifies a logging.file property. Double initialization is
required since the standard configuration may use a ${LOG_FILE}
reference.
In addition this commit removes the `logging.console` option and now
assumes that logging either occurs only to console or to both the
console and a file. This restriction helps simplify the LoggingSystem
implementations. If file only logging is required a custom logback.xml
can be used.
Fixes gh-1091
See gh-1612, gh-1770
Then we can optionally find a non-anonymous principal if there
is one. If the user is anonymous then the health result is cached
up to endpoints.health.ttl (default 1000ms) to prevent a DOS attack.
Fixes gh-1353
Previously, there was a timing window where the output file had been
created but it was empty. This would cause the test to fail as the
output was read from the empty file and didn’t match the expected “Hello
World”.
This commit updates the test to only process the resources in the output
directory when all the resolved resources have a non-zero content
length. An @Before method has also been added to delete the output
produced by the test so that the outcome of the test isn’t affected by
files generated by previous runs.
Fixes gh-1735
Update FaviconConfiguration to allow favicon.ico files to be resolved
from static resource folders (/META-INF/resources, /resources, /static,
/public) in addition to the root classpath.
Fixes gh-1656
Previously, RepositoryRestMvcBootConfiguration was not annotated with
@Configuration. This meant that it was processed in lite mode.
Crucially, in lite mode, there’s no proxying so each call to the
config() @Bean method from within other @Bean methods resulted in the
creation of a new RepositoryRestConfiguration instance. Furthermore, as
each of these instances wasn’t a Spring bean the configuration
properties were not applied.
This commit updates RepositoryRestMvcBootConfiguration to annotate it
with @Configuration so that it’s no longer processed in lite mode. It
also updates the unit tests and the Spring Data REST sample to verify
that the baseUri can be configured using application.properties.
Fixes gh-1675