There is a direct link between the sslEnabled flag and the default port
that should be used by an address. The checks are currently set in two
places:
* Determine which port should be used
* Determine if SSL should be enabled
This commit polishes the initial proposal so that secureConnection is
only set if a protocol is available.
See gh-19109
Previously, AbstractDependsOnBeanFactoryPostProcessor was unordered
which meant that it was impossible to guarantee that another bean
factory post-processor would run after it. This prevented overriding
of the dependsOn relationships that is creates.
This commit updates AbstractDependsOnBeanFactoryPostProcessor to give
it a default order of zero. This will allow additional bean factory
post-processors to be configured with a lower precedence order (values
greater than 0) so that they run after any
AbstractDependsOnBeanFactoryPostProcessor and can override the
dependencies that it has configured.
Fixes gh-18362
Previously, AopAutoConfiguration would only enable CGLib-based
proxies if aspectjweaver was on the classpath. The intention was for
CGLib-based proxies to always be used by default so this behaviour
was incorrect.
This commit updates AopAutoConfiguration to force the use of
CGLib-based proxies even in the absence of aspectjweaver.
Closes gh-18523
In 2.2.0, @ConfigurationPropertiesScan was enabled by default.
Unfortunately, this had the unexpected side-effect of breaking
conditional enablement of a @ConfigurationProperties class via
@EnableConfigurationProperties if the @ConfigurationProperties class
was in a package covered by scanning.
This commit remove @ConfigurationPropertiesScan from
@SpringBootApplication so that it is no longer enabled by default.
2.1.x users who rely upon such conditional enablement of
@ConfigurationProperties classes can now upgrade to 2.2.x without
having to make any changes. Users who do not have such a need and are
in a position to use configuration properties scanning can now opt-in
by adding @ConfigurationPropertiesScan to their main application class
alongside @SpringBootApplication.
Closes gh-18674
This commit creates a new configuration property
`spring.codec.max-in-memory-size` which configures the maximum
amount of data to be buffered in memory by codecs (both client and
server).
This property has no default value - it will let Spring Framework handle
the default behavior, currently enforcing a 256KB for provided codecs.
Fixes gh-18828
This commit is a follow-up of a change in Spring Framework[1] to make
sure injection points that are expecting a specific bean by name use
a qualifier.
As a result of this change, MVC uses the dedicated MVC validator again
rather than the general one auto-configured by Spring Boot.
[1] https://github.com/spring-projects/spring-framework/issues/23887
Closes gh-18672
Rename `max-http-post-size` to `max-http-form-post-size` for Jetty and
Tomcat to make it clearer that they only apply to POSTed form content.
See gh-18566
This commit renames the `server.jetty.idle-timeout` property to
`server.jetty.thread-idle-timeout`, since there are other timeout
properties that are not tied to the threadpool configuration (e.g. the
connection idle timeout).
We might regroup thread-related properties in a dedicated group in the
future, see gh-18620.
Fixes gh-18615
Previously, the methods were named addServerProcessors and
setServerProcessors which wasn't aligned with them taking
socket factory processors (ServerRSocketFactoryProcessor) as an
argument.
This commit renames the methods to align them more closely with the
type of their arguments.
Closes gh-18617
Prior to this commit, all supported servers would share the same
configuration property `server.connection-timeout`. Unfortunately, in
many cases the behavior of this timeout changes depending on the server.
From actual connection setup timeout, to detecting and closing idle
connections, this property cannot be properly translated from one server
implementation to another.
This commit deprecates this configuration property and introduces server
specific properties:
* `server.jetty.connection-idle-timeout`
(Time that the connection can be idle before it is closed.)
* `server.netty.connection-timeout`
(Connection timeout of the Netty channel.)
* `server.tomcat.connection-timeout`
(Amount of time the connector will wait, after accepting a connection,
for the request URI line to be presented.)
* `server.undertow.no-request-timeout`
(Amount of time a connection can sit idle without processing a request,
before it is closed by the server.)
