If a JCache provider is started with hazelcast and the default settings,
the underlying `HazelcastInstance` is disposed at the end of the
process, not when the `CacheManager` is closed.
This commit fixes the only test that use such setup.
See also https://github.com/hazelcast/hazelcast/issues/7606
Closes gh-5209
This commit allows to customize the auto-configured `CacheManager` by
exposing a bean of type `CacheManagerCustomizer`. The implementation may
reference the type of a `CacheManager` to determine in which case it has
to be invoked.
Several implementations can be provided and ordered using the regular
`Ordered` interface and `@Order` annotation.
Closes gh-5039
Rework commit b726974 to avoid exposing setters that would permit anyone
to change Spring Boot's defaults. Also, since these are configurers of a
specific instance, they should be named accordingly.
Closes gh-5138
There's a long cycle when Spring Data REST, Data JPA and Actuator
are used in an app that retrieves its DataSource from JNDI. The cycle
is:
- WebMvcAutoConfiguration
- HttpMessageConverters
- MappingJackson2HttpMessageConverter (needs an ObjectMapper)
- SpringBootRepositoryRestMvcConfiguration
- ObjectMapper
- RepositoryResourceMappings (part of a custom Jackson module)
- Repositories
- EntityManagerFactory (Triggered by application's Spring Data JPA repository)
- HibernateJpaAutoConfiguration
- JndiDataSourceAutoConfiguration
- MBeanExporter (Used to prevent export of DataSource MBean that's already in JMX)
- EndpointMBeanExportAutoConfiguration
- ObjectMapper (Used to format JSON produced by the exported endpoints)
Spring Data Rest caused the ObjectMapper to depend on JPA. JPA depends
on the DataSource. JnidDataSourceAutoConfiguration depends on the
MBeanExporter. Actuator's MBeanExporter requires an ObjectMapper to
produce JSON strings.
This commit breaks the cycle by making JndiDataSourceAutoConfiguration
access the MBeanExporter lazily. Rather than using `@Lazy`. which does
not work with `@Autowired(required=false)`, the application context
is injected and the MBeanExporter is retrieved manually when it is
needed.
Closes gh-4980
Spring Boot supports the automatic configuration of an additional
HazelcastInstance if one already exists and an explicit property has been
set to use a different configuration for caching. So three cases are
supported really: no `HazelcastInstance` exists so we need to create one
anyway or an `HazelcastInstance` already exists; in that latter case, we
should either reuse it or create a new one.
Unfortunately, the conditions that checked those three use cases were
not ordered consistently and we could easily get in a situation where
both conditions were evaluated.
This commit makes sure that we first check if an `HazelcastInstance`
exists and then (and only then) we create the missing `HazelcastInstance`
used for caching. The tests have also been improved to validate the
proper `HazelcastInstance` is used for caching.
Closes gh-5181
Previously, if one wants to create a custom `JmsListenerContainerFactory`
or `RabbitListenerContainerFactory`, a bunch of code from the auto-
configuration must be duplicated.
This commit introduces two services to configure such factory for JMS
and AMQP with the same sensible defaults that were applied by the
auto-configufrations.
Closes gh-5138
Previously, WebSocketMessagingAutoConfiguration added a single
additional converter. This was a MappingJackson2MessageConverter
configured with the auto-configured ObjectMapper.
AbstractMessageBrokerConfiguration places additional converters before
any of the default converters. This meant that the auto-configuration
had the unwanted side-effect of changing the ordering of the
converters. A MappingJackson2MessageConverter was now first in the
list, whereas, by default, it's last in the list after a
StringMessageConverter and a ByteArrayMessageConverter.
This commit updates WebSocketMessagingAutoConfiguration so that it
switches off the registration of the default converters and registers
a StringMessageConverter, ByteArrayMessageConverter and
MappingJackson2MessageConverter in that order. A test has been
added to verify that the types of these three converters match
the types of the default converters. A second test that verifies
that String responses are converted correctly has also been added
alongside the existing test that verified the behaviour for JSON
responses.
Closes gh-5123
DriverClassNameProvider is unused but was probably restored by a merge
commit at some point. It wasn't obvious and updated that class rather
than `DatabaseDriver`.
This commit updates `DatabaseDriver` and deletes
`DriverClassNameProvider`.
Closes gh-5076
Update `ResourceBundleCondition` to only enable the messages source
if `messages.properties` (and not `messages*.properties`) exists. This
operation is much faster that performing a pattern match since a full
jar entry scan is not required.
