Commit Graph

6237 Commits (9a7baf195ec289e4be6ce2e9c2b2a088f81f5949)
 

Author SHA1 Message Date
Stephane Nicoll 9a7baf195e Fix typo 9 years ago
Andy Wilkinson b752b0f1d6 Upgrade to Jaybird 2.2.9
Closes gh-4351
9 years ago
Andy Wilkinson bffa10e80b Upgrade to httpcore 4.4.4
Closes gh-4350
9 years ago
Andy Wilkinson 648c983313 Upgrade to commons-dbcp2 2.1.1
Closes gh-4349
9 years ago
Andy Wilkinson 36fb5e4ade Upgrade to EHCache 2.10.1
Closes gh-4348
9 years ago
Andy Wilkinson fc1d920346 Upgrade to Undertow 1.3.4.Final
Closes gh-4347
9 years ago
Andy Wilkinson db588646c6 Upgrade to HikariCP-java6 2.3.12
Closes gh-4346
9 years ago
Andy Wilkinson 02d7e2826c Don’t call ignoring.antMatchers([]) as empty array now maps to /**
Previously, if security.ignored was set to none and the error controller
was disabled, there would be no paths to ignore and we would call
IgnoredRequestConfigurer.antMatchers with an empty array. While a bit
pointless, this had no effect on Spring Security’s configuration.

This behaviour has changed in the latest 4.0.3 snapshots [1]. An empty
array passed to IgnoredRequestConfigurer.antMatchers now maps to /**. As
Spring Boot configures its ignored paths with highest precedence this
means that security is now disabled for every path.

This commit updates both the management security and application
security configuration to avoid calling antMatchers with an empty
array, thereby ensuring that we don’t inadvertently ignore every path.
Even if the change to Spring Security is reverted we can keep this
change. The behaviour will remain the same and, arguably, it makes the
intent of our configuration clearer.

Closes gh-4345

[1] 8663ac4173
9 years ago
Andy Wilkinson 1e4257daed Fix the javadoc in SpringApplicationJsonEnvironmentPostProcessor 9 years ago
Andy Wilkinson 0c1efa473e Update documentation on how to configure the main class with Gradle
In 1.3, our Gradle plugin no longer automatically applies the
application plugin. This affects the default options that are
available for explicitly configuring a project's main class. This
commit updates the documentation accordingly.

Closes gh-3768
9 years ago
Dave Syer ba7d12c697 Clarify application.properties example
The syntax was a bit tortured. This should clarify things and also
de-emphasise the "production" use case for the file system
properties file (we want to be cloud native don't we?).
9 years ago
Dave Syer ee5a1f9722 Make SPRING_APPLICATION_JSON processing happen before config files
That way any properties that are needed for processing the config
files will be available in time. Makes sense given that env vars
is the main carrier of the inline JSON.
9 years ago
Dave Syer 1f675c026f Add support for inline JSON in SPRING_APPLICATION_JSON
User can supply inline JSON as an env var (SPRING_APPLICATION_JSON)
or System property (spring.application.json).

Fixes gh-4239
9 years ago
Stephane Nicoll 86c753a149 Temporary fix the build
(I mean it this thime)

See gh-4345
9 years ago
Andy Wilkinson 74317a220e Merge branch '1.2.x' 9 years ago
Andy Wilkinson 1f92360583 Ensure that HATEOAS sample does not try to produce XML
The HATEOAS sample does not support XML responses. Previously, the
controller doesn't constrain the media types that it could produce.
This would result in a failure when handling a request that prefers
XML responses.

This commit updates the produces clauses in the controller so that
the sample will only attempt to produce JSON.

Closes gh-4343
9 years ago
Stephane Nicoll 00e207dcaf Temporary fix the build
See gh-4345
9 years ago
Andy Wilkinson 248fcbec5d Merge branch '1.2.x' 9 years ago
Andy Wilkinson 05b501ce41 Update Tomcat multi-connectors sample to configure SSL declaratively
The documentation recommends configuring the HTTP connector in code
and using application.properties to configure the HTTPS connector
as it's easier. This commit updates the sample to follow that
recommendation.

Closes gh-4342
9 years ago
Stephane Nicoll fd2db51da7 Consistently document default and example values
Previously, the "Common application properties" appendix had no
consistent use of a configuration key value. It could just as well be
the default value or an example.

We now always document the default value after the "=" sign and
eventually add an example with the phrasing "For instance".

