Commit Graph

1641 Commits (5f3462f3584a4666577fe0a67c86bfc83a335f83)

Author SHA1 Message Date
Christian Dupuis 384dfc91e3 Fix some tests to prevent JMX registration issues 11 years ago
Christian Dupuis 4ed4ed905d Make EndpointMBeanExportAutoConfiguration public 11 years ago
Christian Dupuis 06ffcdd3cc Change configuration to use ConfigurationProperties instead of direct access to environment for MBean export 11 years ago
Christian Dupuis 65d6757a10 Rework EndpointMBeanExporter to prevent name clashes and to provide more flexibility in naming of endpoint MBeans 11 years ago
Dave Syer 8e2a6eec2a Add database query defaults in SimpleHealthManager 11 years ago
Dave Syer 063403a043 Close connection properly in /health
Fixes gh-181
11 years ago
Dave Syer fa507005cd Use ServletWrappingController for jolokia instead of Servlet
We get more control over the handling and in particular the registration
of the endpoint this way. It was practically impossible to disable the
AgentServlet bean when in a parent context of the management server
because of lifecyce issues - you don't know that the user wants a
separate management server until too late.

This approach also makes it possible to test with spring-test MVC
support.
11 years ago
Christian Dupuis 72ae5d5a97 Rename invoke JMX operation
Rename invoke JMX operation to getData for endpoints that provide actuator data. Special case for ShutdownEndpoint to provide a shutdown method.
11 years ago
Christian Dupuis 31f7807acf Change naming strategy for endpoint mbeans 11 years ago
Dave Syer e2c962ac28 Switch to thymeleaf-spring4 11 years ago
Phillip Webb d6dbbebc88 Polish 11 years ago
Phillip Webb 7c78b74a76 Minor polish 11 years ago
Phillip Webb 43b820a7d3 Rename Endpoint path to ID 11 years ago
Dave Syer 451acb5679 Move JolokiaEndpoint so it is not an Endpoint 11 years ago
Dave Syer 7f1264bb65 Replace @FrameworkEndpoint with MvcEndpoint interface 11 years ago
Dave Syer 87e00cfae9 Extract MVC concerns completely from Endpoint implementations 11 years ago
Dave Syer 6443800038 Add actuator-noweb sample 11 years ago
Dave Syer 332f23a0ee Add parent properties to config props endpoint 11 years ago
Dave Syer bbac4ea9fb @FrameworkEndpoint replaces EndpointHandlerAdapter 11 years ago
Christian Dupuis 5a978e2f31 Change strategy from ApplicationListener to SmartLifecycle to avoid multiple registration attempts for the same beans
When running with parent/child application contexts the previous implementation was trying to re-register the same beans with JMX which led to errors.
11 years ago
Christian Dupuis 0a04b74379 Allow configuration of domainName and key for endpoint JMX export 11 years ago
Christian Dupuis cd1a228210 Allow Endpoint JMX export to be switched off 11 years ago
Christian Dupuis 32818515b7 Expose endpoints via JMX
Actuator endpoints are now being exposed over JMX.
11 years ago
Phillip Webb 513c6a1de2 Polish 11 years ago
Phillip Webb 85fb1cba0b Rework HttpMessageConverters 11 years ago
Dave Syer b72002142d Split MessageConverters auto config out into separate class 11 years ago
Dave Syer c78973e375 MessageConverters -> HttpMessageConverters 11 years ago
Dave Syer c2b499c775 Support for @Beans of type HttpMessageConverter, and Jackson specific details
You can contribute additional HttpMessageConverters
by simply adding beans of that type in a Spring Boot
context. If a bean you add is of a type that would have been included
by default anyway (like MappingJackson2HttpMessageConverter for JSON
conversions) then it will replace the default value. A convenience
bean is provided of type MessageConverters (always available if you
use the default MVC configuration) which has some useful methods to
access the default and user-enhanced message converters (useful, for
example if you want to manually inject them into a custom
RestTemplate).

