Commit Graph

455 Commits (f9b5c6b1ae002d93f95d45aa8068c4a13c0fa835)

Author SHA1 Message Date
Phillip Webb 48db5457f1 Polish 10 years ago
Dave Syer 998c29c4aa Add java.version to Tomcat WAR projects 10 years ago
Dave Syer 3c1e48c89a Better handling of anonymously accessible endpoints
Shares the /health endpoint request mapping between security config
and MVC dispatcher. Generalizes so that instead of a marker
interface (AnonymouslyAccessibleMvcEndpoint), an MvcEndpoint
signals that it wants to control its own access rules by adding
a Principal to the @RequestMapping method parameters (more @MVC).

Fixes gh-2015 slightly differently
10 years ago
Andy Wilkinson 2ce057ca96 Allow /health to be accessed anonymously irresepctive of its sensitivity
The changes in 3bb598a overload the health endpoint's sensitive
property such that it's now considered sensitive if management
security is enabled. When an endpoint is sensitive anonymous
access is prevented. This breaks the health endpoint which should
return a filtered view of the server's health when it's accessed
anonymously rather than rejecting the request.

This commit introduces AnonymouslyAccessibleMvcEndpoint, a marker
extension of the MvcEndpoint interface. It is implemented by
HealthMvcEndpoint. ManagementSecurityAutoConfiguration has been
updated to allow anonymous access to endpoints that aren't sensitive
or that implement AnonymouslyAccessibleMvcEndpoint.

Fixes gh-2015
10 years ago
Andy Wilkinson 6d97785030 Add a plain JPA sample application
Closes gh-1761
10 years ago
Andy Wilkinson 5b671847d3 Merge branch '1.1.x' 10 years ago
Andy Wilkinson ccbc606dad Use relative paths so index is unaffected by its context path
Previously, index.html used absolute paths to load its CSS and
JavaScript. This meant that it had to be deployed to /. This commit
updates the HTML to use relative paths for its CSS and JavaScript,
thereby ensuring that they can be loaded irrespective of the context
path to which the application is deployed.

Closes gh-1988
10 years ago
Dave Syer f21d58ada7 Use constructor injection for Jersey sample 10 years ago
Dave Syer 9f7bd0cddc Inject ResourceConfig instance (not class) into Jersey
If you inject the class (via a servlet parameter) it seems that
Jersey tries to create all the beans for you (and fails). I thought
it was supposed to work (according to the docs), so I'm a bit confused
but the sample now has Spring DI and the tests pass.

Fixes gh-1981
10 years ago
Phillip Webb 670ba33bec Improve MongoDataAutoConfiguration
Update MongoDataAutoConfiguration to provide easier configuration of
CustomConversions, the MappingMongoConverter, MongoMappingContext
and an authentication database.

Fixes gh-1619
Fixes gh-1730
10 years ago
Andy Wilkinson 90af8bf54a Add auto-configuration for Jetty 9's WebSocket support
Closes gh-1269
10 years ago
Dave Syer 6ad626de49 Allows /configprops endpoint to show nested properties
Including maps and lists. Beans with no metadata (in
/META-INF/*spring-configuration-metadata.json) are just serialized
as they come (so might have problems like cycles). Serialization
errors are caught and rendered as an "error" for that bean. Any
problems can be fixed by preparing metadata and specifying which
properties are to be rendered that way.

Fixes gh-1746, fixes gh-1921
10 years ago
Phillip Webb a641f0c72a Polish 10 years ago
Andy Wilkinson 7a783f5a18 Merge branch '1.1.x' 10 years ago
Andy Wilkinson 863c099161 Add missing copyright headers 10 years ago
Andy Wilkinson 1864d79077 Polish Undertow contribution
Closes gh-1779
10 years ago
sopov.ivan c501b889af Add support for using Undertow as an embedded container
See gh-1779
10 years ago
Phillip Webb 21115f29cf Remove accidental SampleControllerAdvice test
Accidentally committed in 4668f59723

See gh-1950
10 years ago
Phillip Webb 4668f59723 Improve relaxed enum binding
Update RelaxedConversionService to support more relaxed enum binding.

