User can enable OAuth2 SSO by declaring the intent (@EnableOAuth2Sso)
and also configuring the client properties (spring.oauth2.client.*).
The spring.oauth2.sso.* are only needed to change the path for the
login (defaults to /login) - any other security configuration for the
protected resources can be added in a WebSecurityConfigurerAdapter
which carries the @EnableOAuth2Sso annotation.
* Automatically spin up Authorization Server and Resource Server
* Automatically configures method level security included OAuth2Expression handler
* Wrote extensive unit tests verifying default behavior as well as the auto-configuration backing off when custom Authorization/Resource servers are included
* Created org.springframework.boot.security.oauth2 subpackage to contain it
* Can also disable either resource of authorization server completely with a single property for each
* Print out the auto-generated secrets and other settings
* Added spring-boot-sample-secure-oauth2 to provide a sample that can be run and poked with curl as well as some automated tests.
* Make users ask for which servers to install by adding @Enable*
* User has to @EnableGlobalMethodSecurity instead of using properties files
Add Spring Security OAuth2 support to Spring Boot CLI
* Triggered from either @EnableAuthorizationServer or @EnableResourceServer
* Needs to have @EnableGlobalMethodSecurity to allow picking the annotation model.
* By default, comes with import support for @PreAuthorize, @PreFilter, @PostAuthorize, and @PostFilter via a single start import
* Also need import support for the enable annotations mentioned above.
* Added extra test case and sample (oauth2.groovy)
- Apply project’s code formatting and conventions
- Don’t use the IO and worker thread configuration when creating the
worker for the AccessLogReceiver. The IO and worker thread
configuration is for HTTP request processing and a worker in its
default configuration should be sufficient for the access log
receiver.
- Don’t use a temporary directory as the default for the access log
directory. A temporary directory makes (some) sense for Tomcat as it
requires a directory for its basedir. Undertow has no such
requirement and using a temporary directory makes it hard to locate
the logs. The default has been updated to a directory named logs,
created in the current working directory.
- Document the new properties in the application properties appendix
Closes gh-3014
This commit adds support for configuring Undertow's access log via the
environment using the following properties:
server.undertow.access-log-enabled
server.undertow.access-log-pattern
server.undertow.access-log-dir
See gh-3014
Previously, JacksonAutoConfiguration would register any Jackson Module
beans with every ObjectMapper found in the application context. This
was not consistent with the rest of the Jackson auto-configuration,
which is only applied to ObjectMappers that are created or configured
via the auto-configured Jackson2ObjectMapperBuilder.
This commit removes the code that registers Jackson Module beans with
every ObjectMapper. Such beans will still be registered with
ObjectMappers created or configured using the auto-configured
Jackson2ObjectMapperBuilder. This aligns the configuration of Module
with the rest of the ObjectMapper configuration and makes it possible
for users to create an ObjectMapper bean and still have complete control
over the modules that are registered with it.
Closes gh-2489
A recent change to the internals of RequestMappingHandlerMapping
broke to Spring Mobile-related tests as they were using reflection
to verify that the configuration had been applied correctly.
This commit makes the tests more robust by using the Java API to
access the interceptors for a request and verify that the expected
interceptor is present. To further simplify the tests, the unnecessary
use of an embedded servlet container factory has also been removed.
SpringApplicationLifecycle provides basic lifecycle operations on the
current Spring Boot application (that is checking if the application has
fully started and gracefully terminate the app). It can be registered as
an MBean of the platform MBean server if a specific property is set.
The Maven plugin uses that MBean to check that the application is ready
before ending the "start" phase. It uses it to trigger a proper shutdown
of the application during the "stop" phase.
If the process has to be forked, the platform MBean server is exposed on
a configurable port so that the maven plugin can connect to it.
Such change permits the maven plugin to integrate a classical integration
test scenario where the "start" goal is invoked during the
pre-integration phase and the "stop" goal during the post-integration
phase.
Closes gh-2525
Allow the display-name of the application to be customized when deployed
in an embedded container via the `server.display-name` property.
Closes gh-2600
Updated to the `EmbeddedCacheManager` interface and added support for
default cache configuration.
Added dependencies management for the JCache support with tests
Fixes gh-2906, see gh-2633
Include auto-configuration support for Infinispan. It is possible
to specify the caches to create via `spring.cache.cache-names`.
Provider also allow to set configuration file via `spring.cache.config`.
See gh-2633
Work in 1b3efd4 actually introduced a regression: if a CacheManager is
created via a custom configuration file, it is no longer post-processed.
This commit makes sure to also customize a CacheManager that was
created that way.
See gh-2848
Expose the underlying cache infrastructure bean if Boot auto-configures
it. This is the case for ehCache, hazelcast and JCache. This change has
two side effects:
1. It is now possible to customize the underlying cache infrastructure
and let Boot only wrap it in the Spring's CacheManager abstraction. No
customizations are applied if the caching-specific service is customized
2. Such infrastructure is disposed when the application terminates as
it is now defined as `@Bean` and both `close()` and `shutdown()` methods
are invoked if present on the target type.
While the latter can be troublesome, we feel that a particular cache
instance is not meant to be shared and must be disposed when the
application terminates.
Closes gh-2848
This commit adds support for configuring the JSP servlet’s init
parameters via the environment using server.jsp-servlet.init-parameters.*.
