Previously, when the preferred json mapper was set to Gson, the Gson
HTTP message converter was added before any other converters. This
changed the form of String responses that were already valid. When
Jackson is in use, a string converter is used as it appears earlier
in the list than the Jackson converter. When the mapper is switched
to Gson, the Gson converter is added first in the list of converters
and the Strong converter is no longer used. This results in the
String, that was already valid JSON, being converted again. This
changes its form as quotes are escaped, etc.
This commit updates HttpMessageConverters so that the Gson converter
is added to the list immediately before the default Jackson
converter. This is done by considering the Gson converter to be an
equivalent of the Jackson converter.
Fixes gh-27354
This is a follow-on from 3fec4110 which only considered
BatchDataSourceInitializer as a possible initializer of Batch's
database schema. Flyway and Liquibase are now also considered.
Closes gh-27193
Prior to this commit, `NettyProperties` would use `DISABLED` as the
default level for leak detection in Netty. This is not the default value
enforced by Netty, which is `SIMPLE`.
This commit changes the default configuration property value and ensures
that both stay in sync.
Fixes gh-27046
The auto-config requires Spring JDBC for DataSource creation from
spring.flyway.url or spring.liquibase.url, checking Flyway migrations
exist, etc. Without it, the application fails to start due to missing
spring-jdbc classes.
This commit updates the auto-config so that it backs off in the
absence of spring-jdbc.
Closes gh-26849
Fix a bug in `DataSourceInitializationConfiguration` and in
`R2dbcInitializationConfiguration` that was stopping
custom username/password properties from being applied.
Fixes gh-26676
Update `DatabaseInitializationDependencyConfigurer` so that depends-on
ordering is applied based on the `DatabaseInitializerDetector` order.
Prior to this commit, if multiple DatabaseInitializer beans were
detected the order in which they were initialized was not defined.
See gh-26692
This commit fixes a flawed assertion that was relying on a log message
to validate the TaskExecutor is lazy. The level of the log message has
changed in framework and broke the test. We now rather check the bean
definition.
This commit fixes a flawed assertion that was relying on a log message
to validate the TaskExecutor is lazy. The level of the log message has
changed in framework and broke the test. We now rather check the bean
definition.
When we customize Couchbase's JacksonJsonSerializer with the
auto-configured ObjectMapper, Couchbase's JsonValueModule is lost.
This prevents the storage and retrieval of JSON objects.
This commit updates the Couchbase auto-configuration to use a copy
of the auto-configured ObjectMapper with the JsonValueModule added
to it.
Fixes gh-26363
Prior to this commit, the `spring.web.resources.cache.use-last-modified`
configuration property support was lost during a merge operation right
before 2.4.2.
This is due to an invalid test that missed this unintended change. This
commit fixes both problems.
Fixes gh-26212
This commit updates TaskSchedulingAutoConfiguration to contribute a
LazyInitializationExcludeFilter that processes beans that have
@Scheduled methods. This lets them be contributed to the context so
that scheduled methods are invoked as expected.
Closes gh-25315
Previously, the embedded database connection that would be used
could only be controlled via the classpath. If multiple embedded
database dependencies were present, it wasn't possible to control
the one that the auto-configured would use. It also wasn't possible
to disable auto-configuration of an embedded database.
This commit introduces a new configuration property,
spring.datasource.embedded-database-connection. It can be set to
one of the values of the EmbeddedDatabaseConnection enum to control
the auto-configuration of an embedded database. Setting it to none
will disable the auto-configuration and ensure that an external
database is used instead.
Closes gh-23412
This commit removes `org.springframework.data.annotation.Persistent`
from the annotation types used for MongoDB entity scanning to align
with Spring Data MongoDB.
Fixes gh-25797
This commit harmonizes our auto-configuration so that default converters
are configured the same way ElasticsearchConfigurationSupport does.
Closes gh-25087
Remove the restriction previously prevented `spring.mvc.servlet.path`
from being combined with a `spring.mvc.pathmatch.matching-strategy`
of `PATH_PATTERN_PARSER`. Spring Framework supports this combination
as of v5.3.4.
See gh-24805
Auto-configure `SessionAutoConfiguration` before
`WebFluxAutoConfiguration` to ensure that the correct
`WebSessionManager` bean is created.
See gh-20970
This commit adds a new `spring.webflux.session.cookie.same-site`
confuguration property that sets the default value for the "SameSite"
attribute in the WebFlux session cookies.