`server.connection-timeout` is now deprecated and will be removed in a
future release.
Fixes gh-18473
Previously, a WebSecurityConfigurerAdapter would be configured
irrespective of whether or not the user had provided their own
WebSecurityConfigurerAdapter. This then required them to use ordering
to diambiguate the configuration and made it harder to take complete
control of security configuration.
This commit updates the configuration of the SAML 2 login configurer
adapter to be conditional on missing bean, aligning it with other
security configuration such as the equivalent OAuth 2 configurer
adapter.
Closes gh-18530
Previously, when a NoSuchBeanDefinitionException was being analyzed,
the possibility of a missing @ConstructorBinding annotation on a
@ConfigurationProperties class was not considered.
This commit updates the failure analysis for failed constructor
injection of an instance of a @ConfigurationProperties-annotated
class. When such a failure occurs, adding @ConstructorBinding is
now suggested as an action.
Closes gh-18545
Previously, Maven's default behaviour was relied up which resulted
in the artifact ID being appended to each URL as it was inherited.
This behaviour can only be disabled in Maven 3.6 and later, a version
that we cannot use due to an incompatibility with the Flatten Plugin.
This commit works around Maven's default behaviour by defining
properties for the SCM URL, connection, and developer connection and
then explicitly defining the settings in each pom using these
properties. The explicit definition of the properties in each pom
prevents them being inherited from the parent, thereby disabling the
unwanted appending of the artifact ID to the URL.
Fixes gh-18328
Add an appication context initializer to detect and store the
active RSocket port in the Environment under
`local.rsocket.server.port`.
Additionally add a `@LocalServerPort` that provides a convenient
alternative to `@Value`.
See gh-18287
Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
Update `DataSourceInitializedPublisher` to fallback to the
`LocalContainerEntityManagerFactoryBean` if the
`javax.persistence.nonJtaDataSource` property is not defined.
As of Hibernate 4.3 the property is no longer set if the `EntityManager`
is created from a `PersistenceUnitInfo` instance rather than actual
properties.
Although this is being addressed in Hibernate issue HHH-13432, it's
not strictly a requirement of the JPA spec that the property is set.
Fixes gh-17061
This will ensure that ReactiveManagementWebSecurityAutoConfiguration backs
off and that the actuator endpoints are also secured via OAuth2.
Fixes gh-17949
Previously, a number of usages of @ConditionalOnMissingBean prevented
a bean that implements an auto-configured bean's "main" interface from
causing the auto-configuration of the bean to back off. This would
happen when @ConditionalOnMissingBean did not specify a type, the
@Bean method returned the bean's concrete type, and that concreate
type implements a "main" interface.
This commit updates such usages of @ConditionalOnMissingBean to
specify the "main" interface as the type of the bean that must be
missing. This will allow, for example, the auto-configured
MongoTemplate bean to back off when a MongoOperations bean is defined.
Fixes gh-18101
After a change in Spring Framework (see
spring-projects/spring-framework#23314), the `RouteMatcher` to be used
with the RSocket infrastructure is configured on the `RSocketStrategies`
directly.
This commit moves the auto-configuration of the
`PathPatternRouteMatcher` from the message handling parts to the RSocket
strategy one.
Closes gh-17571
Previously, the upgrade to Flyway 6 broke compatibility with Flyway
5.2 due to the use of method references that refer to two methods
that do not exist in Flyway 5.2.
This commit replaces the method references with lambdas that are only
called if the user sets the related property. Unless a new-in-Flyway-6
property is set, the auto-configuration will work as before. When such
a property is set the auto-configuration will fail with a
NoSuchMethodError. This approach was chosen to make the
incompatibility clear.
We have also introduced support for passing any JavaMigration beans
in the context into Flyway. This too relies on API that is new in
Flyway 6. It is possible (although unlikely) that users had
JavaMigration beans in Spring Boot 2.1 that were being ignored. This
commit restores this behaviour when using Flyway 5.2.
