Commit Graph

9497 Commits (d9e2368512c2bc972f752618994781bb07bcd265)
 

Author SHA1 Message Date
Stephane Nicoll 8e160d7fda Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 72e696bcbd Fixup version numbers following release 8 years ago
Spring Buildmaster e712a9ba8c Next Development Version 8 years ago
Stephane Nicoll 36c5c3519f Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 2a8a906d30 Upgrade to Spring AMQP 1.6.5.RELEASE
Closes gh-7347
8 years ago
Andy Wilkinson d7ef48a9b6 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 2c4f39045f Stop relying on Artemis's on-demand queue creation in CLI JMS test
Artemis's on-demand queue cretaion appears to be rather flakey,
sometimes failing with a NullPointerException.

This commit ensures that the queue used by the sample is created
during start up rather than on demand. This will hopefully make the
test that runs the sample more robust.

Closes gh-7346
8 years ago
Andy Wilkinson 2e76687d17 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 5f44598d8b Remove use of static import that Checkstyle prohibits 8 years ago
Andy Wilkinson 218d28f74c Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 33dcd853fd Ensure that health endpoint remains insecure without Spring Security
The changes made in 6a2ac080 mean that getSecurity() on
ManagementServerProperties will no longer return null when Spring
Security is on the classpath. This had the unwanted side-effect of
causing the health endpoint to hide its details when Spring Security
was not on the classpath.

This commit reinstates the previous behaviour by only considering
the health endpoint to be secure if Spring Security is on the
classpath and management.security.enabled is true.

Closes gh-7345
8 years ago
Andy Wilkinson 3a2d9e31ff Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 808185ab4e Make LaunchedURLClassLoader Java 6 compatible again
Closes gh-7334
8 years ago
Andy Wilkinson e576225959 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson aafb308eaf Merge pull request #7334 from Christoph Dreis
* gh-7334:
  Reinstate LaunchedURLClassLoader's registration  as parallel capable
8 years ago
dreis 7a797909ae Reinstate LaunchedURLClassLoader's registration as parallel capable
Closes gh-7334
8 years ago
Stephane Nicoll 5878e5eec5 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 318701daa7 Apply DispatcherServlet customizations to MockMvc
This commits makes sure that customizations on `DispatcherServlet` are
also applied to the `TestDispatcherServlet` that `MockMvc` is using
internally.

Closes gh-5891
8 years ago
Andy Wilkinson 08a9dcd4a7 Upgrade to Apache Artemis 1.4.0
Closes gh-7343
8 years ago
Stephane Nicoll 774ddc3602 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 18c2a2f4fe Upgrade to Spring Framework 4.3.4.RELEASE
Closes gh-7213
8 years ago
Andy Wilkinson bb6330e9df Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson adfc5d22ca Upgrade to Spring Integration Java DSL 1.1.4.RELEASE
Closes gh-7342
8 years ago
Andy Wilkinson bc2a412408 Upgrade to Spring Integration 4.3.5.RELEASE
Closes gh-7341
8 years ago
Andy Wilkinson e136ef6f7d Upgrade to Spring AMQP 1.6.4.RELEASE
Closes gh-7340
8 years ago
Andy Wilkinson 42581debfe Upgrade to Spring Security OAuth 2.0.12.RELEASE
Closes gh-7339
8 years ago
Madhura Bhave 82f89b4ac1 Add custom headers to allowed CORS headers for CF actuators
Update CORS configuration to support Authorization and X-Cf-App-Instance.

See gh-7108
8 years ago
Stephane Nicoll 3018e95261 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll d405265e83 Merge pull request #7326 from sebastiankirsch:master
* pr/7326:
  Polish contribution
  Add @Inherited to all AutoConfigure* classes
8 years ago
Stephane Nicoll ebfd86ea26 Polish contribution
Closes gh-7326
8 years ago
sebastiankirsch e8b0a64872 Add @Inherited to all AutoConfigure* classes
See gh-7326
8 years ago
Stephane Nicoll 101528f41a Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll f80dbd1a21 Upgrade to joda-time 2.9.5
Closes gh-7308
8 years ago
Stephane Nicoll b51f92d9a4 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 32950bfec1 Merge pull request #7299 from vpavic:resource-server-config
* pr/7299:
  Fix JWT token URI derivation
8 years ago
Vedran Pavic 5783cd5593 Fix JWT token URI derivation
Closes gh-7299
8 years ago
Stephane Nicoll 01e66ecbd5 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 4311cf333f Remove sample reference in build 8 years ago
Stephane Nicoll 2c71cb8efd Polish 8 years ago
Stephane Nicoll 4407194c00 Replace sample by integration test
Closes gh-3888
8 years ago
Stephane Nicoll 389acb094b Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 44a32d0a5b Merge pull request #7322 from izeye:polish-20161105
* pr/7322:
  Polish
8 years ago
Johnny Lim ec9f0ab6b4 Polish
Closes gh-7322
8 years ago
Phillip Webb 6c76353682 Default `management.cloudfoundry.enabled` to true
Update `CloudFoundryActuatorAutoConfiguration` so that it is enabled
when `management.cloudfoundry.enabled` is missing.

See gh-7108
8 years ago
Madhura Bhave a77cfc3b0e Skip SSL validation when calling Cloud Foundry
Update CloudFoundrySecurityService so that SSL validation is not
required. We're unlikely to have configured public keys for the
REST endpoints we need to call. Since the endpoints are provided via
environment variables we can implicitly trust them.

See gh-7108
8 years ago
Madhura Bhave 862a06eb7a Add POST to allowed CORS methods for CF actuators
Update CORS configuration to support POST.

See gh-7108
8 years ago
Madhura Bhave 1005feb27d Update discovery endpoint to respect AccessLevel
Change `CloudFoundryDiscoveryMvcEndpoint` so that `AccessLevel` rights
are consulted so that only accessible links are returned.

See gh-7108
8 years ago
Madhura Bhave 340f1d5574 Add security for Cloud Foundry actuators
Add security to Cloud Foundry actuator endpoints. Security is enforced
by a `HanderInterceptor` on `CloudFoundryEndpointHandlerMapping`. Each
endpoint call expects an 'Authorization' header containing a bearer
token. The token signature is checked against the UAA public keys then
passed to the Cloud Controller to obtain an ultimate access level.

The client may either have 'RESTRICTED' or FULL' access, with the latter
only providing access to a limited set of endpoints.

See gh-7108
8 years ago
Phillip Webb f15e0482c5 Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 1bd53ea9d8 Support package private requestFactory classes
Update `RestTemplateBuilder` to support package private `requestFactory`
classes.

Fixes gh-7319
8 years ago