Commit Graph

168 Commits (066f97f4ef03d6643712ac77af0c8272f01af15a)

Author SHA1 Message Date
Phillip Webb 2855010841 Fix sample POMs
Update sample POMs to follow CI friendly Maven conventions.

See gh-9316
7 years ago
Spring Buildmaster 30eb937a83 Next Development Version 7 years ago
Phillip Webb 46dfe38b60 Rework security request matchers
Update the security request matchers so that a bean is no longer needed
when the matcher is used. Matchers can now be build by starting from
the `EndpointRequest` or `StaticResourceRequest` classes. For example:

http.authorizeRequests()
  .requestMatchers(EndpointRequest.to("status", "info")).permitAll()
  .requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR")
  .requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()

Closes gh-7958
7 years ago
Phillip Webb 0f99b29b1a Temporarily remove security matchers
Temporarily back out `SpringBootSecurity` to enable easier
package refactoring.

See gh-10261
7 years ago
Phillip Webb ecb8461e8c Manually format security configuration
Update security configuration formatting to follow conventions
recommended in the Spring Security documentation.

See gh-7958
7 years ago
Phillip Webb 2c97d3a5e9 Polish 7 years ago
Stephane Nicoll 98455e30dc Rename default endpoint settings to "default"
Closes gh-10098
7 years ago
Madhura Bhave e08ddbf838 Rework security autoconfiguration
This commit combines security autoconfigurations for
management endpoints and the rest of the application. By default,
if Spring Security is on the classpath, it turns on @EnableWebSecurity.
In the presence of another WebSecurityConfigurerAdapter this backs off
completely. A default AuthenticationManager is also provided with a user
and generated password. This can be turned off by specifying a bean of
type AuthenticationManager, AuthenticationProvider or UserDetailsService.

Closes gh-7958
7 years ago
Andy Wilkinson ee16332745 Update Actuator to use the new endpoint infrastructure
This commit migrates the Actuator onto the new endpoint infrastruture.
In addition to the existing support for accessing the endpoints via
JMX and HTTP using Spring MVC, support for access via HTTP using
Jersey and WebFlux has been added. This includes using a separate
management port where we now spin up an additional, appropriately
configured servlet or reactive web server to expose the management
context on a different HTTP port to the main application.

Closes gh-2921
Closes gh-5389
Closes gh-9796
7 years ago
Spring Buildmaster 17a5bb0be4 Next development version 7 years ago
Spring Buildmaster 41c5c0e7c9 Next development version 7 years ago
Spring Buildmaster 05d4d0281c Next Development Version 8 years ago
Spring Buildmaster 88e43c8421 Next Development Version 8 years ago
Brian Clozel 4d5dcca553 Add Thymeleaf auto-configuration for WebFlux
Thymeleaf 3.0 implements the Spring 5.0 view infrastructure for WebMVC
and the new WebFlux framework. This commit adds auto-configuration for
the WebFlux support.

In that process, the configuration property for `spring.thymeleaf` has
been changed to add `spring.thymeleaf.servlet` and
`spring.thymeleaf.reactive` for MVC/WebFlux specific properties.

Now that the `spring-boot-starter-thymeleaf` does not only support
Spring MVC, the transitive dependency on `spring-boot-starter-web` is
removed from it.

Fixes gh-8124
8 years ago
Phillip Webb 06558675bb Polish 8 years ago
Madhura Bhave c2e5fd031a Replace usage of WebMvcConfigurerAdapter
Closes gh-8964
8 years ago
Spring Buildmaster 9768b0a8c2 Next Development Version 8 years ago
Spring Buildmaster d719d2cbbc Next Development Version 8 years ago
Madhura Bhave bcd79dd992 Move all actuators under `/application`
Context path can be configured via `management.context-path`.