Fixes gh-1950
10 years ago
Andy Wilkinson 35b7ba5cda Deprecate http.mappers.* properties
The http.mappers.* configuration properties assumed that the mapping
was JSON (on of the property names was jsonPrettyPrint) and also only
exposed a small subset of the configuration options supported by
Jackson (and GSON). The property names implied that it would configure
all HTTP mapping, however it was ignored by GsonAutoConfiguration.

This commit deprecates the support for http.mappers.* in favour of
configuring Jackson or Gson instead. Jackson can be configured
declaratively using the spring.jackson.* properties or programtically.
Gson can be configured programatically by using a GsonBuilder to
create a Gson instance with the desired configuration.
gh-1946 has been opened to add support for declarative configuration
of Gson.

Closes gh-1945
10 years ago
Andy Wilkinson bebf26d91e Restore compatibility with Jetty 8 when SSL is being used
ServerConnector is in different packages in Jetty 8 and Jetty 9 which
was leading to a NoClassDefFounderError when SSL was used with
Jetty 8.

This commit updates SslServerConnectorFactory to return an
AbstractConnector, a super class of ServerConnector, that is in the
same package in both Jetty 8 and Jetty 9. This class does not provide
a setPort method so the setting of the port has been pushed down into
the SslServerConnectorFactory implementation.

SSL samples for both Jetty 8 and Jetty 9 have been added to verify
SSL with both supported versions of Jetty.

Closes gh-1925
10 years ago
Phillip Webb 345ced1675 Fixup version numbers following release 10 years ago
Spring Buildmaster 46b7738334 Next development version 10 years ago
Phillip Webb b947d6001d Polish 10 years ago
Stephane Nicoll 109c3a3439 Auto configure CharacterEncodingFilter
Provide a default UTF-8 encoding for HTTP requests and responses unless
specified otherwise.

Fixes gh-1182
10 years ago
Andy Wilkinson 7d1606dcfa Merge branch '1.1.x'
Conflicts:
	spring-boot-dependencies/pom.xml
10 years ago
Andy Wilkinson f07c090876 Upgrade to Mongo Java Driver 2.12.4
The exception message for a connection timeout has been updated to
include the timeout period. The tests for the sample have been updated
accordingly.

Closes gh-1884
10 years ago
Andy Wilkinson 150b85e10d Merge branch '1.1.x'
Conflicts:
	spring-boot-dependencies/pom.xml
10 years ago
Andy Wilkinson a9b88d6955 Document need for ServerEndpointExporter and show its use in a sample
Traditionally, a @ServerEndpoint-annotated bean is found by a servlet
container initialiser, however Boot does not run servlet container
initialisers when an embedded container is being used. To be able to use
@ServerEndpoint in a Boot app that uses embedded Tomcat a
ServerEndpointExporter bean must be declared.

This commit updates the documentation to describe this requirement and
also updates the WebSockets sample to illustrate the use of
ServerEndpointExporter. The version of Spring Framework has been updated
to 4.0.8.BUILD-SNAPSHOT. This picks up the fix for SPR-12340.

Closes gh-1722
10 years ago
Phillip Webb d039f43107 Update samples to use @SpringBootApplication
Update the relevant samples to use the new @SpringBootApplication
annotation.

Closes gh-1842
10 years ago
Phillip Webb 96a031cf20 Default spring.datasource.jmx-enabled to false
Change the default value of spring.datasource.jmx-enabled to false
to prevent InstanceAlreadyExistsException problems when using the
Spring Test Framework.

Fixes gh-1590
10 years ago
Phillip Webb 9d4ada7939 Add Tomcat 7 and Jetty 8 samples
Switch the Tomcat 8 and Jetty 9 samples to Tomcat 7 and Jetty 8. Since
Tomcat 8 and Jetty 9 are now the default versions the previous samples
are no longer relevant, however, we do need integration tests to check
that we remain compatible with Tomcat 7 and Jetty 8.