As part of this change the configuration of registerJspServlet and
jspServletClassName have been moved onto a new type, JspServlet, and the
existing setters on ConfigurableEmbeddedServletContainer have been
deprecated. In addition to providing a model for configuring the JSP
servlet that’s consistent with the model for other configuration (SSL,
for example), this change also means that the class name and whether or
not the servlet is registered at all can now also be configured via the
environment.
Closes gh-2825
While this is a breaking change, continuing with Spring Social
Facebook 1.1.x is also broken as it is no longer compatible with
Facebook's API. Upgrading to 2.0.1.RELEASE may require some changes
to be made to users' applications, but it will allow their
applications to use the Facebook API once again.
Closes gh-2837
In addition to the changes already made in 1.2.x, this commit updates
the tests in spring-boot-actuator to ensure that any Elasticsearch
data files are written into the target directory. This avoids problems
when switching branches caused by different versions of Elasticsearch
trying to read the files.
By default, Elasticsearch writes it data to ./data. This led to data
being left on the filesystem after a mvn clean which could cause
failures when moving between branches that use different versions of
Elasticsearch.
This commit updates the tests for the Elasticsearch sample and
the Elasticsearch auto-configuration classes to write the
Elasticsearch data and logs into the target directory.
Remove the configuration map defined in `GroovyTemplateProperties` which
isn't used. Ironically, that configuration map was exposed with the exact
same prefix as `GroovyMarkupConfigurer`, which broke IDEs support since
two entries had the exact same prefix.
Fixes gh-2840
SpringApplicationLifecycle provides lifecycle operations on the current
Spring Boot application. It can be registered as an MBean of the platform
MBean server if a specific property is set. Besides, the JMX name can
also be customized via a property in case more than one Spring Boot
application is started in the same process.
The Maven plugin uses that MBean to check that the application is ready
before ending the "start" phase. It uses it to trigger a proper shutdown
of the application during the "stop" phase.
If the process has to be forked, the platform MBean server is exposed on
a configurable port so that the maven plugin can connect to it.
Such change permits the maven plugin to integrate a classical integration
test scenario where the "start" goal is invoked during the
pre-integration phase and the "stop" goal during the post-integration
phase.
Closes gh-2525
To allow us to determine the type that Spring Integration’s
GatewayProxyFactoryBean will create, the bean definition created by
MessagingGatewayRegistrar needs to set the factoryBeanObjectType
attribute. The current implementation of BeanTypeRegistry requires the
attribute’s value to be a Class, however this would require Spring
Integration’s namespace handler to load the class and class loading
should be avoided in namespace handlers.
This commit updates BeanTypeRegistry so that it supports both Class and
String values for the factoryBeanObjectType. If the value is a String
it will interpret it as a class name and attempt to load it.
See gh-2811
Provide a TransactionTemplate if one PlatformTransactionManager is
present.
Relocated the jta support as a nested package of the new transaction
package that hosts the transaction template auto-configuration. To avoid
package tangles, links between auto-configurations have been reversed.
Closes gh-2464
Closes gh-2809
Update FlywayAutoConfiguration to support pluggable migration
strategies. Rather than always calling flyway.migrate(), users can now
provide a FlywayMigrationStrategy @Bean to call whatever methods they
wish.
Fixes gh-1814
This commit updates Spring Boot to use Spring Security 4. As a result
of this, the coordinates of Thmyeleaf's Spring Security extra, for
which dependency management and auto-configuration is provided, have
been updated to the Spring Security 4 variant.
Closes gh-2727
The versions in the dependency management for the various datastore
dependencies have been aligned with those used by Spring Data Fowler.
The Data REST tests and sample application has been updated to configure
the base path in favour of the deprecated base uri property
Closes gh-2673
This commit adds support for configuring an ObjectMapper's
serialization inclusion using the environment via the
spring.jackson.serialization-inclusion property. The property's value
should be one of the values on the JsonInclude.Include enumeration.
Relaxed binding of the property value to the enum is supported. For
example:
spring.jackson.serialization-inclusion: non_null
Closes gh-2532
Previously GsonHttpMessageConvertersConfiguration was unconditional
with its nested configuration class being
@ConditionalOnClass(Gson.class). This led to the unnecessary
registration of the GsonHttpMessageConvertersConfiguration bean when
Gson isn't on the classpath.
This commit moves the condition up onto the outer class so that no
Gson-related beans are created when Gson is not on the classpath.
Closes gh-2778
Add a new ConditionalOnSingleCandidate condition that determines if the
condition should match only if autowiring by type is guaranteed to
succeed. Used by auto-configuration that relies on a single candidate of
a given type (for instance, the JdbcTemplate auto-configuration relies on
the presence of a DataSource).
Such wiring by type will succeed if only one bean of that type is present
or if one matching instance is flagged "primary" amongst the candidates.
ConditionalOnSingleCandidate is a basic version of ConditionalOnBean that
only accepts a single type and does not determine a defaut based on its
presence on a bean definition.
Closes gh-1702
According to the spec, specifying a custom URI when retrieving a
`javax.cache.CacheManager` might be used as a way to transmit the
location of a custom configuration file to initialize the underlying
cache manager.
If `spring.cache.config` is set, we use that information to retrieve a
CacheManager with that configuration file. Unfortunately, hazelcast does
not support this feature so we are setting the property key it expects
instead.
See https://github.com/hazelcast/hazelcast/issues/4943
Closes gh-2743
Previously, EhCacheCacheConfiguration could be triggered even if the
ehcache library is not present. This commit adds the missing
`ConditionalOnType` that now guards the configuration properly.
