Update Jetty 9 SSL support to register the SecureRequestCustomizer which
ensures that calling getScheme() on the HttpServletRequest returns
'https'.
Fixes gh-2232
Update WebMvcAutoConfiguration so that the RequestMappingHandlerMapping
bean is @Primary. Prior to this commit a NoUniqueBeanDefinitionException
would be thrown then using the MvcUriComponentsBuilder.
Fixes gh-2237
Update ManagementSecurityAutoConfiguration so that MVC Endpoints that
have Principal arguments are not treated in any special way. This
restores Spring Boot 1.1.x behavior where the 'sensitive' flag is used
to determine access rules.
The HealthMvcEndpoint still uses the Principal (when available) to
determine if full status information can be displayed. It now also
explicitly checks the environment for `endpoints.health.sensitive`
to determine if the user has opted-out and requires complete health
details.
The health MVC endpoint should now work as follows:
* Default configuration - No login is required, full information is only
displayed if a Principal is available.
* endpoints.health.sensitive=true - Login is required, full information
is displayed.
* endpoints.health.sensitive=false - Login is not required, full
information is displayed.
Fixes gh-2211
Previously, disabling forking was not possible if JVM arguments or an
agent are specified, even if the fork attribute is explicitly set to
`false`.
The fork attribute is now detected as it should and forking is disabled
when the fork attribute is set to false, even if JVM arguments or an
agent is either specified or discovered.
Fixes gh-2220
Add Ordered interface to all EmbeddedServletContainerCustomizers with
a value of 0. Prior to this commit it was difficult for a user to
define a customizer that would be applied before ours, even if they
implemented Ordered or added @Order annotations.
Fixes gh-2123
Update HibernateJpaAutoConfiguration to catch NoClassDefFoundError when
setting the JTA_PLATFORM. The exception can occur when running on WAS
since it ships with Hibernate 4.2 and SpringJtaPlatform extends from
AbstractJtaPlatform which is not present.
The exception is now ignored if a JDNI environment is available,
otherwise it is re-thrown.
Fixes gh-2218
Update HypermediaAutoConfiguration to apply the Jackson2HalModule to
the primary ObjectMapper. This restores the behavior of Spring Boot
1.1 where HATEOAS types could be serialized for both `application/json`
and `application/json+hal` content types.
A `spring.hateoas.apply-to-primary-object-mapper` property has also been
provided to opt-out if necessary.
Fixes gh-2147
The Servlet spec prohibits ServletContextListeners from being registered
programatically other than from with a call to
`ServletContainerInitializer.onStartup`. This restriction is not
consistently enforced by the various embedded servlet containers that
Boot supports:
- Jetty 8 does not enforce the restriction.
- Jetty 9 enforces the restriction. We were working around it be calling
setExendedListenerTypes(true) on the context.
- Tomcat somewhat enforces the restriction: it doesn't allow a
ServletContextListener to be added once the first
ServletContextListener has been called. We were using a
LifecycleListener to drive the ServletContextListeners.
- Undertow enforces the restriction and we were not working around it.
This resulted in gh-2192 being raised.
ServletListenerRegistrationBean is a ServletContextListener and is used
to register listeners, including ServletContextListeners, with the
servlet context. To adhere to the letter of the servlet spec this means
that ServletListenerRegistrationBeans need to be called from with
ServletContainerInitializer.onStartup. This commit updates all of the
embedded servlet container implementations to use a
ServletContainerInitializer to drive any ServletContextInitializers.
This makes the lifecycle more consistent across the supported containers
and allows ServletListenerRegistrationBeans to be able to register
ServletContextListeners on all supported embedded containers.
Fixes gh-2192
Actually collection types are not harmonized to their interface
counterpart; this was implemented in the first proposal but wasn't
applied in the final review.
See gh-2206
Dave Syer
Phillip Webb
Russell Allen
Stephane Nicoll
Nils Breunese
Dave Syer
izeye
Domingo Suarez Torres
Andy Wilkinson