Commit Graph

176 Commits (f875b74e67e733ccaf07aec4d4a7e18ab38b7a84)

Author SHA1 Message Date
Phillip Webb 0489a3b4de Polish 9 years ago
Dave Syer 344360453e Add test for management.security.enabled=false with child context 9 years ago
Dave Syer 2de48a35ab Make /error the error page in child context as well as parent
If user set the management.port *and* the management.context-path
then the /error path was in the wrong place because formerly it
was implemented (in this case) by an MvcEndpoint. If we
switch it to a regular @Controller (which are now supported in the
child context if there is one) then it won't disappear under the
management.context-path.

Also use lazy request matching in ignores as well as secure paths.
The problem was that the ignores were constructed eagerly from the
actuator paths before they were available (the EndpointHandlerMapping
needs to be lazily accessed to avoid a security-induced bean creation
cascade).

Fixes gh-4624
9 years ago
Johnny Lim 8ec00c35bf Polish
Closes gh-4572
9 years ago
Huang YunKun 1c5e445554 Update the samples to use @WebIntegrationTest and randomPort=true
Closes gh-4294
Closes gh-4271
9 years ago
Phillip Webb 634bb770b2 Organize imports with new settings
See gh-4234
9 years ago
Phillip Webb 1e4d974ec0 Merge remote-tracking branch 'local12x/1.2.x' 9 years ago
Phillip Webb a79131f8d2 Organize imports with new settings
See gh-4234
9 years ago
Wallace Wadge e3315d2252 Allow TraceWebFilter to trace more attributes
Update TraceWebFilter to optionally trace more details from the
HttpServletRequest/HttpServletResponse. The `management.trace.include`
property can be used to change what aspects are logged.

Closes gh-3948
9 years ago
Phillip Webb aae38db9af Fix compiler warnings only shown in Eclipse Mars 9 years ago
Phillip Webb e473364e4e Merge branch '1.2.x' 9 years ago
Phillip Webb 6ab376e2e8 Reformat code use Eclipse Mars 9 years ago
Stephane Nicoll b2c3e7e2ed Rename error.* properties to server.error.*
Closes gh-4050
9 years ago
Stephane Nicoll 7c0c953f81 Add value alias for SpringApplicationConfiguration
Given that Spring Boot uses java config accross the board, a new `value`
attribute is now aliased to the existing `classes` attribute such that
one could write the following:

@SpringApplicationConfiguration(MyConfig.class)
public class MyTest {}

Closes gh-3635
9 years ago
Stephane Nicoll e1479a02b7 polish
Use canonical version for the management's context path.
9 years ago
Dave Syer 1e464da248 Refactor the Actuator MVC configuration to allow more customization
There is a new spring.factories entry for
org.springframework.boot.actuate.autoconfigure.EndpointWebMvcConfiguration
which loads extra beans into the MVC config for the Actuator.
If the management context is a child context all the beans go in the
child (except the Spring Security filter still). A big bonus is that
you can add WebConfigurerAdapters to configure static resources etc.
A new component called ManagementContextResolver can be used to
locate the ApplicationContext for the MVC endpoints.

Fixes gh-3345
10 years ago
Dave Syer 1f6ac52b96 Change default behaviour of /health when not secured
The default is now to reveal all details unless sensitive=true
(instead of only revealing then if sensitive was explicitly false).
The definition of "secure" also changes to something more sensible
where it is only true if security is enabled.

Fixes gh-2816
10 years ago
Phillip Webb 61fc4f3f12 Polish copyright headers 10 years ago
Phillip Webb 1ce617f1ae Polish sample package names 10 years ago
Andy Wilkinson 247c596f8c Remove duplicate console appender from Actuator sample's logback config
Closes gh-2381
10 years ago
Phillip Webb 98135c964b Remove Principal handler logic from security
Update ManagementSecurityAutoConfiguration so that MVC Endpoints that
have Principal arguments are not treated in any special way. This
restores Spring Boot 1.1.x behavior where the 'sensitive' flag is used
to determine access rules.

The HealthMvcEndpoint still uses the Principal (when available) to
determine if full status information can be displayed. It now also
explicitly checks the environment for `endpoints.health.sensitive`
to determine if the user has opted-out and requires complete health
details.

The health MVC endpoint should now work as follows:

* Default configuration - No login is required, full information is only
  displayed if a Principal is available.
* endpoints.health.sensitive=true - Login is required, full information
  is displayed.
* endpoints.health.sensitive=false - Login is not required, full
  information is displayed.

