Previously, when a user had declared a custom MultipartResolver bean
that is a CommonsMultipartResolver, part resolution would fail. The
failure was occurring as the servlet container was consuming the parts
before CommonsMultipartResolver had a chance to read them. This was
happening because a MultipartConfigElement was being auto-configured.
This commit updates the multipart auto-configuration so that a
MultipartConfigElement is not auto-configured when there is a
CommonsMultipartResolver bean in the context.
Closes gh-7735
This commit replaces the use of a GET method by a DELETE method for
testing that the HiddenHttpMethodFilter is ordered before the security
filter. With SPR-16836 changes, only PUT DELETE and PATCH are now
allowed.
This commit separates the auto-configuration of JavaMailSender in two
distinct configuration: one based on existing Session available on JNDI
and the other one based on properties configuration.
This clarifies the auto-configuration report and the fact that the JNDI
variant overrides any Session-related properties that would have been
set in the environment
Closes gh-13026
Update `ServerProperties` to also call `setHttpOnly` on the
`TomcatContext`. It appears that this is required in addition to
using the `ServletContextInitializer` to setup `SessionCookieConfig`.
Closes gh-12580
This commit restructures the Cache auto-configuration to avoid an early
init on CacheManager (and potentially all its infrastructure). Rather
than adding a dependency on the validator bean, this commit relies on
the fact CacheAspectSupport checks if a CacheManager is available in the
afterSingletonsInstantiated callback. In this case, a simple bean with
a postconstruct callback is enough.
Closes gh-13038
Refine `BasicErrorController` mappings so that only JSON and XML get
structured responses. A simple string response is returned for all
other media types.
Fixes gh-12513
This commit fixes a NPE when the static-locations array of
`ResourceProperties` has to be expanded as the setter is cleaning the
values of the array and is affected by a non-intuitive behaviour of the
binder.
When the binder needs to set an element of an array and the size of the
array isn't large enough, the binder proceeds as follows:
* An array of the required size is created
* The content of the original array is copied over
* The setter of the property is invoked with the new array
* The setter of the property is invoked and the returned array is
mutated to set the requested value
While one would expect the array to contain the requested value when the
setter is invoked, this is not the case. Also, the array might contain
null values if a value at index 8 should be set and the array has a size
of 3.
All in all, `ResourceProperties#appendSlashIfNecessary` has to account
for `null` and an additional round of cleaning has to happen once
binding has completed.
Closes gh-12360
This commit updates all `toLowerCase()` and `toUpperCase` invocations to
use the variant that takes a `Locale` to avoid locale-specific side
effect.
Closes gh-12213
Previously, we removed the Connectors from Tomcat's Service before
the Context was started. The removal of the Connectors is required as
it prevents Tomcat from accepting requests before we're ready to
handle them.
Part of starting the Context is creating and initializing the
ServletContext. ServerProperties uses a ServletContextInitializer to
set the session tracking modes and Tomcat rejects the SSL tracking
mode if there is no SSL-enabled connector available. With the previous
arrangement this led to a failure as the Connectors had been removed
so the SSL-enabled connector could not be found.
This commit updates the embedded Tomcat container to defer the
removal of the Connectors until after the context has been started
but still at a point that is before the Connectors themselves would
have been started.
Closes gh-12058