Closes gh-6886
8 years ago
Phillip Webb 67556ba8ea Restructure embedded web server packages
Rework `org.springframework.boot.context.embedded` to relocate classes
to `org.springframework.boot.web`. Packages are now organized around
the following areas:

Packages for shared concerns, for example the `WebServer` interface
to start/stop a server and the common configuration elements:
- org.springframework.boot.web.context
- org.springframework.boot.web.server

Servlet specific packages:
- org.springframework.boot.web.servlet.server
- org.springframework.boot.web.servlet.context
- org.springframework.boot.web.servlet.filter

Reactive specific packages:
- org.springframework.boot.web.reactive.context
- org.springframework.boot.web.reactive.server

Embedded server implementations (both reactive and servlet):
- org.springframework.boot.web.embedded

In addition:

- Rename `EmbeddedServletContainerFactory` to `ServletWebServerFactory`
  to align with the `ReactiveWebServerFactory`.
- Rename `EmbeddedWebApplicationContext` to
  `ServletWebServerApplicationContext` and
- Rename `EmbeddedReactiveWebApplicationContext` to
  `ReactiveWebServerApplicationContext`.
- Add checkstyle rules to restrict imports.
- Fixup all affected code to use the correct imports and local names.

Fixes gh-8532
8 years ago
Phillip Webb d8f827d224 Cleanup and format code 8 years ago
Spring Buildmaster d23fa24340 Next Development Version 8 years ago
Spring Buildmaster 2a83e80a9b Next Development Version 8 years ago
Spring Buildmaster 5c12500366 Next Development Version 8 years ago
Spring Buildmaster a2696bf873 Next Development Version 8 years ago
Spring Buildmaster ed1ce140c0 Next Development Version 8 years ago
Phillip Webb 53f1df86a2 Merge branch '1.5.x' 8 years ago
Phillip Webb be3fe12cf0 Polish 8 years ago
Spring Buildmaster 9057f9ae1f Next development version 8 years ago
Phillip Webb 1f417997f3 Merge branch '1.5.x' 8 years ago
Phillip Webb 6121208cbb Polish formatting 8 years ago
Madhura Bhave 1cd1054514 Merge branch '1.5.x' 8 years ago
Madhura Bhave 1be5812cf0 Require `ACTUATOR` role rather than `ADMIN`
Update management security to require an `ACTUATOR` role rather than
`ADMIN` by default. This should reduce the risk of users accidentally
exposing actuator endpoints because they happen to use a role named
`ADMIN`.

Fixes gh-7569
8 years ago
Spring Buildmaster e712a9ba8c Next Development Version 8 years ago
Stephane Nicoll 6643ec3713 Next development version 8 years ago
Stephane Nicoll 6bd670edbc Initiate 1.4.x branch 8 years ago
Spring Buildmaster 7e9ed5e1a7 Next Development Version 8 years ago
Spring Buildmaster 5f959b074f Next Development Version 8 years ago
Andy Wilkinson 07a50bb16c Update the samples to make use of auto-configured TestRestTemplate
Closes gh-6730
8 years ago
Andy Wilkinson 46e03529fb Remove redundant bean declarations from some of the security samples
Closes gh-6740
8 years ago
Spring Buildmaster 334baaeffd Next development version 8 years ago
Spring Buildmaster a89ef5df6e Next Development Version 8 years ago
Spring Buildmaster 2216369348 Next Development Version 8 years ago
Spring Buildmaster 819a9574a6 Next Development Version 9 years ago
Andy Wilkinson 3348ed5bb3 Make use of new GetMapping and PostMapping annotations
Closes gh-5277
9 years ago
Spring Buildmaster 376bbe68d8 Next Development Version 9 years ago
Phillip Webb a7cb689f95 Move @LocalServerPort annotation
Move the @LocalServerPort to org.springframework.boot.context.embedded
since it's only really useful when working with embedded servlet
containers.

See gh-5822
9 years ago
Phillip Webb b398b3319c Rename @SpringApplicationTest -> @SpringBootTest
Rename @SpringApplicationTest to SpringBootTest and
@SpringApplicationContextLoader to @SpringBootContextLoader.