Closes gh-20970
Previously, using @EnableGlobalMethodSecurity would cause the
AutoProxyCreator to be created before the AOP auto-configuration had
called AopUtils.forceAutoProxyCreatorToUseClassProxying. Forcing
auto proxy creation changes the AutoProxyCreator's bean definition
so it has no effect when attempted after the creator has been created.
This commit updates the AOP auto-configuration to use a
BeanFactoryPostProcessor to force the use of class proxying. This
ensures that the changes to the auto proxy creator's bean definition
are in place before any bean creation has been performed.
Fixes gh-25413
This commit adds a new `spring.netty.leak-detection` configuration
property that selects the level of memory leak detection for the Netty
engine.
This configuration is applied statically to Netty; this means all
(non-shaded) Netty usages as client or server will be impacted by this
change.
Developers might use this property during development or tests to find
causes of memory leaks when dealing with Netty buffers.
Closes gh-14338
Restore the deprecated `JobLauncherCommandLineRunner` class and extend
removal until 2.6. The class is still needed by spring-cloud-task.
Closes gh-25807
Update the default reactive exception handler so that `MediaType.ALL`
is removed regardless of any quality setting. Prior to this commit,
the "match-all" media type was not properly ignored if it has a quality
value and would show HTML content if the accept header was
`application/json, */*;q=0.9`.
See gh-25778
Previously, the auto-configuration for DataSource initialization and
the properties used to configure it were part of the general
DataSource auto-configuration and properties.
This commit moves the auto-configuration of DataSource initialization
out into a separate top-level auto-configuration class. Similarly,
the properties for configuring DataSource initialization have been
moved from `spring.datasource.*` into `spring.sql.init.*`.
The old initialization-related `spring.datasource.*` properties have
been deprecated but can still be used. When they are used, they new,
separate initialization auto-configuration will back off. In other
words, the initialization related `spring.datasource.*` properties
and the `spring.sql.init.*` properties cannot be used in combination.
Closes gh-25323
Spring Integration comes with some global properties which can be
configured via `META-INF/spring.integration.properties`. The framework
then provides an `integrationGlobalProperties` bean as an
`org.springframework.integration.context.IntegrationProperties`
instance.
This commit allows users to configure these using regular
`application.properties`. If a `META-INF/spring.integration.properties`
file exists, the values are used as fallback.
See gh-25377
Update `FlywayAutoConfiguration`, `LiquibaseAutoConfiguration` and
`DataSourceInitializer` classes so that they no longer depend on
`DataSourceProperties`. DB migrations can now be performed against
a `@Bean` defined primary `DataSource` with an alternative
username/password.
This update also removed using fallback properties when a custom
connection `url` is defined with Flyway or Liquibase. We now assume
that `username`, `password` and `driver-class-name` will be provided
if the default values are unacceptable. Our previous logic was
particularly flawed if a custom URL caused a change of driver type.
Closes gh-25643
This commit updates EntityManagerFactoryBuilder so that persistence unit
post processors can be registered and applied when creating an
EntityManagerFactory.
See gh-25443
This commit updates EntityManagerFactoryBuilder so that persistence unit
post processors can be registered and applied when creating an
EntityManagerFactory.
See gh-25443
Previously, WebFluxAutoConfiguration's WebFluxConfigurer was unordered.
This mean that it had lowest precedence so it was not possible for a
user to provide their own configurer that was guaranteed to run after
the auto-configuration's configurer.
This commit updates the auto-configuration to order its configurer at
0. Any unordered user-defined configurer will now run after the
auto-configuration's configurer.
Closes gh-25302
This commit augments the configuration properties that are exposed for
InfluxDB, alongside an `InfluxDbCustomizer` that gives more control.
See gh-25319
This commit refactors CacheConfigurations implementation to make
it more native friendly by storing strings instead of classes in
order to avoid loading the configuration classes
when CacheConfigurations is initialized at build time.
See gh-25321
Previously, DataSource initialization was triggered via a
BeanPostProcessor or a schema created event from JPA. This caused
numerous problems with circular dependencies, bean lifecycle, etc and
added significant complexity.
This commit reworks DataSource initialization to remove the use of a
BeanPostProcessor entirely. In its place, DataSource initialization is
now driven by an InitializingBean with dependency relationships
between beans ensuring that initialization has been performed before
the DataSource is used. This aligns with the approach that's worked
well with Flyway and Liquibase.
More changes are planned to further simplify DataSource initialization.
