Remove `spring.cache.config` as it is too generic and does not express
enough what is configured. This property is replaced by cache library
specific properties, that is `spring.cache.ehcache.config`,
`spring.cache.hazelcast.config`, `spring.cache.infinispan.config` and
`spring.cache.jcache.config`.
See gh-2633
Allow SSL to be configured via standard configuration as well as the
requestedHeartbeat. Switch to RabbitConnectionFactoryBean.
Closes gh-2655, gh-2676
User can enable OAuth2 SSO by declaring the intent (@EnableOAuth2Sso)
and also configuring the client properties (spring.oauth2.client.*).
The spring.oauth2.sso.* are only needed to change the path for the
login (defaults to /login) - any other security configuration for the
protected resources can be added in a WebSecurityConfigurerAdapter
which carries the @EnableOAuth2Sso annotation.
* Automatically spin up Authorization Server and Resource Server
* Automatically configures method level security included OAuth2Expression handler
* Wrote extensive unit tests verifying default behavior as well as the auto-configuration backing off when custom Authorization/Resource servers are included
* Created org.springframework.boot.security.oauth2 subpackage to contain it
* Can also disable either resource of authorization server completely with a single property for each
* Print out the auto-generated secrets and other settings
* Added spring-boot-sample-secure-oauth2 to provide a sample that can be run and poked with curl as well as some automated tests.
* Make users ask for which servers to install by adding @Enable*
* User has to @EnableGlobalMethodSecurity instead of using properties files
Add Spring Security OAuth2 support to Spring Boot CLI
* Triggered from either @EnableAuthorizationServer or @EnableResourceServer
* Needs to have @EnableGlobalMethodSecurity to allow picking the annotation model.
* By default, comes with import support for @PreAuthorize, @PreFilter, @PostAuthorize, and @PostFilter via a single start import
* Also need import support for the enable annotations mentioned above.
* Added extra test case and sample (oauth2.groovy)
- Apply project’s code formatting and conventions
- Don’t use the IO and worker thread configuration when creating the
worker for the AccessLogReceiver. The IO and worker thread
configuration is for HTTP request processing and a worker in its
default configuration should be sufficient for the access log
receiver.
- Don’t use a temporary directory as the default for the access log
directory. A temporary directory makes (some) sense for Tomcat as it
requires a directory for its basedir. Undertow has no such
requirement and using a temporary directory makes it hard to locate
the logs. The default has been updated to a directory named logs,
created in the current working directory.
- Document the new properties in the application properties appendix
Closes gh-3014
This commit adds support for configuring Undertow's access log via the
environment using the following properties:
server.undertow.access-log-enabled
server.undertow.access-log-pattern
server.undertow.access-log-dir
See gh-3014
Previously, JacksonAutoConfiguration would register any Jackson Module
beans with every ObjectMapper found in the application context. This
was not consistent with the rest of the Jackson auto-configuration,
which is only applied to ObjectMappers that are created or configured
via the auto-configured Jackson2ObjectMapperBuilder.
This commit removes the code that registers Jackson Module beans with
every ObjectMapper. Such beans will still be registered with
ObjectMappers created or configured using the auto-configured
Jackson2ObjectMapperBuilder. This aligns the configuration of Module
with the rest of the ObjectMapper configuration and makes it possible
for users to create an ObjectMapper bean and still have complete control
over the modules that are registered with it.
Closes gh-2489
A recent change to the internals of RequestMappingHandlerMapping
broke to Spring Mobile-related tests as they were using reflection
to verify that the configuration had been applied correctly.
This commit makes the tests more robust by using the Java API to
access the interceptors for a request and verify that the expected
interceptor is present. To further simplify the tests, the unnecessary
use of an embedded servlet container factory has also been removed.
SpringApplicationLifecycle provides basic lifecycle operations on the
current Spring Boot application (that is checking if the application has
fully started and gracefully terminate the app). It can be registered as
an MBean of the platform MBean server if a specific property is set.
The Maven plugin uses that MBean to check that the application is ready
before ending the "start" phase. It uses it to trigger a proper shutdown
of the application during the "stop" phase.