See gh-2633
Certain cache manager implementations are located in the
spring-context-support module that isn't pulled automatically.
As a result, the related cache auto-configurations should make sure that
the relevant CacheManager implementation is available.
See gh-2633
Prior to this commit, the auto-configuration report (both in its logged
form and the actuator endpoint) listed the positive and negative matches
but did not list the classes, if any, that the user had excluded.
This commit updates the logged report and the actuator endpoint to
expose a list of the excluded class names configured via the exclude
attribute on @EnableAutoConfiguration.
Closes gh-2085
Tomcat uses the strings “on” and “off” to enable and disable
compression. YAML interprets on as true and off as false, leaving
ServerProperties.Tomcat.compression configured with “true” and “false”
respectively. One solution is to use “on” rather than on and “off”
rather than off in the YAML file but users may not realise that they
need to do so.
This commit updates the connector customiser that configures compression
to map “true” to “on” and “false” to “off”.
Closes gh-2737
Include auto-configuration support for EhCache with auto-detection of
the default `ehcache.xml` at the root of the classpath. EhCache
configuration can also be set via `spring.cache.config`.
See gh-2633
Add support for cache manager auto-configuration that is triggered when
the `EnableCaching` annotation is added to a Spring Boot application.
A new "spring.cache" set of configuration keys is also provided. The
"spring.cache.mode" allows the user to specify the cache provider that
should be auto-configured. If no explicit configuration is provided,
the environment is checked for the best suited cache implementation,
that is:
- Generic if at least one `Cache` bean is defined in the context.
- Hazelcast if either a default configuration file is present or the
`spring.cache.config` property is set.
- JCache if one JSR-107 provider is present
- Redis if a `RedisTemplate` is defined in the context
- Guava
- Simple as a fallback option, using concurrent maps
- NoOp (that is, no cache) if the mode is set to "none"
If the provider supports it, it is possible to specify the caches
to create on startup via `spring.cache.cache-names`. If the provider
relies on a configuration file and a custom one needs to be used
`spring.cache.config` can be set to such custom resource.
If more than one JSR-107 provider is present, it is possible to force
the provider to use by setting the mode to `jcache` and specifying the
fully qualified class name of the CachingProvider to use via
`spring.cache.jcache.provider`.
See gh-2633
SmartApplicationListener has been superseded by GenericEventListener as
of Spring Framework 4.2. It will be eventually deprecated and removed.
Migrate our event listeners to use the new contract.
Closes gh-2576
Previously, SpringBootWebSecurityConfiguration required a web
application and @EnableWebSecurity to be on the classpath.
@EnableWebSecurity is in spring-security-config so this could lead
to the configuration being active when spring-security-web isn't
on the classpath but the rest of Spring Security is.
This commit updates SpringBootWebSecurityConfiguration to also make it
conditional on a class in spring-security-web.
Fixes gh-2717
Spring Framework’s ParamterizedRowMapper has been deprecated since
3.1 and has been removed in 4.2. Spring Batch currently relies on
ParameterizedRowMapper, making it incompatible with 4.2. To allow us to
build successfully against 4.2, this commit ignores Spring Boot’s tests
that use Spring Batch’s JDBC support.
See gh-2575
In Spring Framework 4.1, @Order on a @Configuration class had no effect.
This allowed us to use it on auto-configuration classes to control
the ordering of auto-configuration classes without it having any
broader implications for configuration class ordering.
Spring Framework 4.2 now honours @Order on @Configuration classes. This
breaks a number of tests where we were relying on the order that the
classes were passed to register when evaluating various bean conditions.
This commit replaces the use of @Order on auto-configuration classes
with a new annotation, @AutoConfigureOrder. The new annotation is
handled by AutoConfigurationSorter where it’s used to order
auto-configuration classes. This allows us to order auto-configuration
classes without the unwanted side-effect of this also affecting the
general ordering of configuration classes.
See gh-2575
Previously, only a handful of properties could be set when
auto-configuring an Elasticsearch client. This commit introduces support
for configuring arbitrary properties using the
spring.data.elasticsearch.properties prefix. For example,
client.transport.sniff can be configured using
spring.data.elasticsearch.properties.client.transport.sniff.
Closes gh-1838
Previously, a TransportClient sniff property could not be configured
while using Spring Boot’s Elasticsearch auto-configuration. This commit
adds a new property, spring.data.elasticsearch.client-transport-sniff,
that can be used to configure the TransportClient while continuing to
use the auto-configuration support.
Closes gh-1838
In ActiveMQ 5.11 the signature of
PooledConnectionFactory.setConnectionFactory has changed. It now takes
an Object rather than a ConnectionFactory. This change is not binary
backwards compatible so it causes a NoSuchMethodError as we compile
against 5.10.
This commit updates ActiveMQConnectionFactoryConfiguration to call
the setConnectionFactory method reflectively, looking for both the
ConnectionFactory and Object variants.
Closes gh-2640
Unfortunately it still has to happen in a @PostConstruct (otherwise
JPA never sees the schema in time), but we can delay a bit by not
using @Autowired. Appears to fix the Spring Cloud problem
(https://github.com/spring-cloud/spring-cloud-config/issues/105).