The keys have also been reordered so that they follow a natural (i.e.
lexical) order.

Closes gh-3230
Closes gh-3160
Closes gh-3155
Closes gh-3153
9 years ago
Andy Wilkinson 549f873941 Update RestarterTests to expect listener to be notified at least once 9 years ago
Andy Wilkinson eaa4d900eb Update auto-configured ParameterNamesModule to use DEFAULT creator mode
The PROPERTIES creator mode has the unfortunate side-effect of stopping
mixins from working. This commit updates the auto-configured module to
use the DEFAULT creator mode instead.

Closes gh-4336
9 years ago
Stephane Nicoll 7742dafccf Improve meta-data description 9 years ago
Andy Wilkinson 79d99e1847 Update ShellPropertiesTests to expect whitespace to be trimmed
The latest Spring Framework 4.2.3 snapshots appear to be trimming
whitespace as part of the binding process. This commit updates the
test's expectations accordingly.
9 years ago
Andy Wilkinson aaae4aa3a1 Prevent restarts from switching off Log4J2-based logging
During a restart, the Restarter runs all registered shutdown hooks. This
breaks Log4J2 as it leaves it in a shutdown state that leaves logging
switched off such that no output it produced when the application starts
up again.

This commit introduces a new RestartListener abstraction.
RestartListeners are notified prior to the application being restarted.
A Log4J2-specific implementation is provided that prepares Log4J2 for
restart by removing any shutdown callbacks from its shutdown callback
registry. This prevents the restart from shutting down Log4J2, ensuring
that it still functions when the application restarts.

Closes gh-4279
9 years ago
Andy Wilkinson 85d5766d54 Correct plugin name of ExtendedWhitespaceThrowablePatternConverter
Previously, it had the same plugin name as
WhitespaceThrowablePatternConverter which meant that only one of the
two plugins was available and the other’s converter keys didn’t work.

Closes gh-4337
9 years ago
Stephane Nicoll c98d3208b2 Merge pull request #4316 from klieber/bugfix/oauth2-auth-server-autoconfig
* pr/4316:
  Polish contribution
  Add missing properties to OAuth2AutorizationServer
9 years ago
Stephane Nicoll 10a079fb07 Polish contribution
Closes gh-4316
9 years ago
Kyle Lieber c6783e8663 Add missing properties to OAuth2AutorizationServer
Make sure that `autoApprove`, `accessTokenValiditySeconds`, and
`refreshTokenValiditySeconds` properties from the `ClientDetails`
are used

Closes gh-4306
9 years ago
Stephane Nicoll 6578239f67 Fix binding of Collection of enum
As there is no way to copy all the converters of a `ConversionService` to
another, `RelaxedConversionService` uses a fallback `ConversionService`
when the user-provided one failed.

That fallback is taking care of converting `String` to `Enum` in a case
insensitive way but it has no registered converter to convert a comma
separated String to a collection of something.

Ironically, our current test suite has plenty of cases where we map a
`String` to  a collection of enums and they all pass. This is because
the tests do not provide a custom `ConverterService` so we end up
immediately in the fallback scenario. Since no converter is able to
convert the String to a collection, the property editor support of the
binder takes care of that for us and try to convert each individual
value.

In a regular use case however, a `ConversionService` is provided and
fails to map the collection if the String value(s) don't have the exact
same case as the annotations they represent. Since the original
`ConversionService` has claimed it was able to convert a collection,
the raw `String` value is passed to the fallback converter and that one
fails to convert the raw String.

The fallback converter now registers the necessary converters to
convert collections. Additional tests have been added to test that in
a more explicit way.

Closes gh-4322
9 years ago
Andy Wilkinson 04c87138b4 Add missing javadoc to AuthorizationServerProperties 9 years ago
Dave Syer ae0eed5bf5 Be more defensive about exceptions from resource
Otherwise you can get an exception here that is unuseful, e.g. from
a ServletContext that isn't properly initialized.
9 years ago
Dave Syer abd7bc0466 Add OAuth2 resource server sample
Shows how to use @EnableResourceServer in a pure resource
server and configure the secure paths.
9 years ago
Dave Syer cd496c7ec8 Bump OAuth2 back to 2.0.8 9 years ago
Stephane Nicoll 3740c817d3 Ensure that `@ConfigurationProperties` is mandatory
Previously it was possible to bind a bean to the root prefix by just
adding `@EnableConfigurationProperties` with the class of said bean.