If the process has to be forked, the platform MBean server is exposed on
a configurable port so that the maven plugin can connect to it.
Such change permits the maven plugin to integrate a classical integration
test scenario where the "start" goal is invoked during the
pre-integration phase and the "stop" goal during the post-integration
phase.
Closes gh-2525
Allow the display-name of the application to be customized when deployed
in an embedded container via the `server.display-name` property.
Closes gh-2600
Updated to the `EmbeddedCacheManager` interface and added support for
default cache configuration.
Added dependencies management for the JCache support with tests
Fixes gh-2906, see gh-2633
Include auto-configuration support for Infinispan. It is possible
to specify the caches to create via `spring.cache.cache-names`.
Provider also allow to set configuration file via `spring.cache.config`.
See gh-2633
Work in 1b3efd4 actually introduced a regression: if a CacheManager is
created via a custom configuration file, it is no longer post-processed.
This commit makes sure to also customize a CacheManager that was
created that way.
See gh-2848
Expose the underlying cache infrastructure bean if Boot auto-configures
it. This is the case for ehCache, hazelcast and JCache. This change has
two side effects:
1. It is now possible to customize the underlying cache infrastructure
and let Boot only wrap it in the Spring's CacheManager abstraction. No
customizations are applied if the caching-specific service is customized
2. Such infrastructure is disposed when the application terminates as
it is now defined as `@Bean` and both `close()` and `shutdown()` methods
are invoked if present on the target type.
While the latter can be troublesome, we feel that a particular cache
instance is not meant to be shared and must be disposed when the
application terminates.
Closes gh-2848
This commit adds support for configuring the JSP servlet’s init
parameters via the environment using server.jsp-servlet.init-parameters.*.
As part of this change the configuration of registerJspServlet and
jspServletClassName have been moved onto a new type, JspServlet, and the
existing setters on ConfigurableEmbeddedServletContainer have been
deprecated. In addition to providing a model for configuring the JSP
servlet that’s consistent with the model for other configuration (SSL,
for example), this change also means that the class name and whether or
not the servlet is registered at all can now also be configured via the
environment.
Closes gh-2825
While this is a breaking change, continuing with Spring Social
Facebook 1.1.x is also broken as it is no longer compatible with
Facebook's API. Upgrading to 2.0.1.RELEASE may require some changes
to be made to users' applications, but it will allow their
applications to use the Facebook API once again.
Closes gh-2837
In addition to the changes already made in 1.2.x, this commit updates
the tests in spring-boot-actuator to ensure that any Elasticsearch
data files are written into the target directory. This avoids problems
when switching branches caused by different versions of Elasticsearch
trying to read the files.
By default, Elasticsearch writes it data to ./data. This led to data
being left on the filesystem after a mvn clean which could cause
failures when moving between branches that use different versions of
Elasticsearch.
This commit updates the tests for the Elasticsearch sample and
the Elasticsearch auto-configuration classes to write the
Elasticsearch data and logs into the target directory.
Remove the configuration map defined in `GroovyTemplateProperties` which
isn't used. Ironically, that configuration map was exposed with the exact
same prefix as `GroovyMarkupConfigurer`, which broke IDEs support since
two entries had the exact same prefix.
Fixes gh-2840
SpringApplicationLifecycle provides lifecycle operations on the current
Spring Boot application. It can be registered as an MBean of the platform
MBean server if a specific property is set. Besides, the JMX name can
also be customized via a property in case more than one Spring Boot
application is started in the same process.
The Maven plugin uses that MBean to check that the application is ready
before ending the "start" phase. It uses it to trigger a proper shutdown
of the application during the "stop" phase.
If the process has to be forked, the platform MBean server is exposed on
a configurable port so that the maven plugin can connect to it.
Such change permits the maven plugin to integrate a classical integration
test scenario where the "start" goal is invoked during the
pre-integration phase and the "stop" goal during the post-integration
phase.