Fixes gh-2658
We currently officially support Jackson 2.4, but some users wish to
use Jackson 2.5. This causes a failure as JacksonAutoConfiguration
depends on JacksonJodaFormat which exists in 2.4 but not in 2.5. This
commit updates JodaDataTimeJacksonConfiguration to make it conditional
on JacksonJodaFormat being on the classpath. This means that Jackson
2.5 users will not have configurable DateTime formatting
(added in 201fb5e5) but things will generally work once again.
Closes gh-2573
Previously, MongoProperties did not consider the configuration of a
custom authentication database when creating a MongoClient. This
commit updates MongoProperties to use the authentication database
when it is configured, falling back to the normal database when it is
not configured.
Closes gh-2562
Update ElasticsearchAutoConfiguration to ensure that local nodes are
closed when the context is closed. Prior to this commit the close()
method of the Client would be called which had no effect for local
Nodes.
Fixes gh-2480
Rename RepositoryRestMvcBootConfiguration to
SpringBootRepositoryRestMvcConfiguration so that it follows the same
naming pattern as other custom Spring Boot configurations.
See gh-2392
We allow the serialization format of dates to be configured using
spring.jackson.date-format. However, this property only applies to
java.util.Date instances and has no effect on a Joda DateTime.
This commit updates our auto-configuration for Jackson to allow
the format string that is used to serialize a Joda DateTime to be
configured. A new property, spring.jackson.joda-date-time-format has
been introduced. When configured, it is used to configure the
serialization format for a Joda DateTime. When it is not configured,
we fall back to using spring.jackson.date-format. If this fails,
either because the format string is incompatible (unlikely) or because
the user's configured the fully-qualified name of a DateFormat class,
a warning is logged encouraging the use of
spring.jackson.joda-date-time-format.
Fixes gh-2225
Prior to this commit, Module beans were registered with all
ObjectMapper beans, but were not registered with the auto-configured
Jackson2ObjectMapperBuilder. This meant that any ObjectMapper created
with the builder but not exposed as a bean would not have the Module
beans registered with it. One such ObjectMapper is the one used by the
auto-configured MappingJackson2XmlHttpMessageConverter. This caused
XML (de)serialization to be different to JSON (de)serialization.
This commit updates JacksonAutoConfiguration to register all of the
application context's Module beans with the auto-configured
Jackson2ObjectMapperBuilder. This ensures consistent configuration
of any ObjectMapper that's created using the builder, irrespective of
whether or not that ObjectMapper is also exposed as a bean, and
also ensures that (de)serialization of JSON and XML is consistent.
See gh-2327
Since the BasicAuthenticationEntryPoint does its own
challenge when authentication fails, we need to add that
entry point in the SpringBootWebSecurityConfiguration
explicitly.
Fixes gh-2483
If an application defines a custom RepositoryRestMvcConfiguration, all
Spring Boot defaults are lots. While this sounds sensible, it can be
confusing as Spring Boot exposes properties (`spring.data.rest.*`) that
are no longer honored.
RepositoryRestMvcBootConfiguration is now public and can be used as an
extension point for those who need to customize the Spring Data REST
configuration and keep boot's specific defaults.
Fixes gh-2392
Update ConditionEvaluationReport so that, whenever a negative outcome
is added for a source, any existing outcomes for inner classes of that
source are updated with a non-matching outcome that indicates that the
outer configuration did not match.
Conditions are evaluated in two phases; PARSE_CONFIGURATION first and
REGISTER_BEAN second. If a parent class’s conditions match in
PARSE_CONFIGURATION then its inner classes will have their
PARSE_CONFIGURATION conditions evaluated. If they all match, the inner
class will be reported as a positive match in the auto-configuration
report even if the outer class does not match as a result of the
subsequent evaluation of a REGISTER_BEAN condition.
Fixes gh-2122
Tomcat 8's default DataSource implemention is an MBean. Previously,
when such a DataSource was consumed from JNDI and an MBeanExporter had
been auto-configured an attempt would be made to export this MBean to
the MBean server. This would fail due to Tomcat having already
registered the MBean.
This commit updates JndiDataSourceAutoConfiguration to instruct the
MBeanExporter (if there is one) not to export a DataSource MBean
that's been retrieved from JNDI. The assumption is that any MBean in
JNDI will have already been registered with the MBean server by the
same infrastructure that registered it with JNDI.
Fixes gh-2397
preferred-mapper has been renamed to preferred-json-mapper to make it
clear that it only affects the JSON mapper and that the XML mapper
that will be used (if any) is unaffected
See gh-2247
This commit rewords the changes made in d718a80 so that simply adding
Gson to the classpath isn't sufficient to stop Jackson being used
for HTTP JSON mapping. To use Gson, the user must now either remove
Jackson from the classpath (not an option if they also wish to use
the Actuator) or configure the spring.http.converters.preferred-mapper
property with a value gson.
Closes gh-2247
Previously the recommendation when a user wanted to use Gson was to
exclude Jackson from the classpath and add Gson. This worked fine until
the user also want to use the Actuator which requires Jackson. To get
over this hurdle the user could leave Jackson on the classpath and
perform their own HttpMessageConverter configuration and register a
GsonHttpMessageConverter instead of or before any Jackson-based
converter. A little complicated, but it worked.
This commit makes things easier by updating the auto-configuration for
HTTP message converters to prefer Gson when both Gson and Jackson are
on the classpath, i.e. in the presence of both, a
GsonHttpMessageConverter will be auto-configured and a
MappingJackson2HttpMessageConverter won’t be. This allows an
application to easily use Gson while allowing the Actuator to continue
to use Jackson.
