Commit Graph

9310 Commits (9e18021e8cc62e7e2c8dff8434466e0eb95ca17b)
 

Author SHA1 Message Date
Stephane Nicoll 4311cf333f Remove sample reference in build 8 years ago
Stephane Nicoll 2c71cb8efd Polish 8 years ago
Stephane Nicoll 4407194c00 Replace sample by integration test
Closes gh-3888
8 years ago
Stephane Nicoll 389acb094b Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 44a32d0a5b Merge pull request #7322 from izeye:polish-20161105
* pr/7322:
  Polish
8 years ago
Johnny Lim ec9f0ab6b4 Polish
Closes gh-7322
8 years ago
Phillip Webb 6c76353682 Default `management.cloudfoundry.enabled` to true
Update `CloudFoundryActuatorAutoConfiguration` so that it is enabled
when `management.cloudfoundry.enabled` is missing.

See gh-7108
8 years ago
Madhura Bhave a77cfc3b0e Skip SSL validation when calling Cloud Foundry
Update CloudFoundrySecurityService so that SSL validation is not
required. We're unlikely to have configured public keys for the
REST endpoints we need to call. Since the endpoints are provided via
environment variables we can implicitly trust them.

See gh-7108
8 years ago
Madhura Bhave 862a06eb7a Add POST to allowed CORS methods for CF actuators
Update CORS configuration to support POST.

See gh-7108
8 years ago
Madhura Bhave 1005feb27d Update discovery endpoint to respect AccessLevel
Change `CloudFoundryDiscoveryMvcEndpoint` so that `AccessLevel` rights
are consulted so that only accessible links are returned.

See gh-7108
8 years ago
Madhura Bhave 340f1d5574 Add security for Cloud Foundry actuators
Add security to Cloud Foundry actuator endpoints. Security is enforced
by a `HanderInterceptor` on `CloudFoundryEndpointHandlerMapping`. Each
endpoint call expects an 'Authorization' header containing a bearer
token. The token signature is checked against the UAA public keys then
passed to the Cloud Controller to obtain an ultimate access level.

The client may either have 'RESTRICTED' or FULL' access, with the latter
only providing access to a limited set of endpoints.

See gh-7108
8 years ago
Phillip Webb f15e0482c5 Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 1bd53ea9d8 Support package private requestFactory classes
Update `RestTemplateBuilder` to support package private `requestFactory`
classes.

Fixes gh-7319
8 years ago
Phillip Webb 221feac3ec User random server port in devtools tests
Update `LocalDevToolsAutoConfigurationTests` to ensure that a random
server port is used rather than 8080.

Fixes gh-7268
See gh-7039
8 years ago
Andy Wilkinson e5073a7172 Upgrade to Spring Security 4.2.0.RC1
Closes gh-7186
8 years ago
Andy Wilkinson 025bafd911 Polish new Actuator sample 8 years ago
Phillip Webb 81c5753f4d Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 90afc8ebbe Formatting 8 years ago
Phillip Webb 6a2ac080ac Create our own SessionCreationPolicy enum
Update `ManagementServerProperties` so that `security.sessions` no
longer uses `SessionCreationPolicy` from Spring Security. We now
use our own enun which allows `management.security.*` properties to
be set without the risk of a `ClassNotFoundException`.

Fixes gh-3888
8 years ago
Andy Wilkinson bdfceae24c Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 97e5e32496 Make sure the MetricsFilter uses committed response's status
Previously, if an exception was thrown during request handling after
the response had been committed, i.e. after the status and headers
had been written, the metrics filter would assume that it was a 500
response. This was potentially inaccurate as the status had already
been sent to the client and before the exception was thrown and it
may have been something other than a 500.

This commit updates MetricsFilter so that it will use the
status from the response if the response has been committed even when
an exception is thrown.

Closes gh-7277
8 years ago
Andy Wilkinson ab2e12fd76 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 6a87df8e46 Upgrade to Spring Data Hopper SR5
Closes gh-7275
8 years ago
Madhura Bhave 73308ba24b Merge remote-tracking branch 'springsource/1.4.x' into 1.5.x 8 years ago
Madhura Bhave b04a74f01d Fix failure analysis for Collections and Maps
Closes gh-6996
8 years ago
Andy Wilkinson f468bc3ffb Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson f02fa161b2 Upgrade to Jedis 2.8.2
Closes gh-7298
8 years ago
Andy Wilkinson 3d8428934e Upgrade to Spring Ws 2.3.1.RELEASE
Closes gh-7297
8 years ago
Andy Wilkinson b8df641ae5 Upgrade to Postgresql 9.4.1212.jre7
Closes gh-7296
8 years ago
Andy Wilkinson 5e1d6f6ea8 Upgrade to Jooq 3.8.5
Closes gh-7295
8 years ago
Andy Wilkinson f02e37cc4d Upgrade to Jolokia 1.3.5
Closes gh-7294
8 years ago
Andy Wilkinson 216e68bfe1 Upgrade to Narayana 5.3.5.Final
Closes gh-7293
8 years ago
Andy Wilkinson 0104ca435d Upgrade to Elasticsearch 2.4.1
Closes gh-7292
8 years ago
Andy Wilkinson 7d1164c279 Upgrade to Ehcache3 3.1.3
Closes gh-7291
8 years ago
Andy Wilkinson 4787a6059d Upgrade to Jetty 9.3.14.v20161028
Closes gh-7290
8 years ago
Andy Wilkinson 05ee521124 Upgrade to Tomcat 8.5.6
Closes gh-7289
8 years ago
Andy Wilkinson ecbe1a70bb Upgrade to Ehcache 2.10.3
Closes gh-7288
8 years ago
Andy Wilkinson 0d24a7f2aa Upgrade to Mysql 5.1.40
Closes gh-7287
8 years ago
Andy Wilkinson 1057efad21 Upgrade to Commons Beanutils 1.9.3
Closes gh-7286
8 years ago
Andy Wilkinson 756f9a9179 Upgrade to Hazelcast 3.6.6
Closes gh-7285
8 years ago
Andy Wilkinson 2148851ead Upgrade to Appengine 1.9.44
Closes gh-7284
8 years ago
Andy Wilkinson 175acd5c04 Upgrade to Caffeine 2.3.4
Closes gh-7283
8 years ago
Andy Wilkinson e4856749e1 Upgrade to Jackson 2.8.4
Closes gh-7282
8 years ago
Andy Wilkinson c370f498a9 Upgrade to Classmate 1.3.3
Closes gh-7281
8 years ago
Stephane Nicoll f3ac98aa82 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 8350238b8c Polish doc
See gh-5137
8 years ago
Stephane Nicoll 1b38528333 Polish doc
Closes gh-7170
8 years ago
Brian Clozel 56fa34719d Merge branch '1.4.x' into 1.5.x 8 years ago
Craig Andrews fc535fe27c Disable resource chain cache when DevTools is enabled
If the resource chain is used, such as by using the
`"spring.resources.chain.strategy.content.enabled"` property,
resource chain caching can prevent the developer from seeing
changes made to resources, so that caching should be disabled
when DevTools is enabled.

This commit sets the `"spring.resources.chain.cache"` property
to `true` when devtools is enabled.
8 years ago
Andy Wilkinson 7ba9d0e432 Merge branch '1.4.x' into 1.5.x 8 years ago