Update SpringApplication so that ApplicationListener and
ApplicationInitializer methods must be called separately. This helps
to prevent unexpected side effects when calling the setters and
also encourages separation of concerns.
The few situations where a class was both an ApplicationInitializer
and ApplicationListener are now handled by registering an inner
listener from the `initialize` method.
BeanFactory.getBean() already looks in the parent context
so we have to be careful and not use the parent when locating
the report singleton
Fixes gh-290
Spring Boot provides a default AuthenticatiomManager for getting
started quickly with security and never exposing insecure
endpoints. To override that feature as users move to the next
stage in their project, they may have to do something slightly
different depending on whether it is a webapp or not.
In any app (web or not), providing a @Bean of type
AuthenticationManager always works, but you don't get the benefit of
the builder features.
In a webapp the user can also extend WebSecurityConfigurerAdapter
to provides a custom AuthenticationManager, and the preferred
way of doing that is via a void method that is autowired with an
AuthenticationManagerBuilder. The default AuthenticationManager is
built in a configurer with @Order(LOWEST_PRECEDENCE - 3) so
to override it the user's confugrer must have higher precedence
(lower @Order).
@EnableGlobalMethodSecurity can also be used in a non-webapp, and
Spring Boot will still provide a default AuthenticationManager.
To override it the user has to either extend
GlobalMethodSecurityConfiguration or provide a @Bean of type
AuthenticationManager (there's no other way to
capture the AuthenticationManagerBuilder that doesn't happen too late
in the beans lifecyle).
Fixes gh-244
If any @Import (or @Enable*, especially @EnableScheduling) has registered
bean *names* as ApplicationListeners, and the application context wasn't
refreshed fully when it failed, then the listener lookup could fail and
mask the original exception
Fixes gh-253
Upgrade to Tomcat 7.0.50, working around the potential
NullPointerException by also adding dependencies to
tomcat-embedded-jasper (which is now also required for Hibernate
Validator 5.0, see commit 377953babd)
Fixes gh-245
Update the 'default' package used for @Entity and Repository scanning
to be the package of the class annotated with @EnableAutoConfiguration
rather than using @ComponentScan.
This allows JPA and Spring Data to be used without requiring component
scanning and also removes the confusion that could arise from reusing
the @ComponentScan annotation, which already has well defined semantics.
Fixes gh-200
Refine the `AutoConfigurationReportLoggingInitializer` log level to
only display the information about enabling debug if the debug level
if not on.
Fixes gh-199
Update the `AutoConfigurationReportLoggingInitializer` to only output
the report at debug level. A crash report now triggers an info output
suggesting the user runs again with '--debug' to display the report.
Fixes gh-199
Add a new `SpringNamingStrategy` hibernate `NamingStrategy` that
extends `ImprovedNamingStrategy` to improve the name of foreign
key columns.
Fixes gh-213
Instead of adding active prpfiles for every one we encounter, we need to
build up a complete "default" Environment and then ask it what the active
profiles are. Implemented in ConfigFileApplicationListener.
Fixes gh-198
Also logs a warning about the fact that locks may not be taken when
starting a Job. JPA and Batch don't really work that well together
in general so it's probably not worth a lot of effort to work aoround
this. If anyone needs to they should create a custom JpaDialect
(and a BatchConfigurer).
Fixes gh-197
Phillip Webb
Christian Dupuis
Dave Syer
Christopher Smith
Andy Wilkinson