Previously, SpringBootWebSecurityConfiguration required a web
application and @EnableWebSecurity to be on the classpath.
@EnableWebSecurity is in spring-security-config so this could lead
to the configuration being active when spring-security-web isn't
on the classpath but the rest of Spring Security is.
This commit updates SpringBootWebSecurityConfiguration to also make it
conditional on a class in spring-security-web.
Fixes gh-2717
Add an additional constructor to ServletRegistrationBean that indicates
if a URL mapping is always required. If set to false, the registration
will not longer use the default '/*' mapping.
Fixes gh-2596
Update SystemPublicMetrics to silently ignore ManagementFactory
NoClassDefFoundErrors which can occur when deploying to Google App
Engine.
Fixes gh-2701
Update VcapApplicationListener to support Number based credentials.
Previously, any service credential value that wasn't a String would
be discarded. This was particularly a problem for services that exposed
a port as a JSON Number. This change takes numbers in the credential
payload into account, converting them to Strings so that they will pass
through the properties system properly. There's no real downside to this
as Spring will coerce them back into Numbers if needed by an application.
Fixes gh-2707
Previously, the response from /health was not cached if the request
was secure, i.e. the user has authenticated, or the endpoint was
configured as not being sensitive.
The commit updates HealthMvcEndpoint to apply the caching logic
all the time. Users that do not want caching can disable it by
configuring the TTL with a value of zero.
Closes gh-2630
Previously, only a handful of properties could be set when
auto-configuring an Elasticsearch client. This commit introduces support
for configuring arbitrary properties using the
spring.data.elasticsearch.properties prefix. For example,
client.transport.sniff can be configured using
spring.data.elasticsearch.properties.client.transport.sniff.
Closes gh-1838
Previously, a TransportClient sniff property could not be configured
while using Spring Boot’s Elasticsearch auto-configuration. This commit
adds a new property, spring.data.elasticsearch.client-transport-sniff,
that can be used to configure the TransportClient while continuing to
use the auto-configuration support.
Closes gh-1838
In ActiveMQ 5.11 the signature of
PooledConnectionFactory.setConnectionFactory has changed. It now takes
an Object rather than a ConnectionFactory. This change is not binary
backwards compatible so it causes a NoSuchMethodError as we compile
against 5.10.
This commit updates ActiveMQConnectionFactoryConfiguration to call
the setConnectionFactory method reflectively, looking for both the
ConnectionFactory and Object variants.
Closes gh-2640
PropertySourcePropertyValues tries to process a PropertySource first
as an EnumerablePropertySource and then as a CompositePropertySource.
In Spring 4.1.2 CompositePropertySource was updated to extend
EnumerablePropertySource. This change meant that a
CompositePropertySource would always be processed as an
EnumerablePropertySource.
This commit updates PropertySourcePropertyValues to process a
PropertySource as a CompositePropertySource first and to then try it
is an EnumerablePropertySource.
Fixes gh-2608
Unfortunately it still has to happen in a @PostConstruct (otherwise
JPA never sees the schema in time), but we can delay a bit by not
using @Autowired. Appears to fix the Spring Cloud problem
(https://github.com/spring-cloud/spring-cloud-config/issues/105).
Fixes gh-2658
Spring Boot's metrics infrastructure requires a Metric to have a
Number value. Coda Hale's ThreadStatesGaugeSet includes a Gauge
named deadlocks with a Set<String> value (each entry in the set is a
description, including stacktrace, of a deadlocked thread). There's
no obvious way to coerce this to a Number, and there's already a
deadlocks.count metric in the set.
This commit updates MetricRegistryMetricReader to ignore the addition
of any Gauge with a non-Number value.
Fixes gh-2593
We currently officially support Jackson 2.4, but some users wish to
use Jackson 2.5. This causes a failure as JacksonAutoConfiguration
depends on JacksonJodaFormat which exists in 2.4 but not in 2.5. This
commit updates JodaDataTimeJacksonConfiguration to make it conditional
on JacksonJodaFormat being on the classpath. This means that Jackson
2.5 users will not have configurable DateTime formatting
(added in 201fb5e5) but things will generally work once again.
Closes gh-2573
Using findAvailableTcpPort is prone to failure when another process
starts using the available port before Undertow starts. This commit
changes UndertowEmbeddedServletContainerFactory to pass the value of
zero down into Undertow where it will ultimately be passed to a
ServerSocket which will then use the underlying OS’s support for binding
to an available port.
Undertow doesn’t provide an API for getting the port(s) on which it’s
listening. Previously, reflection was being used to access the listener
configuration but, when a random port is used, this configuration would
return zero rather than the actual port. The reflective logic has been
updated to look at Undertow’s channels from which the underlying
ServerSocket can be accessed and the local port retrieved
Closes gh-2584
ee567fa boldy claimed that it had made MetricRegistryMetricReader
thread-safe. It had not. This commit should actually make it thread
safe. I hope.
One notable improvement is that MetricRegistryMetricReader.findAll()
will no longer contain null values if a metric is removed on another
thread during iteration.
names is now a ConcurrentHashMap to allow it to be safely read and
written without holding a lock.
reverse is a LinkedMultiValueMap which is not thread-safe. This could
lead to values being lost when concurrent add calls were made. Access
to reverse is now protected by synchronizing on an internal monitor
object.
Calls to containsKey(key) followed by get(key) have been reworked to
only call get(key), this avoids the possibility of the key being
removed after the contains check but before the get.
Closes gh-2590
Previously repackaging of an archive was performed in three steps:
1. Write the manifest
2. Write entries from the source archive into the destination
3. Write any libraries into the destination if they’re not already there
This worked fine for jar files, but not for war files. In the war file
case the libraries are already in the source archive’s WEB-INF/lib
directory so they’re copied into the destination in step 2. This means
that step 3 largely becomes a no-op and, crucially, the UNPACK comment
is not applied to any libraries that require it.
This commit reorders steps 2 and 3 so that the libraries are copied into
the destination first (allowing the UNPACK comment to be written, if
required) and then any entries in the source are written into the
destination if they’re not already there.
Fixes gh-2588
MetricRegistryMetricReader’s fields where neither final, nor volatile
but could be accessed on multiple threads. This lead to visibility
problems where the value of a field would unexpectedly be null, causing
an NPE.
This commit updates all of the fields to declare them as final, thereby
ensuring that their values are guaranteed to be visible across different
threads.
Fixes gh-2590