 This use case is misleading and prevents any meta-data to be generated
 for that object since the annotation processor reacts on the presence of
 the `@ConfigurationProperties` annotation.

 If a class is included in the list of configuration properties bean to
 create via the `@EnableConfigurationProperties` annotation we now make
 sure that the `@configurationProperties` annotation is present on it.

 Closes gh-3460
9 years ago
Stephane Nicoll 6491eafc4a Polish doc
`ConfigFileEnvironmentPostProcessor` was renamed to
`ConfigFileApplicationListener`.

See gh-4258
9 years ago
Andy Wilkinson 833aac2b26 Drive EnvironmentPostProcessors from ConfigFileApplicationListener
Previously, ConfigFileApplicationListener was listed in spring.factories
as both an EnvironmentPostProcessor and an ApplicationListener. This
was problematic as ConfigFileApplicationListener is stateful and listing
it twice lead to two separate instances with separate state.

This commit restore ConfigFileApplicationListener to only being an
ApplicationListener. The driving of EnvironmentPostProcessors that was
performed by EnvironmentPostProcessingApplicationListener is now
performed by ConfigFileApplicationListener which adds itself as an
EnvironmentPostProcessor. This ensures that there’s only a single
instance of ConfigFileApplicationListener, allowing its state to be
managed correctly.

Closes gh-4258
9 years ago
Andy Wilkinson 0adf037410 Consider custom server.context-path when configuring dev tools endpoints
Previously, the auto-configuration of DevTools’ debug, restart, and
health handlers assumed that the server was running on its default
context path and, if server.context-path was set to a non-default value,
the handlers would not work as expected.

This commit updates the auto-configuration of the three handlers to 
consider the server’s context path when configuring their URIs. Now,
when a custom server context path is used, no further configuration is
required other than the inclusion of that context path when providing
the remote URL as an argument to RemoteSpringApplication.

Closes gh-4301
9 years ago
Stephane Nicoll b5246af148 Merge pull request #4330 from izeye/patch-46
* pr/4330:
  Remove unnecessary String concatenation
9 years ago
Johnny Lim f76322263b Remove unnecessary String concatenation
Closes gh-4330
9 years ago
Stephane Nicoll 831fa1d3b4 Merge pull request #4317 from vpavic/fix-flyway-baseline-version
* pr/4317:
  Polish contribution
  Fix binding of Flyway's baselineVersion property
9 years ago
Stephane Nicoll 90a4d1df2b Polish contribution
Closes gh-4317
9 years ago
Vedran Pavic 40351c40ed Fix binding of Flyway's baselineVersion property
See gh-4317
9 years ago
Andy Wilkinson 791c50d1e7 Add an integration test to verify filter ordering
We have some requirements for filter ordering:

1. The character encoding filter must go first
2. Spring Session’s filter should go early
3. RequestContextFilter should go late so that it any request wrapping
   performed by other filters is reflected in the request that’s set
   in the RequestContextHolder
4. Spring Security’s Filter must go after RequestContextFilter so that
   any code called by Filters in Spring Security’s Filter chain can
   retrieve the request from RequestContextHolder, for example
   OAuth2ClientContextFilter.

See gh-4331
9 years ago
Stephane Nicoll e02bda5f8e Merge pull request #4323 from shakuzen/patch-9
* pr/4323:
  Fix documentation example
9 years ago
Tommy Ludwig 2516dc033f Fix documentation example
Previously, the nested private static class would cause an error at
startup stating that it was not accessible when trying to bind the
property from the environment. The nested class should be public.

Closes gh-4323
9 years ago
Stephane Nicoll f09bbb5e1d Merge pull request #4328 from izeye/polish-20151028
* pr/4328:
  Polish docs
9 years ago
Johnny Lim e2a8fc461c Polish docs
Closes gh-4328
9 years ago
Andy Wilkinson 1ef68ef231 Correct the reference to jarfolder in the init script
Closes gh-4287
9 years ago
Andy Wilkinson f54b5d7ac1 Change ordering of deployment tests to keep Cargo happy
For some reason, Cargo fails when the Tomcat deployment tests are run
after the TomEE deployment tests. It complains that it can’t find one
of its own classes. This commit changes the order so that the TomEE
tests run before the Tomcat tests.

\_(ツ)_/¯
9 years ago