As part of the upgrade, this commit removes the use of any API that
has been deprecated in 2.9.0.pr1. This includes the config props
endpoint's use of SerializationFeature.WRITE_NULL_MAP_VALUES. This
has been replaced with configuring serialization inclusion to only
include properties with non-null values. This means that all
null-valued properties will no longer be serialized, not just those
that are an entry in a map.
Closes gh-8604
Closes gh-8537
Restructure `org.springframework.boot.autoconfigure.web` to better align
with the new package structure in `spring-boot`.
Auto-configuration is now split into client, servlet and reactive
sub-packages. In addition a new `http` package now handles common
HTTP concerns.
Fixes gh-8616
Rework `org.springframework.boot.context.embedded` to relocate classes
to `org.springframework.boot.web`. Packages are now organized around
the following areas:
Packages for shared concerns, for example the `WebServer` interface
to start/stop a server and the common configuration elements:
- org.springframework.boot.web.context
- org.springframework.boot.web.server
Servlet specific packages:
- org.springframework.boot.web.servlet.server
- org.springframework.boot.web.servlet.context
- org.springframework.boot.web.servlet.filter
Reactive specific packages:
- org.springframework.boot.web.reactive.context
- org.springframework.boot.web.reactive.server
Embedded server implementations (both reactive and servlet):
- org.springframework.boot.web.embedded
In addition:
- Rename `EmbeddedServletContainerFactory` to `ServletWebServerFactory`
to align with the `ReactiveWebServerFactory`.
- Rename `EmbeddedWebApplicationContext` to
`ServletWebServerApplicationContext` and
- Rename `EmbeddedReactiveWebApplicationContext` to
`ReactiveWebServerApplicationContext`.
- Add checkstyle rules to restrict imports.
- Fixup all affected code to use the correct imports and local names.
Fixes gh-8532
As of Hazelcast 3.7, the bootstrap is pretty slow by default due to the
networking discovery. This commit disables both TCP/IP and multicast
discoveries.
Update `HealthMvcEndpoint` to respect `ManagementServerProperties`
roles. Prior to this commit the `HealthMvcEndpoint` directly loaded
roles rather than using bound properties. This meant that list values
from yaml were not respected.
Fixes gh-8314
If Spring Security is on the classpath and `isUserInRole` returns false,
check if user has the authority to access the actuator endpoints.
Fixes gh-8255
This commit adds `EmbeddedWebServerInitializedEvent`, which holds the
`EmbeddedWebServer` information when the application context starts.
The `EmbeddedServletContainerInitializedEvent` now inherits from that
type and holds additional information, the
`EmbeddedWebApplicationContext`.
Closes gh-8208
Instead of validating the signature against all the public keys,
we can validate it only against the public key with the kid that
matches the one in the token header.
Closes gh-8126
This commit creates a separate
`ServerPropertiesServletContainerCustomizer` that holds the servlet
container customization code, separating that concern from the server
configuration keys.
See gh-8066
This commit refactors the `ServerProperties` property keys and
introduces a separate "server.servlet" namespace to isolate
servlet-specific properties from the rest.
Closes gh-8066
This contract is not specific to servlet containers and should be
reused by all web server implementations (including reactive variants).
Fixes gh-8208
This commit removes `ServerProperties` and `ManagementServerProperties`
auto-configurations. Those properties objects are now created using
`@EnableConfigurationProperties` only.
Closes gh-8108
This commit moves the `spring.pid.*` metadata to the relevant project. It
also updates the doc to refer to the new `ApplicationPidFileWriter`
rather than the one in its deprecatred form.
Closes gh-8196
Dependency management for the `HikariCP-java6` dependency is no longer
needed since Java 6 is no longer supported by Spring Boot.
The HikariDriverConfigurationFailureAnalyzer has been updated with the
current message thrown by HikariCP in this failure scenario.
Closes gh-8147
Update `EndpointMBeanExporter` to ensure that `JmxEndpoint` as well
as regular `Endpoint` beans are considered when searching the parent
context.
Prior to this commit if the same `JmxEndpoint` was registered in the
both the child and parent context then the `context=` element of the
name wasn't added.
Fixes gh-8152
Previously, ManagementContextConfiguration classes were loaded to
allow them to be ordered based on either @Order or implementing
Ordered. This had the unwanted side-effect of possibly logging
unwanted INFO messages if the reflection-based annotation
introspection failed. One cause of this was @ConditionalOnClass when
the referenced class was not on the classpath.
This commit uses the ASM-based annotation metadata reading to
determine the order of a management context configuration class based
on the @Order annotation. The classes are then sorted using a standard
OrderComparator. Note that Ordering via implemented Ordered is not
supported as it cannot be determine without loading the class.
Add an annotation processor that generates properties files for certain
auto-configuration class annotations. Currently attribute values from
@AutoConfigureOrder, @AutoConfigureBefore, @AutoConfigureAfter and
@ConditionalOnClass annotations are stored.
The properties file will allow optimizations to be added in the
`spring-boot-autoconfigure` project. Primarily by removing the need
to ASM parse as many `.class` files.
See gh-7573
Previously, the actuator's endpoints produced application/json and,
where appropriate, also consumed application/json. Without a custom,
versioned media type, it's impossible for us to make changes to the
endpoints without breaking clients.
This commit introduces a new media type,
application/spring-boot.actuator.v1+json, that is now produced by
default with application/json also being produced if requested.
Endpoints that consume JSON will now also accept content the uses
the new media type in addition to application/json.
Closes gh-7967
Previously, in case the data for the audit event contained an entry
with the key "type", the member `type` from the AuditEvent would be
overwritten when rendering to JSON due to the use of @JsonAnyGetter on
the data property.
This commit removes @JsonAnyGetter so that the data map is rendered as
a separate property in the JSON.
Closes gh-7990
Replace JSR-330 validation annotations from all internal
`@ConfigurationProperties` classes with standard Asserts.
Prior to this commit validation of our own configuration properties
would only occur when the user happens to have compliant JSR-330
implementation on their classpath.
See gh-7579
Previously, the beans endpoint would only expose the context that
contained the endpoint. This commit updates the endpoint so that
the context that contains the endpoint and all of its ancestors are
exposed.
In a context hierarhcy, the relation ship is child -> parent and there
is no way to navigate from a parent to a child. As a result, any
contexts that are descendants of the context containing the endpoint
are not exposed.
Closes gh-5188
Update `ManagementWebSecurityAutoConfiguration` to match nested path
for insensitive actuators.
Prior to this commit, when Spring Security was on the classpath
nested paths were considered sensitive (even if the actuator
endpoint was not sensitive). i.e. when setting
`endpoints.env.sensitive=false` `/env` could be accessed without
authentication but `/env/user` could not.
Fixes gh-7868
Closes gh-7881
Andy Wilkinson
Stephane Nicoll
Phillip Webb
Madhura Bhave
Spring Buildmaster
Vedran Pavic
Brian Clozel
Johnny Lim
Tommy Ludwig
Eddú Meléndez
dreis
Dave Syer
Johannes Edmeier
Kazuki Shimizu