Closes gh-2525
To allow us to determine the type that Spring Integration’s
GatewayProxyFactoryBean will create, the bean definition created by
MessagingGatewayRegistrar needs to set the factoryBeanObjectType
attribute. The current implementation of BeanTypeRegistry requires the
attribute’s value to be a Class, however this would require Spring
Integration’s namespace handler to load the class and class loading
should be avoided in namespace handlers.
This commit updates BeanTypeRegistry so that it supports both Class and
String values for the factoryBeanObjectType. If the value is a String
it will interpret it as a class name and attempt to load it.
See gh-2811
Provide a TransactionTemplate if one PlatformTransactionManager is
present.
Relocated the jta support as a nested package of the new transaction
package that hosts the transaction template auto-configuration. To avoid
package tangles, links between auto-configurations have been reversed.
Closes gh-2464
Closes gh-2809
Update FlywayAutoConfiguration to support pluggable migration
strategies. Rather than always calling flyway.migrate(), users can now
provide a FlywayMigrationStrategy @Bean to call whatever methods they
wish.
Fixes gh-1814
This commit updates Spring Boot to use Spring Security 4. As a result
of this, the coordinates of Thmyeleaf's Spring Security extra, for
which dependency management and auto-configuration is provided, have
been updated to the Spring Security 4 variant.
Closes gh-2727
The versions in the dependency management for the various datastore
dependencies have been aligned with those used by Spring Data Fowler.
The Data REST tests and sample application has been updated to configure
the base path in favour of the deprecated base uri property
Closes gh-2673
This commit adds support for configuring an ObjectMapper's
serialization inclusion using the environment via the
spring.jackson.serialization-inclusion property. The property's value
should be one of the values on the JsonInclude.Include enumeration.
Relaxed binding of the property value to the enum is supported. For
example:
spring.jackson.serialization-inclusion: non_null
Closes gh-2532
Previously GsonHttpMessageConvertersConfiguration was unconditional
with its nested configuration class being
@ConditionalOnClass(Gson.class). This led to the unnecessary
registration of the GsonHttpMessageConvertersConfiguration bean when
Gson isn't on the classpath.
This commit moves the condition up onto the outer class so that no
Gson-related beans are created when Gson is not on the classpath.
Closes gh-2778
Add a new ConditionalOnSingleCandidate condition that determines if the
condition should match only if autowiring by type is guaranteed to
succeed. Used by auto-configuration that relies on a single candidate of
a given type (for instance, the JdbcTemplate auto-configuration relies on
the presence of a DataSource).
Such wiring by type will succeed if only one bean of that type is present
or if one matching instance is flagged "primary" amongst the candidates.
ConditionalOnSingleCandidate is a basic version of ConditionalOnBean that
only accepts a single type and does not determine a defaut based on its
presence on a bean definition.
Closes gh-1702
According to the spec, specifying a custom URI when retrieving a
`javax.cache.CacheManager` might be used as a way to transmit the
location of a custom configuration file to initialize the underlying
cache manager.
If `spring.cache.config` is set, we use that information to retrieve a
CacheManager with that configuration file. Unfortunately, hazelcast does
not support this feature so we are setting the property key it expects
instead.
See https://github.com/hazelcast/hazelcast/issues/4943
Closes gh-2743
Previously, EhCacheCacheConfiguration could be triggered even if the
ehcache library is not present. This commit adds the missing
`ConditionalOnType` that now guards the configuration properly.
See gh-2633
Certain cache manager implementations are located in the
spring-context-support module that isn't pulled automatically.
As a result, the related cache auto-configurations should make sure that
the relevant CacheManager implementation is available.
See gh-2633
Prior to this commit, the auto-configuration report (both in its logged
form and the actuator endpoint) listed the positive and negative matches
but did not list the classes, if any, that the user had excluded.
This commit updates the logged report and the actuator endpoint to
expose a list of the excluded class names configured via the exclude
attribute on @EnableAutoConfiguration.
Closes gh-2085
Tomcat uses the strings “on” and “off” to enable and disable
compression. YAML interprets on as true and off as false, leaving
ServerProperties.Tomcat.compression configured with “true” and “false”
respectively. One solution is to use “on” rather than on and “off”
rather than off in the YAML file but users may not realise that they
need to do so.
