Update endpoint code to provide cleaner separation of concerns.
Specifically, the top level endpoint package is no longer aware of
the fact that JMX and HTTP are ultimately used to expose endpoints.
Caching concerns have also been abstracted behind a general purpose
`OperationMethodInvokerAdvisor` interface.
Configuration properties have been refined to further enforce
separation. The `management.endpoint.<name>` prefix provides
configuration for a single endpoint (including enable and cache
time-to-live). These properties are now technology agnostic (they
don't include `web` or `jmx` sub properties).
The `management.endpoints.<technology>` prefix provide exposure specific
configuration. For example, `management.endpoints.web.path-mapping`
allow endpoint URLs to be changed.
Endpoint enabled/disabled logic has been simplified so that endpoints
can't be disabled per exposure technology. Instead a filter based
approach is used to allow refinement of what endpoints are exposed over
a given technology.
Fixes gh-10176
- Modifying dependencies to starter-web with tomcat exclusion plus
alternative servlet container instead of manual dependency on
spring-webmvc as it is the preferrable way to use alternative servlet
container
- Previously RestTemplate with ssl was configured manually in tests - now
it rellies on autoconfiguration - changed this for multi-connector test
and added test to ensure that ssl autoconfiguration is working
- Most samples with alterntative servlet containers used some kind of
service reading property and returning default since it wasn't
configured - removed it, since it is not specific to using alternative
servlet containers.
See gh-10548
Following some changes in the latest snapshot this includes:
- Some updates to oauth2 client auto-config
- Security auto-config no longer relies on GlobalAuthenticationConfigurerAdapter
- Remove reactive security starter
Closes gh-10704
Previously, the custom layout sample did not configure the source
and target for the compiler. This meant that both defaulted to 1.5
which is not supported by Java 9's javac. The oldest support version
is 1.6.
This commit sets the maven.compiler.source and maven.compiler.target
properties to 1.8 (the lowest version support by Boot 2.0) allowing
the sample to build with both Java 8 and Java 9.
See gh-10515
This reverts commit bbca612a57.
StandardJarScanner, which contains the faulty assumption about
URLClassLoader is part of Jasper. Jetty, like Tomcat, uses Jasper for
JSPs so it's also affected.
See gh-10456
This commit adds support for auto-configuration of Spring WS automatic
WSDL and XSD exposure i.e. registration of `WsdlDefinition` and
`XsdDefinition` beans. The bean registration is triggered by configuring
`spring.webservices.wsdl-locations` property which will search the
provided locations for WSDL/XSD files and register appropriate beans.
See gh-9635
This commit removes auto-configuration support for Spring Security
OAuth, paving the way for the introduction of auto-configuration for
Spring Security 5's new OAuth-related features.
Closes gh-10255