Rename `max-http-post-size` to `max-http-form-post-size` for Jetty and
Tomcat to make it clearer that they only apply to POSTed form content.
See gh-18566
This commit renames the `server.jetty.idle-timeout` property to
`server.jetty.thread-idle-timeout`, since there are other timeout
properties that are not tied to the threadpool configuration (e.g. the
connection idle timeout).
We might regroup thread-related properties in a dedicated group in the
future, see gh-18620.
Fixes gh-18615
Previously, the methods were named addServerProcessors and
setServerProcessors which wasn't aligned with them taking
socket factory processors (ServerRSocketFactoryProcessor) as an
argument.
This commit renames the methods to align them more closely with the
type of their arguments.
Closes gh-18617
Prior to this commit, all supported servers would share the same
configuration property `server.connection-timeout`. Unfortunately, in
many cases the behavior of this timeout changes depending on the server.
From actual connection setup timeout, to detecting and closing idle
connections, this property cannot be properly translated from one server
implementation to another.
This commit deprecates this configuration property and introduces server
specific properties:
* `server.jetty.connection-idle-timeout`
(Time that the connection can be idle before it is closed.)
* `server.netty.connection-timeout`
(Connection timeout of the Netty channel.)
* `server.tomcat.connection-timeout`
(Amount of time the connector will wait, after accepting a connection,
for the request URI line to be presented.)
* `server.undertow.no-request-timeout`
(Amount of time a connection can sit idle without processing a request,
before it is closed by the server.)
`server.connection-timeout` is now deprecated and will be removed in a
future release.
Fixes gh-18473
Previously, a WebSecurityConfigurerAdapter would be configured
irrespective of whether or not the user had provided their own
WebSecurityConfigurerAdapter. This then required them to use ordering
to diambiguate the configuration and made it harder to take complete
control of security configuration.
This commit updates the configuration of the SAML 2 login configurer
adapter to be conditional on missing bean, aligning it with other
security configuration such as the equivalent OAuth 2 configurer
adapter.
Closes gh-18530
Previously, when a NoSuchBeanDefinitionException was being analyzed,
the possibility of a missing @ConstructorBinding annotation on a
@ConfigurationProperties class was not considered.
This commit updates the failure analysis for failed constructor
injection of an instance of a @ConfigurationProperties-annotated
class. When such a failure occurs, adding @ConstructorBinding is
now suggested as an action.
Closes gh-18545
Previously, Maven's default behaviour was relied up which resulted
in the artifact ID being appended to each URL as it was inherited.
This behaviour can only be disabled in Maven 3.6 and later, a version
that we cannot use due to an incompatibility with the Flatten Plugin.
This commit works around Maven's default behaviour by defining
properties for the SCM URL, connection, and developer connection and
then explicitly defining the settings in each pom using these
properties. The explicit definition of the properties in each pom
prevents them being inherited from the parent, thereby disabling the
unwanted appending of the artifact ID to the URL.
Fixes gh-18328
Add an appication context initializer to detect and store the
active RSocket port in the Environment under
`local.rsocket.server.port`.
Additionally add a `@LocalServerPort` that provides a convenient
alternative to `@Value`.
See gh-18287
Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
Update `DataSourceInitializedPublisher` to fallback to the
`LocalContainerEntityManagerFactoryBean` if the
`javax.persistence.nonJtaDataSource` property is not defined.
As of Hibernate 4.3 the property is no longer set if the `EntityManager`
is created from a `PersistenceUnitInfo` instance rather than actual
properties.
Although this is being addressed in Hibernate issue HHH-13432, it's
not strictly a requirement of the JPA spec that the property is set.
Fixes gh-17061
This will ensure that ReactiveManagementWebSecurityAutoConfiguration backs
off and that the actuator endpoints are also secured via OAuth2.
Fixes gh-17949
Previously, a number of usages of @ConditionalOnMissingBean prevented
a bean that implements an auto-configured bean's "main" interface from
causing the auto-configuration of the bean to back off. This would
happen when @ConditionalOnMissingBean did not specify a type, the
@Bean method returned the bean's concrete type, and that concreate
type implements a "main" interface.
This commit updates such usages of @ConditionalOnMissingBean to
specify the "main" interface as the type of the bean that must be
missing. This will allow, for example, the auto-configured
MongoTemplate bean to back off when a MongoOperations bean is defined.
Fixes gh-18101
After a change in Spring Framework (see
spring-projects/spring-framework#23314), the `RouteMatcher` to be used
with the RSocket infrastructure is configured on the `RSocketStrategies`
directly.
This commit moves the auto-configuration of the
`PathPatternRouteMatcher` from the message handling parts to the RSocket
strategy one.
Closes gh-17571
Previously, the upgrade to Flyway 6 broke compatibility with Flyway
5.2 due to the use of method references that refer to two methods
that do not exist in Flyway 5.2.
This commit replaces the method references with lambdas that are only
called if the user sets the related property. Unless a new-in-Flyway-6
property is set, the auto-configuration will work as before. When such
a property is set the auto-configuration will fail with a
NoSuchMethodError. This approach was chosen to make the
incompatibility clear.