Closes gh-2247
This commit adds support for configuring the XA DataSource and
ConnectionFactory pools created by Atomikos and Bitronix via the
environment. The property prefixes vary depending on the transaction
manager that’s in use. They are:
Bitronix:
- spring.jta.bitronix.datasource
- spring.jta.bitronix.connectionfactory
Atomikos:
- spring.jta.atomikos.datasource
- spring.jta.atomikos.connectionfactory
The configuration processor has been updated to ignore
javax.jms.XAConnectionFactory and javax.sql.XADataSource as neither of
these types can be created via property binding.
Closes gh-2027
At the time of writing WAS only supports JPA 2.0 which means that
Hibernate 4.2 is the latest version that can be used. SpringJtaPlatform
is Hibernate 4.3-specific as JtaPlatform’s package changed between
Hibernate 4.2 and 4.3. This means that SpringJtaPlatform can’t be used
on current versions of WAS. Futhermore, SpringJtaPlatform won’t work on
WAS even if we could use Hibernate 4.3 as WAS doesn’t make its
TransactionManager available to application code (it’s considered too
dangerous for general consumption) and SpringJtaPlatform
requires a TransactionManager.
This commit updates HibernateJpaAutoConfiguration to always treat WAS as
a special case and configure Hibernate with one of its WAS-specific
JtaPlatform implementations.
Closes gh-2326
Previously, when JpaProperties was applying additional properties it
discarded any existing properties. This meant that custom
configuration of Hibernate's JtaPlatform was not detected and that
Boot's SpringJtaPlatform would always be configured instead.
This commit updates JpaProperties to include all of the existing
properties when it's asked to apply any additional properties.
See gh-2348
Closes gh-2359
This commit prevents the `Accept-Charset` from being written by the
StringHttpMessageConverter. This feature is enabled by default in the
framework and writes a *quite long* response header with all charsets
supported by the server.
Closes gh-2370, see gh-1800
Jetty’s GzipFilter is a container-agnostic Filter that can be used to
provide gzip and deflate encoding of HTTP responses. This commit adds
auto-configuration for GzipFilter that is enabled when
org.eclipse.jetty:jetty-servlets is on the classpath. The filter can
be configured using spring.http.gzip.*
See gh-2031
Tomcat provide built-it support for gzip compression of HTTP responses.
This commit adds support for enabling and configuring this compression
via the environment using server.tomcat.compression and
server.tomcat.compressableMimeTypes.
See gh-2031
Previously, some classes that were annotatated with
@ConditionalOnWebApplication assumed that, if the application was a
web application, Spring MVC (spring-webmvc) would be on the classpath.
If it was not, the application would fail to start, typically with an
error relating to WebMvcConfigurerAdapter being unavailable.
This commit updates the affected configuration classes and annotates
them with @ConditionalOnClass(WebMvcConfigurerAdapter.class) to
ensure that their auto-configuration only takes effect if its a web
application and Spring MVC is on the classpath.
Fixes gh-2345
The package names changed a bit from the prototype project, but wuth vanilla
autconfiguration usage that shouldn't matter. Follows closely the Groovy
templates support. Templates live in classpath:/templates/*.html by default.
Fixes gh-2242
Fix ParentAwareNamingStrategy to set ObjectName properties for the
'identity' and 'context' attributes. Also update JmxAutoConfiguration
to ensure that the ParentAwareNamingStrategy is created in each context
and that the `mbeanExporter` bean is created. Prior to this commit the
nested @EnableMBeanExport class always meant that the mbeanExporter
condition never matched.
Fixes gh-2243
Update WebMvcAutoConfiguration to ensure than the viewResolver bean
is not created if a user defined ContentNegotiatingViewResolver bean
is defined.
Fixes gh-2269
Update WebMvcAutoConfiguration so that the RequestMappingHandlerMapping
bean is @Primary. Prior to this commit a NoUniqueBeanDefinitionException
would be thrown then using the MvcUriComponentsBuilder.
Fixes gh-2237
Add Ordered interface to all EmbeddedServletContainerCustomizers with
a value of 0. Prior to this commit it was difficult for a user to
define a customizer that would be applied before ours, even if they
implemented Ordered or added @Order annotations.
Fixes gh-2123
Update HibernateJpaAutoConfiguration to catch NoClassDefFoundError when
setting the JTA_PLATFORM. The exception can occur when running on WAS
since it ships with Hibernate 4.2 and SpringJtaPlatform extends from
AbstractJtaPlatform which is not present.
The exception is now ignored if a JDNI environment is available,
otherwise it is re-thrown.
Fixes gh-2218
Update HypermediaAutoConfiguration to apply the Jackson2HalModule to
the primary ObjectMapper. This restores the behavior of Spring Boot
1.1 where HATEOAS types could be serialized for both `application/json`
and `application/json+hal` content types.
A `spring.hateoas.apply-to-primary-object-mapper` property has also been
provided to opt-out if necessary.
Fixes gh-2147
The Servlet spec prohibits ServletContextListeners from being registered
programatically other than from with a call to
`ServletContainerInitializer.onStartup`. This restriction is not
consistently enforced by the various embedded servlet containers that
Boot supports:
- Jetty 8 does not enforce the restriction.
- Jetty 9 enforces the restriction. We were working around it be calling
setExendedListenerTypes(true) on the context.