Fixes gh-2211
10 years ago
Phillip Webb 8fd99bde8b Update samples to use specific log configuration 10 years ago
Dave Syer 3c1e48c89a Better handling of anonymously accessible endpoints
Shares the /health endpoint request mapping between security config
and MVC dispatcher. Generalizes so that instead of a marker
interface (AnonymouslyAccessibleMvcEndpoint), an MvcEndpoint
signals that it wants to control its own access rules by adding
a Principal to the @RequestMapping method parameters (more @MVC).

Fixes gh-2015 slightly differently
10 years ago
Andy Wilkinson 2ce057ca96 Allow /health to be accessed anonymously irresepctive of its sensitivity
The changes in 3bb598a overload the health endpoint's sensitive
property such that it's now considered sensitive if management
security is enabled. When an endpoint is sensitive anonymous
access is prevented. This breaks the health endpoint which should
return a filtered view of the server's health when it's accessed
anonymously rather than rejecting the request.

This commit introduces AnonymouslyAccessibleMvcEndpoint, a marker
extension of the MvcEndpoint interface. It is implemented by
HealthMvcEndpoint. ManagementSecurityAutoConfiguration has been
updated to allow anonymous access to endpoints that aren't sensitive
or that implement AnonymouslyAccessibleMvcEndpoint.

Fixes gh-2015
10 years ago
Dave Syer 6ad626de49 Allows /configprops endpoint to show nested properties
Including maps and lists. Beans with no metadata (in
/META-INF/*spring-configuration-metadata.json) are just serialized
as they come (so might have problems like cycles). Serialization
errors are caught and rendered as an "error" for that bean. Any
problems can be fixed by preparing metadata and specifying which
properties are to be rendered that way.

Fixes gh-1746, fixes gh-1921
10 years ago
Andy Wilkinson 35b7ba5cda Deprecate http.mappers.* properties
The http.mappers.* configuration properties assumed that the mapping
was JSON (on of the property names was jsonPrettyPrint) and also only
exposed a small subset of the configuration options supported by
Jackson (and GSON). The property names implied that it would configure
all HTTP mapping, however it was ignored by GsonAutoConfiguration.

This commit deprecates the support for http.mappers.* in favour of
configuring Jackson or Gson instead. Jackson can be configured
declaratively using the spring.jackson.* properties or programtically.
Gson can be configured programatically by using a GsonBuilder to
create a Gson instance with the desired configuration.
gh-1946 has been opened to add support for declarative configuration
of Gson.

Closes gh-1945
10 years ago
Phillip Webb d039f43107 Update samples to use @SpringBootApplication
Update the relevant samples to use the new @SpringBootApplication
annotation.

Closes gh-1842
10 years ago
Dave Syer a7e1ec842d Use @*@ delimiters in Maven resource filtering
It *is* very useful to have filtering on by default, so that is now
the case (in spring-boot-starter-parent). Users can filter resources
by default by adding @*@ placeholders (so as not to clash with Spring
${} placeholders).

Fixes gh-1199
10 years ago
Phillip Webb d17b7c8195 Polish 10 years ago
Dave Syer 24e71e868f Allow /health and /info to authenticate anonymously
Then we can optionally find a non-anonymous principal if there
is one. If the user is anonymous then the health result is cached
up to endpoints.health.ttl (default 1000ms) to prevent a DOS attack.

Fixes gh-1353
10 years ago
Dave Syer 336b96b81c Copy server customization to management context
If the actuator endpoints are configured on a different port then there
are some settings in the main ServerProperties that we would like to
re-use (e.g. the access log). The easiest way to do that is to just
configure the management server using the same ServerProperties instance
and then overwrite the things that are different (and stored in
ManagementServerProperties).

Fixes gh-1581
10 years ago
Andy Wilkinson e185793396 Update test to correct name of metric for request that returns a 401
The request is being made to '/' and, while the application does have
a mapping for '/', that mapping is not looked for before Spring
Security's filter rejects the request with a 401. This means that the
request is considered to be unmapped and this is reflected in the
metric's name.

See #1331 and #1333
10 years ago
Phillip Webb fa88c481a5 Remote trailing whitespace 11 years ago
Dave Syer fd757cb371 Add logging.level to application.properties
E.g.

logging.level.org.springframework: DEBUG
logging.level.org.hibernate: WARN

Fixed gh-788
11 years ago
Phillip Webb 9632abf825 Formatting and cleanup 11 years ago
Dave Syer bc85f388aa Add test for gh-1058 11 years ago
Dave Syer 68448a8c68 Use the ServerProperties to add prefixes to paths
when server.servletPath is set we need to add prefixes to
the security filter paths.

