Commit 5a1ee6eb added support for disabling use of start-stop-daemon
via a placeholder in the default launch script. Unfortunately, that
placeholder was subsequently broken in 81a47639.
This commit reinstates the placeholder and adds tests to verify that all
of the placeholders in the launch script can be replaced and that they
have the required default values. Furthermore, it also allows the use of
start-stop-daemon to be configured via USE_START_STOP_DAEMON in an
app’s .conf file. This allows the configuration to be changed after the
app has been built.
Closes gh-4985
Previously, the documentation stated that jackson-dataformat-yaml was
the only required dependency. This is incorrect. jackson-databind is
also required.
Closes gh-4924
Update the documentation to include a section about ServletContext
initialization with embedded servlet containers. This update is to
primarily highlight that `WebApplicationInitializers` and Servlet 3.0+
`ServletContainerInitializers` are not called.
Fixes gh-4643
Allow users to easily opt-opt of using the start-stop-daemon in the
launch script. This may be required on distros that include older
versions.
Fixes gh-4732
Add a `server.server-header` property which can be used to override the
`server` header usually sent back automatically by Tomcat/Jetty or
Undertow.
See https://www.owasp.org/index.php/Securing_tomcat for background.
Fixes gh-4461
Closes gh-4504
Commit 8c14009 removed the endpoints.metrics.filter.enabled property so
that endpoints.metrics.enabled is used for both disabling the endpoint
and the servlet filter that records interactions.
This was an unfortunate decision as it was no longer possible to only
disable the servlet filter. The endpoints.metrics.filter.enabled property
has therefore been restored.
Closes gh-4365
This commit introduces a new property, application.title, that can
be used in a banner. Its value is resolved from the application
manifest's Implementation-Title attribute.
Closes gh-4603
This commit adds a new property, security.filter-dispatcher-types
that can be used to configure the dispatcher types of Spring
Security's filter chain. The default remains unchanged.
Closes gh-4505
This commit documents the color converter, the explicit colors and
styles that is supports, and the implicit colors used for each log
level.
Closes gh-4592
One of the options of the new `banner-mode` property is `off`. YAML maps
`off` to `false` and since we are exposing the method from the
`SpringApplication` public class we can't change the signature to accept
a `String` and do the conversion ourselves.
This commit adds a dedicated section in the guide to warn users about
that particular situation. Adding quotes around the value prevents the
conversion.
Closes gh-4600
Add a `spring.mvc.static-path-pattern` property which can be used to
configure the path pattern used to serve static resources.
Fixes gh-4444
Closes gh-4448
Add auto-configuration for the CassandraHealthIndicator. Also update
the implementation to use CassandraOperations rather than
CassandraAdminOperations.
Closes gh-4409
Introduce `AbstractAuthenticationAuditListener` and
`AbstractAuthorizationAuditListener` classes so that users can
extended them to replace the auto-configured defaults.
Closes gh-4406
Set `CachedIntrospectionResults.IGNORE_BEANINFO_PROPERTY_NAME` by
default to improve startup performance. The `spring.beaninfo.ignore`
property can be set in `application.properties` if BeanInfo classes
should be searched.
Fixes gh-4390
Create a set of core groups to gather properties logically: core, web,
security, data, integration, actuator and devtools.
In each of them, groups are ordered against their lexical order.
Closes gh-4344
In 1.3, our Gradle plugin no longer automatically applies the
application plugin. This affects the default options that are
available for explicitly configuring a project's main class. This
commit updates the documentation accordingly.
Closes gh-3768
The syntax was a bit tortured. This should clarify things and also
de-emphasise the "production" use case for the file system
properties file (we want to be cloud native don't we?).
Previously, the "Common application properties" appendix had no
consistent use of a configuration key value. It could just as well be
the default value or an example.
We now always document the default value after the "=" sign and
eventually add an example with the phrasing "For instance".
The keys have also been reordered so that they follow a natural (i.e.
lexical) order.
Closes gh-3230
Closes gh-3160
Closes gh-3155
Closes gh-3153
Previously, the nested private static class would cause an error at
startup stating that it was not accessible when trying to bind the
property from the environment. The nested class should be public.
Closes gh-4323
Previously, LoggingApplicationListener used %rEx as the default
exception conversion word. This would result in the nested causes
being logging in reverse order, i.e. the most deeply nested cause
would be logged first.
This commit updates the default to be %wEx and adds a test to verify
the default behaviour.