This commit updates the connector customiser that configures compression
to map “true” to “on” and “false” to “off”.
Closes gh-2737
Include auto-configuration support for EhCache with auto-detection of
the default `ehcache.xml` at the root of the classpath. EhCache
configuration can also be set via `spring.cache.config`.
See gh-2633
Add support for cache manager auto-configuration that is triggered when
the `EnableCaching` annotation is added to a Spring Boot application.
A new "spring.cache" set of configuration keys is also provided. The
"spring.cache.mode" allows the user to specify the cache provider that
should be auto-configured. If no explicit configuration is provided,
the environment is checked for the best suited cache implementation,
that is:
- Generic if at least one `Cache` bean is defined in the context.
- Hazelcast if either a default configuration file is present or the
`spring.cache.config` property is set.
- JCache if one JSR-107 provider is present
- Redis if a `RedisTemplate` is defined in the context
- Guava
- Simple as a fallback option, using concurrent maps
- NoOp (that is, no cache) if the mode is set to "none"
If the provider supports it, it is possible to specify the caches
to create on startup via `spring.cache.cache-names`. If the provider
relies on a configuration file and a custom one needs to be used
`spring.cache.config` can be set to such custom resource.
If more than one JSR-107 provider is present, it is possible to force
the provider to use by setting the mode to `jcache` and specifying the
fully qualified class name of the CachingProvider to use via
`spring.cache.jcache.provider`.
See gh-2633
SmartApplicationListener has been superseded by GenericEventListener as
of Spring Framework 4.2. It will be eventually deprecated and removed.
Migrate our event listeners to use the new contract.
Closes gh-2576
Previously, SpringBootWebSecurityConfiguration required a web
application and @EnableWebSecurity to be on the classpath.
@EnableWebSecurity is in spring-security-config so this could lead
to the configuration being active when spring-security-web isn't
on the classpath but the rest of Spring Security is.
This commit updates SpringBootWebSecurityConfiguration to also make it
conditional on a class in spring-security-web.
Fixes gh-2717
Spring Framework’s ParamterizedRowMapper has been deprecated since
3.1 and has been removed in 4.2. Spring Batch currently relies on
ParameterizedRowMapper, making it incompatible with 4.2. To allow us to
build successfully against 4.2, this commit ignores Spring Boot’s tests
that use Spring Batch’s JDBC support.
See gh-2575
In Spring Framework 4.1, @Order on a @Configuration class had no effect.
This allowed us to use it on auto-configuration classes to control
the ordering of auto-configuration classes without it having any
broader implications for configuration class ordering.
Spring Framework 4.2 now honours @Order on @Configuration classes. This
breaks a number of tests where we were relying on the order that the
classes were passed to register when evaluating various bean conditions.
This commit replaces the use of @Order on auto-configuration classes
with a new annotation, @AutoConfigureOrder. The new annotation is
handled by AutoConfigurationSorter where it’s used to order
auto-configuration classes. This allows us to order auto-configuration
classes without the unwanted side-effect of this also affecting the
general ordering of configuration classes.
See gh-2575
Previously, only a handful of properties could be set when
auto-configuring an Elasticsearch client. This commit introduces support
for configuring arbitrary properties using the
spring.data.elasticsearch.properties prefix. For example,
client.transport.sniff can be configured using
spring.data.elasticsearch.properties.client.transport.sniff.
Closes gh-1838
Previously, a TransportClient sniff property could not be configured
while using Spring Boot’s Elasticsearch auto-configuration. This commit
adds a new property, spring.data.elasticsearch.client-transport-sniff,
that can be used to configure the TransportClient while continuing to
use the auto-configuration support.
Closes gh-1838
In ActiveMQ 5.11 the signature of
PooledConnectionFactory.setConnectionFactory has changed. It now takes
an Object rather than a ConnectionFactory. This change is not binary
backwards compatible so it causes a NoSuchMethodError as we compile
against 5.10.
This commit updates ActiveMQConnectionFactoryConfiguration to call
the setConnectionFactory method reflectively, looking for both the
ConnectionFactory and Object variants.