Since adding `messages.properties` is good practice and this change
allows us to delete the custom `PathMatchingResourcePatternResolver`
it seems like a fine compromise to make.
Fixes gh-4930
See gh-4811
When a Jersey app is deployed to a standalone container, Jersey’s
ServletContainerInitializer will run and register a servlet for a class
annotated with @ApplicationPath. If Jersey’s ServletContainerInitializer
runs before Spring’s, this servlet will take precedence over the
servlet registered by JerseyAutoConfiguration and will therefore not be
configured with any init parameters specified using spring.jersey.init
For the case where Jersey’s SCI runs first, this commit updates
JerseyAutoConfiguration to examine the servlet context for an existing
registration of Jersey’s servlet (Jersey names the registration using
the fully-qualified name of the ResourceConfig subclass). If a
registration is found its init parameters are configured using the
configuration provided by spring.jersey.init.
For the case where Spring’s SCI runs first, this commit updates
JerseyAutoConfiguration so that it names its registration using the
fully-qualified name of the ResourceConfig sub-class. This allows
Jersey’s SCI to find the existing registration rather than attempting
to configure its own.
Closes gh-2471
While Flyway's `MigrationVersion` is a String value, a simple "0" is
also a valid number. When such value is not wrapped in YAML, an integer
is injected rather than a String which leads to a failure as we can't
convert it.
This commit updates the `StringToMigrationVersionConverter` to also
supports conversion from a Number. This is a convenience for users
using YAML for configuration
Closes gh-4981
The same initializer will receive multiple ContextRefreshedEvents
when their is an application context hierarchy. This commit updates
the initializer to correctly handle multiple ContextRefreshedEvents
and only act upon the first that it receives.
See gh-4871
This commit is a continuation of the changes made in b85b608. It
addresses an additional problem when testing applications where two
contexts are refreshed in quick succession. In this scenario, it
was possible, theoretically at least, for the first context’s background preinitialization to still be in progress and creating loggers when the
second is refreshed and resets the logger context.
This commit updates BackgroundPreinitializer so that, upon receipt of
a ContextRefreshedEvent, it waits for preinitialization to have
completed. In the scenario described above, this ensures that
preinitialization has completed before the call to refresh() for the
first context returns, thereby preventing it from running in parallel
with the refresh of the second context.
Closes gh-4871
If Both Hazelcast and Hibernate are available, Spring Boot takes the
opinion that Hazelcast can be used for 2nd level caching and therefore
need to start before Hibernate.
Unfortunately, some users require Hibernate in some of their hazelcast
use case so the link is actually reversed. One way for such user is to
disable the auto-configuration that deals with this link. This class is
now public so that users can locate them and exclude them if necessary.
Closes gh-4960
Previously, BackgroundPreinitializer would kick off preinitialization
on a separate thread in response to an ApplicationStartedEvent. This
work would then race with the logging system being set up in response
to an ApplicationEnvironmentPreparedEvent. When Logback’s being used
this race is problematic. As part of Logback’s setup,
LoggerContext.stop() is called. This calls LoggerContext.reset() which
can fail with a ConcurrentModificationException if another thread tries
to create a Logger at the same time. This is a known bug in Logback [1].
This commit updates BackgroundPreinitializer to respond to
an ApplicationEnvironmentPreparedEvent and to order itself so that it’s
called after LoggingApplicationListener has responded to the same event
by initializing the logging system.
Closes gh-4871
[1] http://jira.qos.ch/browse/LOGBACK-397
Mongo’s 2.x driver allowed the credentials list to be null, however
the 3.x driver requires an empty list instead. The behaviour of the 2.x
driver is the same whether the client is created with a null credential
list or an empty credential list.
This commit aligns with the requirements of the 3.x driver by ensuring
that we never pass in a null credential list when creating the client.
Closes gh-4076
Webjars locator is a good hint that the resource chain should be
enabled. The sole presence of the library now enables the resource chain
unless the configuration states otherwise.
Closes gh-4403
Previously, MustacheViewResolver would create an InputStreamReader
that wraps the template Resource's InputStream but would fail to close
the Reader. When the InputStream was a FileInputStream, this caused
the resolver to leak file handles.
This commit updates the resolver to close the Reader once the Template
has been compiled, thereby allowing any underlying resources to be
cleaned up immediately, rather than having to wait for the JVM to exit.