Closes gh-4247
If a filter is registered in `web.xml` with no `dispatcher` element, the
spec states that it should have the `REQUEST` dispatcher type only.
As we are adding more dispatcher types by default, it can be surprising
for users migrating from a `web.xml` based web app. The documentation
has now an explicit note about this.
Closes gh-2689
Improve the initial PR to include a filtering of the profiles that were
already enabled via the `spring.profiles.active` property.
Also add more tests to prove that each profile is loaded only once
now.
Closes gh-4273
Update the "INIT INFO section" of `launch.script` to include
`initInfoProvides`, `initInfoShortDescription` and `initInfoDescription`
property substitutions.
The Maven plugin has been updated to populate substitutions with
`${project.artifactId}`, `${project.name}` and `${project.description}`.
Fixes gh-4245
Flip the default value of `addResources` for both the Maven and Gradle
plugins. This effectively turns off static resources reloading and, more
importantly, the pruning of duplicate resources from the target
directory.
As devetools is our mainstram solution for such feature, the documantion
has been updated to reflect that.
Closes gh-4227
Logback documentation explains how to initialize the logging system and
namely how the `logback.configurationFile` system property can be used to
specify the configuration file to use.
Spring Boot has an abstraction on top of that. A user can define the
`logging.path` property regardless of the logging infrastructure it is
using.
Users following the logback documentation can be confused at first so
we're not logging a warning when we found out that the logback specific
property has been specified.
Closes gh-2382
Previously, the launch script would always use a file named
<appname>.log to capture the application's console output. This commit
adds a variable, LOG_FILENAME, for specifying the file name defaulting
to <appname>.log.
Fixes gh-4194
Commit adf2c44b was an attempt to prevent HSQLDB from throwing an
exception when the JVM exits. This was achieved by disabling the
application context’s shutdown hook in the tests. This had the unwanted
side effect of causing tests’ application contexts not to be closed. The
reported symptom was that @Destroy methods were no longer being invoked.
We need a different solution to the problem.
The exception was:
Caused by: org.hsqldb.HsqlException: Database lock acquisition failure: attempt to connect while db opening /closing
at org.hsqldb.error.Error.error(Unknown Source)
at org.hsqldb.error.Error.error(Unknown Source)
at org.hsqldb.error.Error.error(Unknown Source)
at org.hsqldb.DatabaseManager.getDatabase(Unknown Source)
at org.hsqldb.DatabaseManager.newSession(Unknown Source)
... 23 common frames omitted
I originally thought this was due to a race between the application
context’s shutdown hook and HSQLDB’s shutdown hook, however HSQLDB
doesn’t use a shutdown hook. I believe that the problem is due to
an HSQLDB database being created with shutdown=true in its URL, similar
to the problem described here [1]. This will shut down the database when
the last connection to it is closed, however the shutdown will happen
asynchronously. If the JVM then runs the application context’s shutdown
hook, EmbeddedDatabaseFactory will attempt to connect to the database to
execute the SHUTDOWN command. This executes synchronously but will race
with the asynchronous shutdown that’s executing as a result of
shutdown=true in the JDBC url and the last connection to the database
being closed.
This commit reinstates the use of application context shutdown hooks in
the tests, and updates the documentation to recommend that, if a user
manually configures the URL for their embedded database, they do so
in such a way that the database doesn’t shutdown automatically, thereby
allowing the shutdown to be driven by application context close.
Closes gh-4208
[1] http://sourceforge.net/p/hsqldb/bugs/1400/
Update TraceWebFilter to optionally trace more details from the
HttpServletRequest/HttpServletResponse. The `management.trace.include`
property can be used to change what aspects are logged.
Closes gh-3948
Add an `excludeDevtools` property to both the Maven and Gradle plugin
that removes `org.springframework.boot:spring-boot-devtools` (if
necessary) when repackaging the application.
Closes gh-3171
Stephane Nicoll
Phillip Webb
Johnny Lim
Spring Buildmaster
Andy Wilkinson
Robert Kapala
Brian Kelly
Kazuki Shimizu
Eddú Meléndez
cornelcreanga@yahoo.com
Yunkun Huang
Vedran Pavic
Dimitri
NersesAM
cornelcreanga@yahoo.com
Tommy Ludwig
Bohuslav Burghardt
Dave Syer
Tommy Ludwig
Axel Fontaine
d10xa
zhanhb
Tommy Ludwig
Marco Vermeulen
Wallace Wadge