- Tomcat somewhat enforces the restriction: it doesn't allow a
ServletContextListener to be added once the first
ServletContextListener has been called. We were using a
LifecycleListener to drive the ServletContextListeners.
- Undertow enforces the restriction and we were not working around it.
This resulted in gh-2192 being raised.
ServletListenerRegistrationBean is a ServletContextListener and is used
to register listeners, including ServletContextListeners, with the
servlet context. To adhere to the letter of the servlet spec this means
that ServletListenerRegistrationBeans need to be called from with
ServletContainerInitializer.onStartup. This commit updates all of the
embedded servlet container implementations to use a
ServletContainerInitializer to drive any ServletContextInitializers.
This makes the lifecycle more consistent across the supported containers
and allows ServletListenerRegistrationBeans to be able to register
ServletContextListeners on all supported embedded containers.
Fixes gh-2192
Update GroovyTemplateAutoConfiguration so that the `/template`
folder check only occurs when the groovy-all jar is not being
used.
Fixes gh-2190
See gh-1915
Add auto-configuration for thymeleaf-extras-conditionalcomments which
allows parsing of conditional comments for IE.
Example:
<!--[if lt IE 8]>
<link rel="stylesheet" th:href="@{/styleIE.css}"
type="text/css"/>
<![endif]-->
Without this dialect all Thymeleaf attributes are ignored inside the
comment.
Fixes gh-2113
Update DispatcherServletAutoConfiguration to alias a MultipartResolver
that is not named correctly. This allows the DispatcherServlet to pick
up any MultipartResolver bean, regardless of its name.
See gh-2162
Update MongoDataAutoConfiguration to set the MongoMappingContext
initialEntitySet by scanning for @Document or @Persistent classes
from AutoConfigurationPackages.
Fixes gh-2107
Since we use a composite ViewResolver glbally by default it can be
awkward to switch off the view technology that you have on the classpath
but aren't actually using.
Update Rest, Hypermedia and HttpMessageConverter auto-configuration to
ensure beans are created in the correct order.
Prior to this commit the MappingJackson2HttpMessageConverter bean would
not be created because Spring Data Rest's TypeConstrained versions had
already been registered.
Fixes gh-1729
Update JndiConnectionFactoryAutoConfiguration to ensure that the
JmsProperties bean is created. Prior to this commit deployment to
a WildFly would fail with a NoSuchBeanDefinitionException.
Fixes gh-2072
Add a `spring.mvc.set-ignore-default-model-on-redirect` property to
allow RequestMappingHandlerAdapter.setIgnoreDefaultModelOnRedirect to
be easily customized and change the default value to 'true'.
Fixes gh-2018
Previously, tuning the pubSubDomain flag only impacted the created
JmsTemplate leaving any default listeners with the default settings.
If no default JmsListenerContainerFactory is defined, the created
one is using that property as well now.
SecurityAutoConfiguration, via its import of
AuthenticationManagerConfiguration, requires spring-security-config
to be on the classpath as AuthenticationManagerConfiguration extends
GlobalAuthenticationConfigurerAdapter from spring-security-config.
This commit makes SecurityAutoConfiguration conditional on the
presence of GlobalAuthenticationConfigurerAdapter so that the
auto-configuration will be disabled in its absence rather than causing
an app to fail to start.
Closes gh-2046
When the user provides their own AuthenticationManager we do a lazy
initialization and didn't (till now) inject the AuthenticationEventPublisher
Fixes gh-2033
Set the field javadoc of many properties that are managed via
configuration so that the "description" field is available in the
meta-data.
Closes gh-1808
Previously, the host had to have a custom value for the configuration
of the port or credentials (username and password) to take effect. This
meant, for example, that you couldn’t just set the port or just set the
username and password while using the default host.
This commit allows the port or username and password to be configured
without also configuring the host. The default host (localhost) and
port (27017) are retained.
Fixes gh-2008
Previously, when @EnableAutoConfiguration was used in multiple packages,
the last @EnableAutoConfiguration that was processed would
win and only its package would be stored as an auto-configuration
package.
This commit updates AutoConfigurationPackages to allow multiple package
name registrations. AutoConfigurationPackages.set(…) has been altered to
augment the constructor arguments of the BeanDefinition registered for
the initial call to the method so that the packages handed to the method
call will be added to the bean definition and not replace the previous
ones. The method has been renamed register(…) to reflect the changed
behavior.
Closes gh-1994
If you inject the class (via a servlet parameter) it seems that
Jersey tries to create all the beans for you (and fails). I thought
it was supposed to work (according to the docs), so I'm a bit confused
but the sample now has Spring DI and the tests pass.
Fixes gh-1981
Update MongoDataAutoConfiguration to provide easier configuration of
CustomConversions, the MappingMongoConverter, MongoMappingContext
and an authentication database.
Fixes gh-1619
Fixes gh-1730
Update BeanTypeRegistry to gracefully ignore LoadBeanClassException and
BeanDefinitionStoreException exceptions in the same way as
DefaultListableBeanFactory.doGetBeanNamesForType() does.
Fixes gh-1955
Previously, HypermediaAutoConfiguration would trigger the creation of
an ObjectMapper bean named _halObjectMapper. This bean did not have the
spring.jackson.* configuration applied to it, however its presence
would revent JacksonAutoConfiguration from creating its
ObjectMapper. This left the user with an ObjectMapper that did not
honour the spring.jackson.* configuration.