Closes gh-4921
This commit completes the changes to consistently used static final
fields for Log instances that were started in ec2f33f9. Specifically it:
- Removes this. when accessing logger fields that are now static
- Renames some fields from log to logger
- Makes some logger fields static
See gh-4784
SecurityFilterAutoConfiguration uses SecurityProperties which uses
SessionCreationPolicy from spring-security-config. This commit makes
SecurityFilterAutoConfiguration conditional on SessionCreationPolicy,
thereby preventing a startup failure if spring-security-web is on the
classpath but spring-security-config is not.
Closes gh-4919
Issue #4533 was supposed to make BasicBatchConfigurer public again but
unfortunately only the class visibility was changed. This commit makes
sure it can be overridden.
Closes gh-4888
Ensure that Collections.isEmpty() is used to check if there are no
elements in a collections. This is more explicit and can be faster than
calling .size().
Closes gh-4783
Spring Data’s web support includes a handler method argument resolver,
ProxyingHandlerMethodArgumentResolver, that inaccurately claims that it
can handle all interface handler method arguments. This causes problems
for handler methods that take Spring Mobile’s Device as an argument as
the proxied Device instance does not behave correctly.
This commit works around the problem by assigning an order to the
WebMvcConfigurerAdapter that registers Spring Mobile’s argument resolver
with Spring MVC. This ordering ensures that Spring Mobile’s resolver
takes precedence over Spring Data’s for Device arguments.
Closes gh-4163
Extend ElasticsearchDataAutoConfiguration to also configure an
ElasticsearchConverter and SimpleElasticsearchMappingContext both
of which are required for Spring Data REST.
Closes gh-3847
Google App Engine probits the creation of new threads. This leads to a
failure in BackgroundPreinitializer when the single thread executor
attempts to create its single thread.
This commit enhances the existing fail safety of
BackgroundPreinitializer by catching any exceptions thrown while
creating the executor and submitting the tasks to it. Any initialisation
that has not performed in the background will be performed in the
foreground instead.
Closes gh-4662
Previously, ActiveMQ's pooled connection factory was not closed as
part of the application context being closed. This would leave
non-daemon threads running which could cause shutdown to hang unless
the JVM itself was shutting down (in which case a shutdown hook would
stop the pool).
This commit configures each pooled connection factory bean with a
custom destroy method so that the pool is stopped as part of the
application context being closed. To allow the destroy method to only
be declared when the connection factory is pooled, the bean method
has been split into two; one for pooled and one for non-pooled. This
is a partial backport of the changes made in bedf2edf.
Closes gh-4748
Add a `server.server-header` property which can be used to override the
`server` header usually sent back automatically by Tomcat/Jetty or
Undertow.
See https://www.owasp.org/index.php/Securing_tomcat for background.
Fixes gh-4461
Closes gh-4504
In bedf2edf, the return type of the auto-configuration method that
creates batch's ExitCodeGenerator was changed from ExitCodeGenerator
to JobExecutionExitCodeGenerator but the on missing bean condition
was left unchanged. This means that the auto-configured bean can
only be switched off by a JobExecutionExitCodeGenerator bean, rather
than any bean that implements ExitCodeGenerator.
This commit corrects the use of @ConditionalOnMissingBean to allow any
ExitCodeGenerator bean to switch off the auto-configured one.
Closes gh-4752
Previously, BasicErrorController would return the response status
set in the javax.servlet.error.status_code request attribute when
serving JSON but would also return a 200 OK response when serving
HTML. This didn’t cause much trouble when a person was browsing, but
proved problematic for machine clients that request text/html and care
about the response status. For example, the success handler would be
driven for an XHR request even though the response was really an error.
This commit updates BasicErrorController to set the response status for
text/html responses to match the status that it would use in an
application/json response.
Closes gh-4694
Previously, the auto-configuration for embedded Mongo did not specify
a bind IP so Mongo was started without one. This would lead to Mongo
binding to all available network interfaces. This caused some friction
with the Windows firewall as it would ask for permission every time
embedded Mongo was launched.
This commit updates the auto-configuration to use
spring.data.mongodb.host to configure the bind IP for embedded Mongo.
If spring.data.mongodb.host is null, the auto-configuration will use
the loopback address instead.