We have also introduced support for passing any JavaMigration beans
in the context into Flyway. This too relies on API that is new in
Flyway 6. It is possible (although unlikely) that users had
JavaMigration beans in Spring Boot 2.1 that were being ignored. This
commit restores this behaviour when using Flyway 5.2.
Closes gh-18193
This commit applies `ServerRSocketFactoryCustomizer` beans to RSocket
setups when the RSocket server is being plugged into an existing Reactor
Netty web server.
Fixes gh-18208
Previously, a number of usages of @ConditionalOnMissingBean prevented
a bean that implements an auto-configured bean's "main" interface from
causing the auto-configuration of the bean to back off. This would
happen when @ConditionalOnMissingBean did not specify a type, the
@Bean method returned the bean's concrete type, and that concreate
type implements a "main" interface.
This commit updates such usages of @ConditionalOnMissingBean to
specify the "main" interface as the type of the bean that must be
missing. This will allow, for example, the auto-configured
MongoTemplate bean to back off when a MongoOperations bean is defined.
Update the javadoc to note that `scanBasePackages` only affects the
`@ComponentScan` annotation and isn't a replacement for `@EntityScan`
or `@Enable...Repositories`.
Closes gh-18109
Previously, a custom FlywayMigrationInitializer bean named anything
other than flywayInitializer could result in a
NoSucBeanDefinitionException as the dependencies set up for JPA and
JDBC components used the bean name flywayInitializer.
This commit updates the configuration of the dependencies to depend
on FlywayMigrationInitializer beans by type rather than name.
Fixes gh-18105
Previously, a custom Flyway bean named anything other than flyway
could result in a NoSucBeanDefinitionException as the dependencies
set up for JPA and JDBC components used the bean name flyway.
This commit updates the configuration of the dependencies to depend
on Flyway beans by name rather than type.
Fixes gh-18102
Fix caching issues in `ApplicationContextRequestMatcher` and allow
subclasses to ignore an application context entirely. Update existing
matcher implementations so that they deal with the management context
correctly.
Prior to this commit, the `ApplicationContextRequestMatcher` would
return a context cached from the first request. It also didn't
provide any way to ignore a context. This meant that if the user was
running the management server on a different port the matching results
could be inconsistent depending on if the first request arrived on
the regular context or the management context. It also meant that we
could not distinguish between the regular context and the management
context when matching.
Closes gh-18012
This commit also changes the request matcher for MVC
endpoints to use an AntPathRequestMatcher instead of an
MvcRequestMatcher. The endpoint is always available
under the mapped endpoint path and this way the same matcher
can be used for both MVC and Jersey.
Fixes gh-17912
Co-authored-by: Phillip Webb <pwebb@pivotal.io>
The userDn and password in LdapContextSource are not nullable. The
default values for userDn and password in LdapProperties are null. When
the values are set to null there will eventually be a
NullPointerException during
AbstractContextSource#setupAuthenticatedEnvironment since HashTable
doesn't allow null for values.
See gh-17861
Missing change logs would lead to an exception even
if the checkChangeLogLocation was set to false. Spring Boot's check
would pass but Liquibase would fail later making this property redundant.
Fixes gh-16232
This commit separates the auto-configuration of the `SessionFactory` in
an isolated class so that the rest of the auto-configuration is still
applied if the user provides a custom `SessionFactory` bean.
See gh-17662
This significantly rework the auto-configuration to reflect the order
in which things are expected. Rather than keeping a conceptual cycle
between the builder and the two inner classes that are processed first,
the configuration is now split in three parts:
* The builder that is required and common
* The configuration when the HighLevelClient is available
* The RestClient configuration when that's not the case
See gh-17488
* pr/17646:
Polish "Default password shouldn't be generated for resource server"
Default password should not be generated when using resource server
Closes gh-17646
This commit adds an extra condition to JdbcRepositoriesAutoConfiguration
so that it doesn't scan for repositories if a transaction manager is not
available as this dependency is now mandatory.
Closes gh-17654
Since spring-projects/spring-framework#23314 and the following commit
spring-projects/spring-framework@be4facef1b, the RSocket codec selection
is relaxed and the order of configured commits matters again.
This commit ensures that the CBOR codec is configured ahead of the JSON
codec so that it can be chosen first if no data mime type is specified
when a connection is established with a client requester.
Since spring-projects/spring-framework#23314, the `RSocketStrategies`
provide more codecs by default, and there is no need to order them to
avoid conflicts during mime type selection.
This commit also ensures that the `PayloadDecoder.ZERO_COPY` is
configured on the RSocket server if the configured `DataBufferFactory`
is compatible with that strategy.
This commit updates the `RouteMatcher` configuration after the latest
Spring Framework changes. The default route matcher implementation based
on the `PathPattern` infrastructure is now tailored for the messaging
use case (path separator, path encoding options and trailing separator).
See spring-projects/spring-framework#23310