This commit improves the logic of the embedded Mongo support to use a
random port if no custom port has been specified. This doesn't change
the default if the embedded support isn't active.
Closes gh-8044
Previously, the actuator's endpoints produced application/json and,
where appropriate, also consumed application/json. Without a custom,
versioned media type, it's impossible for us to make changes to the
endpoints without breaking clients.
This commit introduces a new media type,
application/spring-boot.actuator.v1+json, that is now produced by
default with application/json also being produced if requested.
Endpoints that consume JSON will now also accept content the uses
the new media type in addition to application/json.
Closes gh-7967
Previously, SpringBootApplication relied on implicity aliasing of
exclude and excludeName that worked because the two attributes have
the same names as the equivalent attributes on
EnableAutoConfiguration.
This commit updates SpringBootApplication to make the aliases explicit
and also adds tests to EnableAutoConfigurationImportSelectorTests to
verify that the aliasing is working as intended.
Closes gh-7951
Replace JSR-330 validation annotations from all internal
`@ConfigurationProperties` classes with standard Asserts.
Prior to this commit validation of our own configuration properties
would only occur when the user happens to have compliant JSR-330
implementation on their classpath.
See gh-7579
This commit provides an order of zero for the RepositoryRestConfigurer
that is used internally to configure the `RepositoryRestConfiguration`. In
practice, an unordered `RepositoryRestConfigurer` will run after ours.
Closes gh-7981
Previously, OAuth2MethodSecurityConfiguration set the
PermissionEvaluator on the expression evaluator by looking in the
context for a PermissionEvaluator bean. This is unnecessary as
GlobalMethodSecurityConfiguration already does the same thing and does
so after the post-processor in OAuth2MethodSecurityConfiguration has
run. This commit removes the redundant logic and adds tests to check
that both the PermissionEvaluator and the RoleHierarchy are set use
beans in the context.
Closes gh-7979
The default is now SecurityProperties.ACCESS_OVERRIDE_ORDER-1
(instead of 3), and the user can set it with
security.oauth2.resource.filter-order (as opposed to being hard
coded). The filter is provided by Spring OAuth2 so this change is
a BeanPostProcessor to call a setter on that object.
Fixes gh-5072
Upgrade to `hibernate-validator` 5.3.4 and introduce a new
`MessageInterpolatorFactory` that creates a suitable
`MessageInterpolator` (taking into account missing EL dependencies).
Rework `ConfigurationPropertiesBindingPostProcessor` and
`ValidationAutoConfiguration` to make use of the new factory.
Fixes gh-7598
This commit removes the automatic enabling of Redis as the Spring Session
store when it is available. This case is covered by a warning in `1.4.x`
that this commit removes as well.
Closes gh-7858
Previously, property `spring.jpa.database` should be provided. This
commit allows to detect the database when `spring.datasource.url` is
provided.
Closes gh-7708
Update `ImportAutoConfigurationImportSelector` to ignore excludes for
classes that aren't loaded. Since the import classes for tests tend to
be much more limited, the exception isn't really helpful.
Closes gh-6809
Update `CacheManagerCustomizers` to deal directly with
`ClassCastException` assuming that they are because a customizer is
implemented using a lambda.
Closes gh-7788
Update `CacheManagerCustomizers` to deal directly with
`ClassCastException` assuming that they are because a customizer is
implemented using a lambda.
Closes gh-7788
Andy Wilkinson
Stephane Nicoll
Phillip Webb
Madhura Bhave
Kazuki Shimizu
Johnny Lim
Vedran Pavic
Eddú Meléndez
Dave Syer