Fixes gh-945
11 years ago
Christian Dupuis 4648188782 Rework HealthEndpoint and HealthIndicator
With this commit the state of a component or subsystem becomes a first-class citizen in Boot's application health support. HealthIndicators now return a Health instance with status and some contextual details.

An aggregation strategy has been introduced to aggregate several Health instances into one final application Health instance. Out of the box OrderedHealthAggregator can be configured to allow different ordering or a custom HealthAggregator bean can be registered.
11 years ago
Phillip Webb 8bcda1bcbe Polish 11 years ago
Dave Syer 5249f54c5a Integrate @ConfigurationProperties @Beans with DataSource configuration
We now have a much simpler DataSourceAutoConfiguration that binds to whatever
DataSource concrete type it finds at runtime. To be able to quickly switch between
Hikari and the other types of DataSource there's a minute shim for translating
the common properties (username, password, url, driverClassName), but actually
only url is different. The shim and also DataSource initialization is supported
through DataSourceProperties, but the other native properties get bound directly
through the concrete runtime type of the DataSource.

The /configprops endpoint works (and is exposed in the actuator sample).

Fixes gh-840, fixes gh-477, see also gh-808.
11 years ago
Dave Syer 5dd77a725c Enable access log explicitly in sample 11 years ago
Christian Dupuis c38f9bcdfa Add missing tests 11 years ago
Phillip Webb decee8d871 Polish templates code 11 years ago
Dave Syer 27580e726f Add generic error handling to BasicErrorController
Since Spring supports gobal error handling through
@ControllerAdvice, it is quite easy to set up more meta-data
about an exception for the BasicErrorController. You need
to be careful not to swallow Security exceptions, and probably
others (optionally) so this feature needs a bit more work.

See gh-538
11 years ago
Phillip Webb fad5ce45db Polish 11 years ago
Dave Syer 7b07fe8ce0 Convert remaining samples to use random port
Partial fix for gh-337. See also gh-607 which complements this, but might
conflict on a merge.
11 years ago
Dave Syer f134e96053 Convert Actuator sample to dynamic ports 11 years ago
Dave Syer 72d7c286c0 Add Spring MVC-generated path suffixes to endpoint paths
Spring Security doesn't know that Spring MVC maps /foo, /foo.json
and /foo/ all to the same handler. This change explicitly adds
suffixes to the actuator endpoint matchers so they are properly
protected.
11 years ago
Phillip Webb aca67066bf Rename RestTemplates to TestRestTemplate
Rename the RestTemplates to TestRestTemplate to help indicate that it's
primarily intended for testing. Also now extend RestTemplate to allow
direct use, rather than via factory methods.

Fixes gh-599
11 years ago
Phillip Webb d117a6b22b Polish 11 years ago
Dave Syer 71c2c69c92 Return actual status code not 200 to machine client
Machine clients are much more fussy than browsers and we
should take care to preserve the HTTP status for them.

Fixes gh-596
11 years ago
Phillip Webb d42bedf295 Rename @ConfigurationProperties attributes
Rename `name` to `prefix` and `path` to `locations`.
11 years ago
Phillip Webb 80ac1fb0cd Polish 11 years ago
Dave Syer 7a285cf65d Convert all sample tests to @IntegrationTest where appropriate
Makes them a lot more readable IMO, and also enables @Autowiring
from the context into the test case (sweeet). I added @DirtiesContext
to all of them as well to be on the safe side, but possbly that can be
optimized in some way as well.
11 years ago
Dave Syer 6657e3ef84 More care taken with management.contextPath
The management.contextPath property should now be respected in a
secure application, whether or not the management.port is different.

Added some test cases in the sample to verify.

Fixes gh-469
11 years ago
Dave Syer 7a452d5bc0 Fix test that fails because of pretty printing 11 years ago
Christian Dupuis b641a0d2a5 Enable json pretty print in actuator sample 11 years ago
Phillip Webb 0160760568 Apply latest eclipse cleanup rules 11 years ago
Dave Syer f448e79f29 Remove long package names from samples
Long package names are really unnecessary in samples and they
just clutter things up. Also Spring Loaded doesn't work with
org.sfw packages, so to demo that technology you need a
different package name.
11 years ago
Dave Syer aa2b020660 Refactor metrics to expose richer feature set
Main user-facing interface is still Counter/GaugeService but the
back end behind that has more options. The Default*Services write
metrics to a MetricWriter and there are some variants of that, and
also variants of MetricReader (basic read-only actions).