See gh-1832
10 years ago
Phillip Webb 48d651c753 Add Jetty 9 sample
See gh-369
10 years ago
Phillip Webb 39037e0cab Use the Mongo starter for the sample application
See gh-1831
10 years ago
Phillip Webb a973fd41f4 Polish 10 years ago
Dave Syer f304d46955 Add JMX MBean for Tomcat DataSource
If the DataSource is a Tomcat one we force it to register an MBean
if spring.jmx.enabled=true

Fixes gh-1590
10 years ago
Andy Wilkinson a85e02fbb9 Update to Spring Data Evans SR1
Closes gh-1709
10 years ago
Dave Syer a7e1ec842d Use @*@ delimiters in Maven resource filtering
It *is* very useful to have filtering on by default, so that is now
the case (in spring-boot-starter-parent). Users can filter resources
by default by adding @*@ placeholders (so as not to clash with Spring
${} placeholders).

Fixes gh-1199
10 years ago
Phillip Webb cf24af0bfb Rework logging to prevent double initialization
Prior to this commit LoggingSystem initialization would happen multiple
times. Once to configure "quiet" logging, and again to configure correct
settings once the Application was initialized. This could cause problems
if `logging.groovy` logback files were used.

The logging system is now only initialized once (when possible) by
following these steps:

- Standard logging initialization occurs via the actual logging
  implementation used (e.g. logback will load a logback.xml file if it
  exists)
- beforeInitization() is called to prevent early log output.
  Implementations now either use a Filter or simply set the root logging
  level.
- initialize() is called with an optional log configuration file (e.g
  a custom logback.xml location) and an optional log output file (the
  default is null indicating console only output).

The initialize() method will attempt to prevent double initialization
by checking if a standard configuration file exists. Double
initialization now only occurs in the following situations:

- The user has a standard configuration file (e.g. classpath:logback.xml)
  but also specifies a logging.config property. Double initialization is
  required since the specified configuration file supersedes the default.
- The user has a standard configuration file (e.g. classpath:logback.xml)
  and specifies a logging.file property. Double initialization is
  required since the standard configuration may use a ${LOG_FILE}
  reference.

In addition this commit removes the `logging.console` option and now
assumes that logging either occurs only to console or to both the
console and a file. This restriction helps simplify the LoggingSystem
implementations. If file only logging is required a custom logback.xml
can be used.

Fixes gh-1091
See gh-1612, gh-1770
10 years ago
Phillip Webb d17b7c8195 Polish 10 years ago
Andy Wilkinson ba40f13370 Update expectation to match response from anonymous access to /health 10 years ago
Dave Syer 24e71e868f Allow /health and /info to authenticate anonymously
Then we can optionally find a non-anonymous principal if there
is one. If the user is anonymous then the health result is cached
up to endpoints.health.ttl (default 1000ms) to prevent a DOS attack.

Fixes gh-1353
10 years ago
Phillip Webb 2e7aa4685b Polish 10 years ago
Andy Wilkinson 47285f9f02 Merge branch '1.1.x' 10 years ago
Andy Wilkinson 186b3a66e3 Update WebSocket sample with new SockJS CDN
Closes gh-1740
10 years ago
Andy Wilkinson 6b1f76ad6b Merge branch '1.1.x' 10 years ago
Andy Wilkinson 160d609bd4 Protect against race condition where output file exists but it is empty
Previously, there was a timing window where the output file had been
created but it was empty. This would cause the test to fail as the
output was read from the empty file and didn’t match the expected “Hello
World”.

This commit updates the test to only process the resources in the output
directory when all the resolved resources have a non-zero content
length. An @Before method has also been added to delete the output
produced by the test so that the outcome of the test isn’t affected by
files generated by previous runs.

Fixes gh-1735
10 years ago
Andy Wilkinson 886bbc3b41 Merge branch '1.1.x' 10 years ago
Andy Wilkinson 9a2d654eba Rename test classes so that their tests are run by Maven 10 years ago
Dave Syer 89197eb03b Add org.hibernate.SQL to the --debug logger levels
I think this fixes gh-446 (it seems unreasonable to want to log the DDL
even if it is not being executed)
10 years ago