The changes in this commit are a foundation for those changes. Any new
public API in this commit is highly likely to change before the next
GA.
Fixes gh-13042
Fixes gh-23736
Currently Spring Integration creates its own `TaskScheduler` bean if one
does not exist in the context yet. When we add `@EnableScheduling`,
Spring Boot auto-configures one for us, but this one comes with slightly
different options than the default in Spring Integration.
This commit makes sure that Spring Integration reuses the
auto-configured TaskScheduler if possible, regardless of the user
opting-in for `@EnabledScheduling`.
See gh-25109
This commit updates DataSourceUnwrapper to take a separate interface
type argument if the target datasource has to be unwrapped, given that
the target type is usually not an interface.
Closes gh-24697
Update `DataSourceTransactionManagerAutoConfiguration` to respect
the `spring.dao.exceptiontranslation` setting. If `exceptiontranslation`
is `false` then we create a classic `DataSourceTransactionManager`
rather than a `JdbcTransactionManager`.
Fixes gh-24321
This commit adds a customizer hook point for jOOQ's configuration. When
such a bean is present, it is invoked with the auto-configuration
`Configuration`. This effectively supersedes checking for a number of
jOOQ `*Provider`beans. The existing beans are still honoured, in a
deprecated fashion.
Closes gh-24732
Previously, an error would occur when a user contributed a
`ThemeResolver` or `FlashMapManager` bean because those beans would
would not properly override the default beans provided by Spring
Framework. This commit adds conditional auto-configuration of these
bean types, preferring user-provided beans and falling back to
Framework-provided defaults.
Fixes gh-24207
This commit changes the default value of bootstrap-mode to "default"
rather than "deferred" so that the JPA infrastructure starts in the
main thread rather than asynchronously.
Closes gh-24249
Web MVC and WebFlux look up by name the Locale(Context)Resolver beans
that they use. Previously, the auto-configured resolvers for MVC and
WebFlux would back off when any bean of the required type was defined,
irrespective of its name. If the name of the user's bean didn't match
the name used by MVC and WebFlux to find the custom resolver, the
custom resolver would be ignored and MVC and WebFlux would use their
defaults. There was no indication of this happening in the condition
evaluation report as all it would show is that the auto-configured
resolver had backed off in favour of the custom resolver. It wouldn't
show anything to explain why the custom resolver had not been used.
This commit updates the auto-configured resolvers to be conditional
on a missing bean of the name required by MVC and WebFlux. If the
user then defines a custom resolver with a different name, the
condition evaluation report will show that the auto-configured
resolver remained as the bean name didn't match.
Fixes gh-24209
Prior to this commit, packaging a Spring Boot application as a container
image with Cloud Native Buildpacks could result in unwanted browser
caching behavior, with "Last-Modified" HTTP response headers pointing to
dates in the far past.
This is due to CNB resetting the last-modified date metadata for static
files (for build reproducibility and container layer caching) and Spring
static resource handling relying on that information when serving static
resources.
This commit introduces a new configuration property
`spring.web.resources.cache.use-last-modified` that can be used to
disable this behavior in Spring if the application is meant to run as a
container image built by CNB.
The default value for this property remains `true` since this remains
the default value in Spring Framework and using that information in
other deployment models is a perfectly valid use case.
Fixes gh-24099
Previously, Quartz could be configured with a specific DataSource
using `@QuartzDataSource` but it was not possible to configure a
Quartz-specific transaction manager. This could result in the
different DataSources being used by Quartz itself and Quart'z
DataSourceTransactionManager.
This commit introduces a new qualifier, `@QuartzTransactionManager`,
that can be used to avoid the above-described problem. Any
`@QuartzTransactionManager`-annotated bean will be used by the
Quartz auto-configure configuration instead of the application's main
`TransactionManager`. If no such qualified bean is present, the
application's main TransactionManager, if any, will be used as before.
Fixes gh-20184
When running on Java 11 (where `@PostConstruct` is no longer part of
the JRE) and without a dependency on jakarta-annotation-api,
`@PostContruct` annotions are silently dropped. This leads to obscure and
hard-to-track down changes in the behaviour of our auto-configuration
as the `@PostConstruct`-annotated methods are not invoked.
To allow users to run on Java 11 without having jakarta-annotation-api
on the classpath, this commit removes use of `@PostConstruct` from main
code. A Checkstyle rule has also been added to prevent its usage in
main code from being reintroduced.