This commit updates HypermediaAutoConfiguration to use the
Jackson2ObjectMapperBuilder that may have been created by
JacksonAutoConfiguration. If the builder exists it is used to configure
the _halObjectMapper bean.
Fixes gh-1949
The http.mappers.* configuration properties assumed that the mapping
was JSON (on of the property names was jsonPrettyPrint) and also only
exposed a small subset of the configuration options supported by
Jackson (and GSON). The property names implied that it would configure
all HTTP mapping, however it was ignored by GsonAutoConfiguration.
This commit deprecates the support for http.mappers.* in favour of
configuring Jackson or Gson instead. Jackson can be configured
declaratively using the spring.jackson.* properties or programtically.
Gson can be configured programatically by using a GsonBuilder to
create a Gson instance with the desired configuration.
gh-1946 has been opened to add support for declarative configuration
of Gson.
Closes gh-1945
Previously, only the http.mappers.json-sort-keys property was applied
by JacksonAutoConfiguration. This commit updates it to also apply the
http.mappers.json-pretty-print property as well.
See #1919
Previously, configuration of a ServletContext init parameter required
the use of a ServletContextInitializer bean. This commmit adds
support for declarative configuration via the environment using
server.context_parameters.<name>=<value>.
Closes gh-1791
Add additional @AutoConfigureAfter elements to ActiveMQAutoConfiguration
and HornetQAutoConfiguration to ensure that they are configured after
JndiConnectionFactoryAutoConfiguration.
The possible sources for a JMS ConnectionFactory are:
1. JNDI
2. HornetQ (embedded broker or an external broker)
3. ActiveMQ (embedded broker or an external broker)
The last two auto configurations must run after JTA auto-configuration
has completed as it may register additional beans that are necessary to
enable XA.
Previously, the HornetQ embedded broker would start regardless of the
presence of a ConnectionFactory as a ConditionalOnMissingBean was
missing. Furthermore, there was no order condition for the JNDI
auto-configuration so it may just run after one of the broker has been
found.
JNDI takes now precedence to be consistent with the regular DataSource
auto configuration.
Fixes gh-1821
Change the default value of spring.datasource.jmx-enabled to false
to prevent InstanceAlreadyExistsException problems when using the
Spring Test Framework.
Fixes gh-1590
Update the auto-configured PersistenceExceptionTranslationPostProcessor
to proxy target classes as well as interfaces. Also provide a config
property to disable registration all together.
Fixes gh-1844
Add `CommonsLoggingLiquibaseLogger` implementation to adapt Liquibase's
`Logger` to Apache Commons Logging.
The `LiquibaseAutoConfiguration` class has also been updated to
automatically use the adapter
Fixes gh-1840
Upgrade to latest versions of Tomcat and Jetty and to the latest Servlet
API whilst will remaining compatible with Tomcat 7 and Jetty 8.
Fixes gh-1832, gh-369
Disable JTA auto-configuration altogether with a simple property. This
can be useful if the environment is JTA capable but the application does
not require it.
Fixes gh-1457
Override the default StringHttpMessageConverter provided by the standard
Spring MVC configuration so that is uses UTF-8 instead of the aging
default of the servlet spec (that is ISO-8859-1)
Fixes gh-1800
The old resolver class is deprecated already, and there's no reason
to continue to support the View and View resolver implementations
from Boot 1.1, so I removed those. Also there is no need to support
older versions of Groovy, so I removed a config class that was
conditional on a groovy version (by looking for the markup support).
Fixes gh-1578
Add a @NestedConfigurationProperty annotation which can be used to
customize how configuration mete-data is generated.
Prior to this commit only inner-classes where considered nested
(see Tomcat in ServerProperties). Using this new annotation, the Ssl
property in ServerProperties can be detected as well.
See gh-1001
Update the `spring-boot`, `spring-boot-autoconfigure` and
`spring-boot-actuator` project to generate configuration meta-data
files during compilation.
See gh-1001
Update OnBeanCondition to use a new BeanTypeRegistry which includes
optimized code when using a DefaultListableBeanFactory. The optimized
version calculates bean types only once per bean and caches the result.
Prior to this change the sample "pet clinic" application would spend
400-500 milliseconds evaluating OnBeanConditions, after this change it
spends around 120 milliseconds.
Fixes gh-1803
Instead of just blindly creating the default authentication manager, after
thic change we count the beans of type GlobalAuthenticationManagerConfigurer
and assume that if we detect more than we expect (one from Boot and one from
Spring Security) then the user is telling us they want to configure the
AuthenticationManager themselves.
Fixes gh-1801
GroovyWebConfiguration creates a GroovyTemplateViewResolver which is
a UrlBasedViewResolver sub-class. UrlBasedViewResolver is provided
by spring-webmvc. Previously, if a user configured a web application
but did not have spring-webmvc on the classpath, the application
would fail to start with a NoClassDefFoundError for
UrlBasedViewResolver.
This commit makes GroovyWebConfiguration conditional on
UrlBasedViewResolver being on the classpath so that it backs of in
the absence of spring-webmvc.
Fixes gh-1793
Previously, Spring Security's filter had no configured order. Due to
the use of AnnotationAwareOrderComparater this meant that its order
defaulted to LOWEST_PRECEDENCE. This meant that a user had to declare
a FilterRegistrationBean for the filter and explicitly set its order
if they want another filter to run after Spring Security's.