MetricRepository is now a combination of MetricReader, MetricWriter
and some more methods that make it a bit more repository like.

There is also a MultiMetricReader and a MultiMetricRepository for
the common case where metrics are stored in related (often open
ended) groups. Examples would be complex metrics like histograms
and "rich" metrics with averages and statistics attached (which
are both closed) and "field counters" which count the occurrences
of values of a particular named field or slot in an incoming message
(e.g. counting Twitter hastags, open ended).

In memory and redis implementations are provided for the repositories.
Generally speaking the in memory repository should be used as a
local buffer and then scheduled "exports" can be executed to copy
metric values accross to a remote repository for aggregation.
There is an Exporter interface to support this and a few implementations
dealing with different strategies for storing the results (singly or
grouped).

Codahale metrics are also supported through the MetricWriter interface.
Currently implemented through a naming convention (since Codahale has
a fixed object model this makes sense): metrics beginning with "histogram"
are Histograms, "timer" for Timers, "meter" for Meters etc.

Support for message driven metric consumption and production are provided
through a MetricWriterMessageHandler and a MessageChannelMetricWriter.

No support yet for pagination in the repositories, or for HATEOAS style
HTTP endpoints.
11 years ago
Phillip Webb dbec81cabe Disable jmx by default
Change JmxAutoConfiguration so that by default JMX exposure is not
enabled. This matches the Javdoc text.
11 years ago
Dave Syer ab4dec58ef Rename packages in samples 11 years ago
Dave Syer bcae284dd9 Add a shim Endpoint if management context is child
When management endpoints are on a different port the HandlerMappings
are restricted to a single EndpointHandlerMapping, so the error
controller (which is a normal @Controller with @RequestMappings) does
not get mapped.

Fixed by addinga shim Endpoint on "/error" that delegates to the
ErrorController (which interface picks up an extra method).
11 years ago
Dave Syer 2f6f88e370 Fix actuator sample for new shutdown property 11 years ago
Dave Syer bd26b28aa5 Extract actuator security into separate classes
So spring-security + a web app is secure by default
(you don't need the actuator).
11 years ago
Christian Dupuis 95e68bf1a2 Prepare actuator sample to show how to use the telnet connector 11 years ago
Phillip Webb 64f32893bb Source format and clean-up 11 years ago
Phillip Webb 883fd9162f Polish 11 years ago
Christian Dupuis 6b599b8483 Add remote shell implementation based on crsh
This commit adds a new starter named spring-boot-starter-shell-crsh and auto configuration support to embed a system shell within Spring Boot applications.

The embedded shell allows clients to connect via ssh or telnet to the Boot app and execute commands. Commands can be implemented and embedded with app.

For sample usage see spring-boot-samples-actuator.
11 years ago
Dave Syer 63a2d06767 Explicitly disable security on management endpoints if requested
Previously the management endpoint filter was applied to all requests
if the user had disabled security.management.enabled, but since it
had no security applied it was letting all requests through.

The fix was to explicitly exclude the whole enclosing configuration
and carefully ignore the management endpoints in the normal security
chain.

Fixes gh-100.
11 years ago
Dave Syer 0498617411 Disable whitelabel view if Thymeleaf error.html detected 11 years ago
Dave Syer f7fa63bcb4 Add status and error messages to /trace
[Fixes #57949108] [bs-323] Make sure /trace shows error responses
11 years ago
Dave Syer 1e0e2e7102 Switch off CSRF filter
Might need to revisit later.
11 years ago
Dave Syer 43fc107437 Fix security config
The management endpoints were still all mixed up
with the user endpoints. Fixed that and extracted
user endpoints in to conditional block so not
protected if path explicitly set to empty string.

[#53029715]
11 years ago
Dave Syer 621116c9b8 ManagementServerConfiguration security
Management endpoints are still secure by default if
Spring Security is present, but now the default
user details have an ADMIN role, and a random password
(which is logged at INFO level if not overridden).

To override you add management.user.password (name, role)
to external properties.

[Fixes #53029715] [bs-203]
11 years ago
Dave Syer 5995b7727a Ops -> Actuator 11 years ago