Fixes gh-5562
9 years ago
Andy Wilkinson 33f0ea3480 Rework SpringApplicationTest to support web modes
Rework the new testing support so that @SpringApplicationTest can be
used for standard integration tests, web integration tests with a
mock Servlet environment and web integration tests with an embedded
servlet container. This means that it a replacement for 1.3's
@IntegrationTest and @WebIntegrationTest and allows all
SpringApplication testing to be configured using a common annotation.

The old @IntegrationTest and @WebIntegrationTest along with their
supporting classes have been reinstated to their previous form (while
remaining deprecated). This should ensure that they continue to work
in 1.4 exactly as they did in 1.3 giving users a smooth path to
@SpringApplicationTest.

See gh-5477
9 years ago
Phillip Webb 0829a1bde8 Drop superfluous annotations
Update internal tests to drop annotations that can now
be inferred.

Fixes gh-5470
9 years ago
Phillip Webb c28f552883 Migrate SpringJUnit4ClassRunner to SpringRunner
Replace all existing SpringJUnit4ClassRunner references with the new
SpringRunner alias.

Fixes gh-5292
9 years ago
Phillip Webb 2f815a907a Migrate existing tests from deprecated package
Update the existing tests to use the relocated `spring-boot-test`
classes. Restructuring was achieved using the following command:

find . -type f -name '*.java' -exec sed -i '' \
-e s/org.springframework.boot.test.ConfigFileApplicationContextInitializer/\
org.springframework.boot.test.context.ConfigFileApplicationContextInitializer/g \
-e s/org.springframework.boot.test.EnvironmentTestUtils/\
org.springframework.boot.test.util.EnvironmentTestUtils/g \
-e s/org.springframework.boot.test.IntegrationTest/\
org.springframework.boot.test.context.IntegrationTest/g \
-e s/org.springframework.boot.test.IntegrationTestPropertiesListener/\
org.springframework.boot.test.context.IntegrationTestPropertiesListener/g \
-e s/org.springframework.boot.test.OutputCapture/\
org.springframework.boot.test.rule.OutputCapture/g \
-e s/org.springframework.boot.test.SpringApplicationConfiguration/\
org.springframework.boot.test.context.SpringApplicationConfiguration/g \
-e s/org.springframework.boot.test.SpringApplicationContextLoader/\
org.springframework.boot.test.context.SpringApplicationContextLoader/g \
-e s/org.springframework.boot.test.SpringBootMockServletContext/\
org.springframework.boot.test.mock.web.SpringBootMockServletContext/g \
-e s/org.springframework.boot.test.TestRestTemplate/\
org.springframework.boot.test.web.client.TestRestTemplate/g \
-e s/org.springframework.boot.test.WebIntegrationTest/\
org.springframework.boot.test.context.web.WebIntegrationTest/g {} \;

See gh-5293
9 years ago
Stephane Nicoll 2526a54e31 Polish contribution
Closes gh-5337
9 years ago
Spring Buildmaster 225d877ab9 Next Development Version 9 years ago
Andy Wilkinson 44ddfcc7fa Upgrade copyright headers of all files changed in 2016 9 years ago
Phillip Webb 95c4cdbedc Fix packages and annotations used in sample
Update a few of the samples to correct the packages used in tests and
to make use of the `@SpringBootApplication` annotation.
9 years ago
Phillip Webb 1cc1fc6431 Use AssertJ in spring-boot-samples
See gh-5083
9 years ago
Phillip Webb fbaf209240 Move master to 1.4.0.BUILD-SNAPSHOT 9 years ago
Spring Buildmaster 504d3e97ba Next development version 9 years ago
Spring Buildmaster 8db59059a5 Next Development Version 9 years ago
Spring Buildmaster 3f6f57a80e Next Development Version 9 years ago
Huang YunKun 1c5e445554 Update the samples to use @WebIntegrationTest and randomPort=true
Closes gh-4294
Closes gh-4271
9 years ago
Phillip Webb 1e4d974ec0 Merge remote-tracking branch 'local12x/1.2.x' 9 years ago
Phillip Webb a79131f8d2 Organize imports with new settings
See gh-4234
9 years ago
Spring Buildmaster 2b38a861e3 Next Development Version 9 years ago
Phillip Webb e473364e4e Merge branch '1.2.x' 9 years ago
Phillip Webb 6ab376e2e8 Reformat code use Eclipse Mars 9 years ago
Spring Buildmaster 9409c49c10 Next development version 9 years ago
Phillip Webb 2615990ffb Organize imports 9 years ago
Stephane Nicoll 7c0c953f81 Add value alias for SpringApplicationConfiguration
Given that Spring Boot uses java config accross the board, a new `value`
attribute is now aliased to the existing `classes` attribute such that
one could write the following:

@SpringApplicationConfiguration(MyConfig.class)
public class MyTest {}

Closes gh-3635
9 years ago
Spring Buildmaster 7ce391db4f Next development version 10 years ago
Phillip Webb 61fc4f3f12 Polish copyright headers 10 years ago
Phillip Webb 1ce617f1ae Polish sample package names 10 years ago
Spring Buildmaster 5d81c87b43 Next Development Version 10 years ago
Spring Buildmaster e03c11dda8 Next development version 10 years ago
Phillip Webb a57a88f5cf Move master to 1.3.0.BUILD-SNAPSHOT 10 years ago
Spring Buildmaster 8f0ad02237 Next development version 10 years ago
Spring Buildmaster 60725cd8bd Next development version 10 years ago
Spring Buildmaster 1a788c1741 Next development version 10 years ago
Stephane Nicoll 249e09d9bc Switch master to 1.2.0.BUILD-SNAPSHOT 11 years ago
Spring Buildmaster 40327e1ae6 Next development version 11 years ago
Phillip Webb fa88c481a5 Remote trailing whitespace 11 years ago
Dave Syer fd757cb371 Add logging.level to application.properties
E.g.

logging.level.org.springframework: DEBUG
logging.level.org.hibernate: WARN

Fixed gh-788
11 years ago
Spring Buildmaster 981669b7c0 Next development version 11 years ago
Phillip Webb 200cd535c2 Revert "Next development version"
This reverts commit 67189477fe.
11 years ago
Spring Buildmaster 67189477fe Next development version 11 years ago
Spring Buildmaster 542f3cbda8 Next development version 11 years ago
Spring Buildmaster 4ca26a21dc Next development version 11 years ago
Spring Buildmaster 05ed7b3bcd Next development version 11 years ago
Phillip Webb 3007a777d0 Roll back to 1.1.0.BUILD-SNAPSHOT 11 years ago
Spring Buildmaster c650f2391e Next development version 11 years ago
Javier Gayoso b7d94d1364 Optimized login form - delegated CSRF token creation to thymeleaf
Also added additional test to verify behaviour.

Fixes gh-1039
11 years ago
Phillip Webb 8bcda1bcbe Polish 11 years ago
Dave Syer 14d3b46809 Add constants to SecurityProperties and ManagementServerProperties
For the convenience of users who want to selectively override the
access rules in an application without taking complete control of the
security configuration we now have some constants:

* SecurityProperties.ACCESS_OVERRIDE_ORDER for overriding just the
application endpoint access rules

* ManagementServerProperties.ACCESS_OVERRIDE_ORDER for overriding the
application endpoint and management endpoint access rules

Fixes gh-803
11 years ago
Phillip Webb 64a835e91a Move master to 1.1.0.BUILD-SNAPSHOT 11 years ago
Spring Buildmaster d3954a1703 Next development version 11 years ago
Phillip Webb fad5ce45db Polish 11 years ago
Dave Syer 0aa93036fa Fix secure method configuration global authentication
This fixes a bug in the sample, where the AuthenticationManager it builds
is a local one for the filter chain containing "/login", whereas it was
expecting to override the Boot default, which is "global". The fix is
to extract the authentication configuration out into a
GlobalAuthenticationConfigurerAdapter.

Fixes gh-699
11 years ago
Dave Syer e4b8e174e8 Add test case for gh-699 11 years ago
Dave Syer 7b07fe8ce0 Convert remaining samples to use random port
Partial fix for gh-337. See also gh-607 which complements this, but might
conflict on a merge.
11 years ago