Commit Graph

1388 Commits (feb1ab375fbf2cda251eedbed50ff064fbea7373)

Author SHA1 Message Date
Madhura Bhave 7da70a52fd Mask sensitive placeholders in env endpoint
Closes gh-8282
8 years ago
Madhura Bhave 703b7d9268 Merge branch '1.4.x' into 1.5.x 8 years ago
Madhura Bhave 67068fc83d Ignore unresolvable nested placeholders
The NamePatternEnvironmentFilter used to throw an exception if
placeholders in property values could not be resolved.

Fixes gh-8510
8 years ago
Phillip Webb fedd7b9506 Polish 8 years ago
Spring Buildmaster d23fa24340 Next Development Version 8 years ago
Spring Buildmaster 2a83e80a9b Next Development Version 8 years ago
Madhura Bhave d4b52a3538 Expose Health details if user has authority
If the Princial is a Spring Security Authentication object and the
request doesn't have the right roles, check the authorities.

Fixes gh-8471
8 years ago
Stephane Nicoll 5cc569fc91 Improve execution speed of `CacheAutoConfigurationTests`
As of Hazelcast 3.7, the bootstrap is pretty slow by default due to the
networking discovery. This commit disables both TCP/IP and multicast
discoveries.
8 years ago
Phillip Webb 3ee7dae09b Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb f1012c104a Polish 8 years ago
Phillip Webb c06a9771c2 Support list based role properties
Update `HealthMvcEndpoint` to respect `ManagementServerProperties`
roles. Prior to this commit the `HealthMvcEndpoint` directly loaded
roles rather than using bound properties. This meant that list values
from yaml were not respected.

Fixes gh-8314
8 years ago
Madhura Bhave 031c9bf191 Validate authorities in MvcSecurityInterceptor
If Spring Security is on the classpath and `isUserInRole` returns false,
check if user has the authority to access the actuator endpoints.

Fixes gh-8255
8 years ago
Madhura Bhave e5e1f24d1f Revert "Skip MvcSecurityInterceptor if Spring Security present"
Instead of entirely skipping the interceptor, we will be additionally
checking for authorities.
8 years ago
Madhura Bhave ad5cb8a3cd Skip MvcSecurityInterceptor if Spring Security present
If Spring Security is on the classpath, the role check can be done
as part of the ManagementWebSecurityConfigurerAdapter.

Fixes gh-8255
8 years ago
Phillip Webb ca1540cefe Update header copyright for changed files 8 years ago
Phillip Webb 5867cd6175 Polish 8 years ago
Phillip Webb 47fd5f4fac Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 47b00c086c Polish 8 years ago
Stephane Nicoll 121ab0a71e Merge branch '1.4.x' into 1.5.x 8 years ago
Vedran Pavic 1c8f1c709c Fix audit events related documentation
Closes gh-8319
8 years ago
Andy Wilkinson e2a12e77b7 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson bbe9394228 Tests that lists of lists are sanitized correctly
See gh-8263
8 years ago
Johnny Lim 88afc43d44 Ensure that entries in a list of lists are not lost during sanitization
Closes gh-8263
See gh-8197
8 years ago
Madhura Bhave 77e5c585f4 Validate kid in Cloud Foundry token header
Instead of validating the signature against all the public keys,
we can validate it only against the public key with the kid that
matches the one in the token header.

Closes gh-8126
8 years ago
Andy Wilkinson 25982ecf69 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 04c8b912ee Fall back to standard LiveBeansView behaviour when MBean is in use
Closes gh-8146
8 years ago
Andy Wilkinson d02a9c1058 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson f27bb39af9 Sanitize configuration properties that are nested beneath a List
Closes gh-8197
8 years ago
Johnny Lim 0adab8a2be Use logical 'and' instead of bitwise 'and'
Closes gh-8198
8 years ago
Stephane Nicoll dc75f13754 Remove deprecated metadata for spring.pidfile 8 years ago
Stephane Nicoll 3d1f8aa8d7 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll a30461c5c7 Polish pid metadata
This commit moves the `spring.pid.*` metadata to the relevant project. It
also updates the doc to refer to the new `ApplicationPidFileWriter`
rather than the one in its deprecatred form.

Closes gh-8196
8 years ago
Phillip Webb 21234b36de Ensure `JmxEndpoint` beans get context object IDs
Update `EndpointMBeanExporter` to ensure that `JmxEndpoint` as well
as regular `Endpoint` beans are considered when searching the parent
context.

Prior to this commit if the same `JmxEndpoint` was registered in the
both the child and parent context then the `context=` element of the
name wasn't added.

Fixes gh-8152
8 years ago
Spring Buildmaster 5c12500366 Next Development Version 8 years ago
Spring Buildmaster a2696bf873 Next Development Version 8 years ago
Andy Wilkinson 180ab2da8b Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson f3b9b14b8e Order ManagementContextConfiguration classes without loading them
Previously, ManagementContextConfiguration classes were loaded to
allow them to be ordered based on either @Order or implementing
Ordered. This had the unwanted side-effect of possibly logging
unwanted INFO messages if the reflection-based annotation
introspection failed. One cause of this was @ConditionalOnClass when
the referenced class was not on the classpath.

This commit uses the ASM-based annotation metadata reading to
determine the order of a management context configuration class based
on the @Order annotation. The classes are then sorted using a standard
OrderComparator. Note that Ordering via implemented Ordered is not
supported as it cannot be determine without loading the class.
8 years ago
Spring Buildmaster ed1ce140c0 Next Development Version 8 years ago
Stephane Nicoll b575be339e Fix endpoint id
See gh-7579
8 years ago
Andy Wilkinson f823599d1f Replace @PostConstruct validation with setter validation
Closes gh-7579
8 years ago
dreis d58f38f6f6 Use String.replace() with single char if possible
See gh-8089
8 years ago
Stephane Nicoll 551bfb2c60 Polish contribution
Closes gh-8103
8 years ago
Johnny Lim 32f9e90de5 Replace 'String.length() == 0' with 'String.isEmpty()'
See gh-8103
8 years ago
Dave Syer 98a4c72c50 Clarify PublicMetrics (uniqueness of metric names)
See gh-6404
8 years ago
Johnny Lim e0de28a1f7 Polish
Closes gh-8076
8 years ago
Madhura Bhave ca435512c0 Introduce spring-boot-autoconfigure-processor
Add an annotation processor that generates properties files for certain
auto-configuration class annotations. Currently attribute values from
@AutoConfigureOrder, @AutoConfigureBefore, @AutoConfigureAfter and
@ConditionalOnClass annotations are stored.

The properties file will allow optimizations to be added in the
`spring-boot-autoconfigure` project. Primarily by removing the need
to ASM parse as many `.class` files.

See gh-7573
8 years ago
Phillip Webb 2c89d9918f Relocate AutoConfigurations from root package
Move PropertyPlaceholder and MessageSource auto-configuration from the
root package to the `context` subpackage.

Fixes gh-8071
8 years ago
Phillip Webb 5703fb1515 Polish 8 years ago
Andy Wilkinson b900a3efc8 Update Actuator endpoints to use custom media type
Previously, the actuator's endpoints produced application/json and,
where appropriate, also consumed application/json. Without a custom,
versioned media type, it's impossible for us to make changes to the
endpoints without breaking clients.

This commit introduces a new media type,
application/spring-boot.actuator.v1+json, that is now produced by
default with application/json also being produced if requested.
Endpoints that consume JSON will now also accept content the uses
the new media type in addition to application/json.

Closes gh-7967
8 years ago
Phillip Webb f3cd0ad22c Polish 8 years ago