This commit updates the security auto-configuration to assign a
default order of zero to Spring Security's filter, allowing filters
to be easily configured to run before it or after it. This default
value can overridden using the server.filter-order property. The
default order is also exposed as a constant on SecurityProperties,
allowing it to be referenced from other filter declarations.
Closes gh-1640
Spring IO Platform already provides dependency management for JavaMail.
This commit updates Boot’s new JavaMail dependency management to align
with the Platform, thereby allowing the Platform to inherit Boot’s
dependency management instead of defining its own.
This commit adds a new starter to auto-configure a MailSender when the
necessary classes are present and when the property "spring.mail.host" is
set.
The auto-configuration also accepts any arbitrary properties that
JavaMail might need using the "spring.mail.properties" prefix.
Fixes gh-1760
Previously, the regular jms connection factory was always overriding
the xaConnectionFactory when using ActiveMQ. While
ActiveMQAutoConfiguration is namely shielded with a condition on a
missing ConnectionFactory bean, said configuration class also imports the
XA and regular configuration classes that both can create the connection
factory.
This commit adds a ConditionalOnMissingBean in the second class that is
imported in case the XA configuration has already defined what it needs.
Fixes gh-1727
This is a follow-on from the changes made in 2b7bf3e. In addition to the
problematic use of @ConditionalOnClass that was addressed in 2b7bf3e,
JerseyAutoConfiguration also used @ConditionalOnBean referencing a
Jersey class. This has the same problem when used on a class that
implements WebApplicationInitializer. Implementing
WebApplicationInitializer causes the class’s annotations to be
introspected during servlet container initialiser processing. If a
@ConditionalOnBean annotation references a Class that cannot be
loaded an ArrayStoreException occurs.
This commit updates JerseyAutoConfiguration to reference ResourceConfig
as a String. This allows it annotations to be introspected without
attempting to load a Jersey class that may not be on the classpath.
Fixes gh-1733
Fixes gh-1719
Previously, Bitronix's server ID was hard-coded to be
spring-boot-jta-bitronix. This created the possibility of multiple
transaction managers performing recovery on each other's behalf as
they would be unable to identify their own XIDs due to the common
server ID.
This commit reinstates the default (which is the IP address of the
machine on which Bitronix is running), and introduces a new
property, spring.jta.transaction-manager-id, that can be used to
configure the id for both Atomikos and Bitronix. A cautionary note
has also been added to the documentation for Atomikos and Bitronix
explaining the need to configure this property.
Closes gh-1548
Spring 4.1 has added support for XML HTTP message conversion using
Jackson. This was resulting in the response being sent back as XML
rather than JSON. Jackson's XML support doesn't cope well with lists
when it's being asked to deserialize to a Map [1] which is what the
test was doing.
This commit updates the test to indicate that it only accepts
application/json, thereby ensuring that the response can be correctly
deserialized into a Map.
Fixes gh-1715
[1] https://github.com/FasterXML/jackson-dataformat-xml/issues/122
Maven is configured to run tests found in classes ending in Tests.
This meant that the tests in BasicErrorControllerIntegrationTest (note
the missing s) were not being run.
This commit renames the test class so that it's picked up by Maven.
Previously, Spring Data’s web support was auto-configured as part of the
JPA repositories auto-configuration. However, Spring Data’s web support
isn’t dependent on the use of Spring Data JPA or even repositories.
This commit moves the auto-configuration into a standalone class, making
it independent of the use of Spring Data JPA and Spring Data
repositories.
Closes gh-1097
JerseyAutoConfiguration is annotated with @ConditionalOnClass. It
references both SpringComponentProvider.class and
ServletRegistration.class. Normally, this wouldn't be a problem as, in
the absence of either of those classes, the configuration class bean
will not be present in the bean factory and, therefore, its
annotations will never be introspected using reflection.
However, JerseyAutoConfiguration is a WebApplicationInitializer. This
means that when it's deployed to a standalone container,
JerseyAutoConfiguration is found by the container and its class is
passed to SpringServletContainerInitializer.
SpringServletContainerInitializer introspects every
WebApplicationInitializer class so that it can order them. This blows
up if Jersey's SpringComponentProvider class isn't on the classpath as
the annotation is referencing SpringComponentProvider as a Class and
the attempt to load it fails. The problem can be avoided by
referencing SpringComponentProvider using a String.
Fixes gh-1696
Remove the direct unconditional JmsBootstrapConfiguration @Import from
JmsAnnotationDrivenConfiguration in favor of the nested
EnableJmsConfiguration class.
Fixes gh-1513
Update FaviconConfiguration to allow favicon.ico files to be resolved
from static resource folders (/META-INF/resources, /resources, /static,
/public) in addition to the root classpath.
Fixes gh-1656
Replace where possible all @ConditionalOnExpression annotations with
@ConditionalOnProperty which is both faster to run and more descriptive.
Fixes gh-1685
Previously, RepositoryRestMvcBootConfiguration was not annotated with
@Configuration. This meant that it was processed in lite mode.
Crucially, in lite mode, there’s no proxying so each call to the
config() @Bean method from within other @Bean methods resulted in the
creation of a new RepositoryRestConfiguration instance. Furthermore, as
each of these instances wasn’t a Spring bean the configuration
properties were not applied.
This commit updates RepositoryRestMvcBootConfiguration to annotate it
with @Configuration so that it’s no longer processed in lite mode. It
also updates the unit tests and the Spring Data REST sample to verify
that the baseUri can be configured using application.properties.
Fixes gh-1675