Closes gh-18193
This commit applies `ServerRSocketFactoryCustomizer` beans to RSocket
setups when the RSocket server is being plugged into an existing Reactor
Netty web server.
Fixes gh-18208
Previously, a number of usages of @ConditionalOnMissingBean prevented
a bean that implements an auto-configured bean's "main" interface from
causing the auto-configuration of the bean to back off. This would
happen when @ConditionalOnMissingBean did not specify a type, the
@Bean method returned the bean's concrete type, and that concreate
type implements a "main" interface.
This commit updates such usages of @ConditionalOnMissingBean to
specify the "main" interface as the type of the bean that must be
missing. This will allow, for example, the auto-configured
MongoTemplate bean to back off when a MongoOperations bean is defined.
Update the javadoc to note that `scanBasePackages` only affects the
`@ComponentScan` annotation and isn't a replacement for `@EntityScan`
or `@Enable...Repositories`.
Closes gh-18109
Previously, a custom FlywayMigrationInitializer bean named anything
other than flywayInitializer could result in a
NoSucBeanDefinitionException as the dependencies set up for JPA and
JDBC components used the bean name flywayInitializer.
This commit updates the configuration of the dependencies to depend
on FlywayMigrationInitializer beans by type rather than name.
Fixes gh-18105
Previously, a custom Flyway bean named anything other than flyway
could result in a NoSucBeanDefinitionException as the dependencies
set up for JPA and JDBC components used the bean name flyway.
This commit updates the configuration of the dependencies to depend
on Flyway beans by name rather than type.
Fixes gh-18102
Fix caching issues in `ApplicationContextRequestMatcher` and allow
subclasses to ignore an application context entirely. Update existing
matcher implementations so that they deal with the management context
correctly.
Prior to this commit, the `ApplicationContextRequestMatcher` would
return a context cached from the first request. It also didn't
provide any way to ignore a context. This meant that if the user was
running the management server on a different port the matching results
could be inconsistent depending on if the first request arrived on
the regular context or the management context. It also meant that we
could not distinguish between the regular context and the management
context when matching.
Closes gh-18012
This commit also changes the request matcher for MVC
endpoints to use an AntPathRequestMatcher instead of an
MvcRequestMatcher. The endpoint is always available
under the mapped endpoint path and this way the same matcher
can be used for both MVC and Jersey.
Fixes gh-17912
Co-authored-by: Phillip Webb <pwebb@pivotal.io>
The userDn and password in LdapContextSource are not nullable. The
default values for userDn and password in LdapProperties are null. When
the values are set to null there will eventually be a
NullPointerException during
AbstractContextSource#setupAuthenticatedEnvironment since HashTable
doesn't allow null for values.
See gh-17861
Missing change logs would lead to an exception even
if the checkChangeLogLocation was set to false. Spring Boot's check
would pass but Liquibase would fail later making this property redundant.
Fixes gh-16232
This commit separates the auto-configuration of the `SessionFactory` in
an isolated class so that the rest of the auto-configuration is still
applied if the user provides a custom `SessionFactory` bean.
See gh-17662
This significantly rework the auto-configuration to reflect the order
in which things are expected. Rather than keeping a conceptual cycle
between the builder and the two inner classes that are processed first,
the configuration is now split in three parts:
* The builder that is required and common
* The configuration when the HighLevelClient is available
* The RestClient configuration when that's not the case
See gh-17488
dreis2211
Stephane Nicoll
Victor Mandujano
Johnny Lim
Franjo Zilic
cbono
thelproad
Brian Clozel
Adam Michalik
wonwoo
Mark Pollack
Andy Wilkinson
Phillip Webb
wycm
Rafiullah Hamedy
Dmytro Nosan
Leo Li
Alessandro Falappa
Madhura Bhave
Vedran Pavic
Verónica Vásquez
Tadaya Tsuyukubo
aohana
ibmmqmet
Peter Jurkovic
davinkevin
Semyon Danilov
Kant
HaiTao Zhang
LiangYong
Filip Hrisafov
Andrii Hrytsiuk
陈其苗
Michael Simons