Closes gh-4630
Previously, disabling SecurityAutoConfiguration could cause
SecurityFilterAutoConfiguration to fail if Spring Security’s filter
chain bean existing in the context. SecurityFilterAutoConfiguration
relies on SecurityProperties which is created by
SecurityAutoConfiguration. When SecurityAutoConfiguration is disabled,
there’s no SecurityProperties bean so SecurityFilterAutoConfiguration
would fail due to the missing dependency.
This commit updates SecurityFilterAutoConfiguration to create a
SecurityProperties bean if one does not already exist.
Closes gh-4525
A dependency on the Servlet API (the filter's dispatcher types) causes
a failure when Spring Security is used in a non-web application.
This commit removes the dependency on javax.servlet.DispatcherType
in favour of using a Set of Strings. SecurityFilterAutoConfiguration,
which is only enabled for web applications, is the responsible for
converting each String to a DispatcherType.
Closes gh-4505
This commit adds a new property, security.filter-dispatcher-types
that can be used to configure the dispatcher types of Spring
Security's filter chain. The default remains unchanged.
Closes gh-4505
Previously, JerseyAutoConfiguration was a WebApplicationInitializer.
This was problematic as auto-configuration classes should not be ordered
(they should use AutoConfigureBefore etc instead) but the web
application initializer needs to be ordered so that it can run early and
configure Jersey before it runs.
This commit has moved the WebApplicationInitializer implementation into
a separate class so that it can be ordered independently of the
auto-configuration class. Note that the new class must be public for
the servlet container (Tomcat at least) to be able to instantiate it.
Closes gh-4527
The need to set the order of ResourceServerConfiguration was
a bad assumption. The value of the order seems strange as well
(-10), and a comment explaining it makes no sense (a resource
server normally wants its filter *after* not *before* the existing
auth server filter). Removing the bean post processor didn't
fail any tests.
In case there are multiple resource servers in the same context
there was also a problem that they ended up with the same order.
Previously, the `spring.datasource.name` property was ignored when Spring
Boot configures an embedded data source with a connection pool.
`EmbeddedDatabaseConnection` is now aligned to the purely embedded case
to take that property into account.
Closes gh-4586
The SsoSecurityConfigurer that gets added when a user has a custom
WebSecurityConfigurer with @EnableOAuth2Sso is quite opinionated, and
this is preventing users from custimizing the exception handling in the
customized UI security. This change makes it less opinionated, using
request matchers to configure the default instead of ovewriting the
single authentication entry point.
Also adds an entry point responding with a 401 for XHR clients (just like
the vanilla HTTP Basic auth).
Fixes gh-4629
Add a `spring.mvc.static-path-pattern` property which can be used to
configure the path pattern used to serve static resources.
Fixes gh-4444
Closes gh-4448
Update MongoProperties to use `MongoCredential.createCredential` rather
than `MongoCredential.createMongoCRCredential`. This allows connections
to Mongo 3.0 servers to authenticate using the SCRAM-SHA-1 mechanism.
Closes gh-4237
Make sure that the general Hazelcast auto-configuration is processed
before the cache auto-configuration. This was supposed to be fixed and
tested in 721b5a2 but unfortunately the `@AutoConfigureAfter` annotation
was placed on a regular `@Configuration` class (which has no effect).
The tests were passing because the ordering is actually hardcoded in the
test. The relevant tests now use `ImportAutoConfiguration` that simulates
the same order as the one use by the actual application.
Closes gh-4389
Commit 8e0a94f introduced a post processor that adds an explicit link
between the `HazelcastInstance` and the `EntityManagerFactory` so that
Hazelcast is fully initialized before Hibernate actually kicks in.
Unfortunately, the conditions that were implemented to register this post
processor are wrong and any app that has both JPA and Hazelcast support
blows up if no bean with name `hazelcastInstance` is defined.
This commit fixes the situation and reworks the configuration in a
separate auto-configuration that runs after the Hazelcast and JPA support
and check both the presence of an `EntityManagerFactory` and a bean of
name `hazelcastInstance`. If any of those conditions does not apply the
post processor is no longer registered.
Closes gh-4158
Phillip Webb
Stephane Nicoll
Andy Wilkinson
Johnny Lim
Spring Buildmaster
Jacques-Etienne Beaudet
mnhock
Kirill Vlasov
Jacob Swanson
Artur Konczak
Eddú Meléndez
Dave Syer
Jean de Klerk
cornelcreanga@yahoo.com
Bohuslav Burghardt
awgtek