Closes gh-2640
Unfortunately it still has to happen in a @PostConstruct (otherwise
JPA never sees the schema in time), but we can delay a bit by not
using @Autowired. Appears to fix the Spring Cloud problem
(https://github.com/spring-cloud/spring-cloud-config/issues/105).
Fixes gh-2658
We currently officially support Jackson 2.4, but some users wish to
use Jackson 2.5. This causes a failure as JacksonAutoConfiguration
depends on JacksonJodaFormat which exists in 2.4 but not in 2.5. This
commit updates JodaDataTimeJacksonConfiguration to make it conditional
on JacksonJodaFormat being on the classpath. This means that Jackson
2.5 users will not have configurable DateTime formatting
(added in 201fb5e5) but things will generally work once again.
Closes gh-2573
Previously, MongoProperties did not consider the configuration of a
custom authentication database when creating a MongoClient. This
commit updates MongoProperties to use the authentication database
when it is configured, falling back to the normal database when it is
not configured.
Closes gh-2562
Update ElasticsearchAutoConfiguration to ensure that local nodes are
closed when the context is closed. Prior to this commit the close()
method of the Client would be called which had no effect for local
Nodes.
Fixes gh-2480
Rename RepositoryRestMvcBootConfiguration to
SpringBootRepositoryRestMvcConfiguration so that it follows the same
naming pattern as other custom Spring Boot configurations.
See gh-2392
We allow the serialization format of dates to be configured using
spring.jackson.date-format. However, this property only applies to
java.util.Date instances and has no effect on a Joda DateTime.
This commit updates our auto-configuration for Jackson to allow
the format string that is used to serialize a Joda DateTime to be
configured. A new property, spring.jackson.joda-date-time-format has
been introduced. When configured, it is used to configure the
serialization format for a Joda DateTime. When it is not configured,
we fall back to using spring.jackson.date-format. If this fails,
either because the format string is incompatible (unlikely) or because
the user's configured the fully-qualified name of a DateFormat class,
a warning is logged encouraging the use of
spring.jackson.joda-date-time-format.
Fixes gh-2225
Prior to this commit, Module beans were registered with all
ObjectMapper beans, but were not registered with the auto-configured
Jackson2ObjectMapperBuilder. This meant that any ObjectMapper created
with the builder but not exposed as a bean would not have the Module
beans registered with it. One such ObjectMapper is the one used by the
auto-configured MappingJackson2XmlHttpMessageConverter. This caused
XML (de)serialization to be different to JSON (de)serialization.
This commit updates JacksonAutoConfiguration to register all of the
application context's Module beans with the auto-configured
Jackson2ObjectMapperBuilder. This ensures consistent configuration
of any ObjectMapper that's created using the builder, irrespective of
whether or not that ObjectMapper is also exposed as a bean, and
also ensures that (de)serialization of JSON and XML is consistent.
See gh-2327
Since the BasicAuthenticationEntryPoint does its own
challenge when authentication fails, we need to add that
entry point in the SpringBootWebSecurityConfiguration
explicitly.
Fixes gh-2483
If an application defines a custom RepositoryRestMvcConfiguration, all
Spring Boot defaults are lots. While this sounds sensible, it can be
confusing as Spring Boot exposes properties (`spring.data.rest.*`) that
are no longer honored.
RepositoryRestMvcBootConfiguration is now public and can be used as an
extension point for those who need to customize the Spring Data REST
configuration and keep boot's specific defaults.
Fixes gh-2392
Update ConditionEvaluationReport so that, whenever a negative outcome
is added for a source, any existing outcomes for inner classes of that
source are updated with a non-matching outcome that indicates that the
outer configuration did not match.
Conditions are evaluated in two phases; PARSE_CONFIGURATION first and
REGISTER_BEAN second. If a parent class’s conditions match in
PARSE_CONFIGURATION then its inner classes will have their
PARSE_CONFIGURATION conditions evaluated. If they all match, the inner
class will be reported as a positive match in the auto-configuration
report even if the outer class does not match as a result of the
subsequent evaluation of a REGISTER_BEAN condition.
Fixes gh-2122