Closes gh-23723
Exclude `@ConfigurationProperties` beans from method validation so
that `@Validated` can be used on final classes without the method
validation post-processor throwing an exception.
This commit introduces a `FilteredMethodValidationPostProcessor` class
which will use `MethodValidationExcludeFilters` to exclude beans from
method validation processing. Using `@EnableConfigurationProperties`
will automatically register an appropriate filter.
Closes gh-21454
Previously, the locale context resolver used with WebFlux could only be
configured by provided a custom LocaleContextResolver bean. By
constrast, when using Spring MVC, the spring.mvc.locale and
spring.mvc.locale-resolver properties could be used to configure the
locale and the resolver (fixed or Accept header) respectively.
This commit introduces spring.web.locale and spring.web.locale-resolver
properties and deprecates their spring.mvc equivalents. The new
properties can be used to configure locale resolution with either
Spring MVC or WebFlux.
Closes gh-23449
Add a dedicate condition annotation to detect when Spring Security is
available but has not been configured by the user. The new annotation
helps simplify quite a few of our auto-configuration classes.
See gh-23421
Replace `WebSecurityConfigurer` and `WebSecurityConfigurerAdapter`
configurations with `WebSecurityCustomizer` or `SecurityFilterChain`
beans.
Closes gh-23421
Previously, @WebListeners were discovered via custom component scanning
and then registered programmatically via the ServletContext. The servlet
spec requires any ServletContextListener registered in this manner to be
prohibited from programatically configuring servlets, filters, and
listeners. This left us not strictly complying with the servlet spec
as a ServletContextListener registered via a @WebListener annotation
should be able to programatically configure other components.
This commit updates WebListenerHandler to register each @WebListener
component directly with Jetty, Tomcat, or Undertow rather than via the
ServletContext API. This ensure that any @WebListener-annoated
ServletContextListener registered via servlet component scanning is
able to programatically register servlets, filters, and listeners.
There is a small chance that this will be a breaking change for some
users:
1. The ServletListenerRegistrationBeans that were previously defined
for each @WebListener will now be
WebListenerHandler.WebListenerRegistrars
2. Each @WebListener-annotated class will now be instantiated by
Jetty, Tomcat, or Undertow. Jetty and Tomcat both require the class
to be public and have a public default constructor. Previously,
a package-private class or default constructor could be used as the
instantiation was performed by Spring Framework. Undertow is not
affected as it can instantiate a package-private type.
Fixes gh-18303
This commit fixes the auto-configuration of Spring Session to use
"server.servlet.session.timeout" as a fallback for Servlet-based web
applications only.
Closes gh-23752
Prior to this commit, the `StaticResourceLocation` for favicons would
point to `"/**/favicon.ico"`. This location does not reflect the current
web development landscape, since the png format and size variants are
not supported here. Also, the `"**"` pattern can be costly at runtime
and is deprecated by the new path pattern support in Spring Framework
(see gh-22833).
This commit changes the default locations to `"/favicon.*","/*/icon-*"`,
supporting common use cases such as `"/favicon.ico"`, `"/favicon.png"`
and `"/icons/icon-48x48.png"`.
Closes gh-23126
This commit adds support for Redis cache metrics. Users can opt-in for
statistics using the "spring.cache.redis.enable-statistics" property.
Closes gh-22701
Spring 5.3 introduced the JdbcTransactionManager with exception
translation on commit and rollback. This commit updates the
auto-configuration to use this implementation rather than
DataSourceTransactionManager.
See gh-23672
Phillip Webb
Andy Wilkinson
bono007
dreis2211
Saraswathy Hariharakrishnan
Madhura Bhave
izeye
Stephane Nicoll
Henning Pöttker
Brian Clozel
Stefano Cordio
weixsun
Kedar Joshi
nguyensach
David Byron
zuisong
Scott Frederick
Alex Belyaev
Parviz Rozikov
MatejNedic
Fábio Ramon
Artem Bilan
Yuta Saito
maruoovv
johnniang
Eddú Meléndez
Sébastien Deleuze
Mukul Chaundhyan
Madhura Bhave
Scott Frederick
Gerrit Meier
Martín Dacosta
Justin Bertram
Valery Yatsynovich
paulius
Gong Yi
Phillip Webb
Stephane Nicoll
Michal Růžička
Evgeniy Cheban
Andy Wilkinson
Gary Russell
Asha Somayajula
Adrien Bennadji
Marten Deinum