There are also some convenient configuration shortcuts for Jackson2.
The smallest change that might work is to just add beans of type
Module to your context. They will be registered with the default
ObjectMapper and then injected into the default message
converter. In addition, if your context contains any beans of type
ObjectMapper then all of the Module beans will be registered with
all of the mappers.
11 years ago
Dave Syer beef5cfd31 Prevent type not present exception when no security on classpath 11 years ago
Dave Syer b05ffd1164 Add extra condition to security properties config 11 years ago
Dave Syer 1db28e5b92 Prevent cryptic exception if SecurityProperties not created
Previously if a user happened to provide an @EnableWebSecurity bean
the SecurityProperties would not be created, which is fine until you
add the Actuator (which needs them). Fixed by adding an explicit
SecurityProperties @Bean if not already present.
11 years ago
Dave Syer 023faf092f Fix broken test 11 years ago
Dave Syer bcae284dd9 Add a shim Endpoint if management context is child
When management endpoints are on a different port the HandlerMappings
are restricted to a single EndpointHandlerMapping, so the error
controller (which is a normal @Controller with @RequestMappings) does
not get mapped.

Fixed by addinga shim Endpoint on "/error" that delegates to the
ErrorController (which interface picks up an extra method).
11 years ago
Dave Syer 884fd0125a Add some handler adapter tests 11 years ago
Dave Syer 2104d9a1e2 Prevent failure of web app with parent context
ServerProperties formerly had an @OnMissingBeanCondition
that didn't restrict the hierarchy. It also asserts that
the current context (not including parents) contains such
a bean. This led to an inevitable failure when there was
an existing instance in the parent context.

Fixed by a) searching only the current context, b) not
adding a ServerProperties bean if the context is not a
web app.
11 years ago
Christian Dupuis 5661f8fc28 Test key/value sanitization 11 years ago
Christian Dupuis 078933c8fd Add actuator endpoint to expose ConfigurationProperties
This information should probably be also available from the console and log similar to AutoConfigurationReport.
11 years ago
Christian Dupuis 00c8633597 Add missing new exception class 11 years ago
Christian Dupuis 2c67e06b47 Move enablement of endpoints into AbstractEndpoint 11 years ago
Dave Syer e74da3fa73 FIXME test additions 11 years ago
Dave Syer 3e6c1b435f Add @SpringApplicationConfiguration (for integration testing)
Example:

    @RunWith(SpringJUnit4ClassRunner.class)
    @SpringApplicationConfiguration(classes = SampleDataJpaApplication.class)
    public class CityRepositoryIntegrationTests {

    	@Autowired
    	CityRepository repository;

Fixes gh-66.
11 years ago
Dave Syer 3e5e058b02 Ensure /error view is available 11 years ago
Dave Syer 8c9b7bd406 Use SimpleHealthIndicator if DataSource present 11 years ago
Dave Syer 20bede21ad Add support for parent hierarchy in AUtoConfigurationReport 11 years ago
Dave Syer b74a9b2d06 Add tests to FIXME 11 years ago
Dave Syer 171c1366f9 Move shutdown enable flag to the endpoint 11 years ago
Dave Syer 94e2f90793 Ensure endpoints.jolokia.enabled=false switches off jolokia 11 years ago
Phillip Webb f4f668a52b Polish 11 years ago
Phillip Webb 8845c9c279 Fixup for upstream Spring changes 11 years ago
Christian Dupuis 04b7b9b2ca Rework handling of default shell authentication method in the absence of Spring Security
In case Spring Security is missing from the class path, shell auto configuration will now fall back gracefully to simple authentication and emit warning to the console.

fixes #114
11 years ago
Christian Dupuis e69e190ae9 Close application context in test 11 years ago
Christian Dupuis 1b49605749 Make shell username and password configuration properties consistent with general security properties
Now simple authentication for the crsh shell can we configured using shell.auth.simple.user.name and shell.auth.simple.user.password. This is consistent with security.user.name and security.user.password.

fixes #113
11 years ago
Christian Dupuis 2d058570ca Add auto configure support for Jolokia a JMX-HTTP bridge 11 years ago
Christian Dupuis b14c607d36 Add missing tests 11 years ago
Christian Dupuis 405c9d5593 Allow management endpoints to express what http methods they support
Previously a management endpoint was either GET or POST. That requirement seems limited.
11 years ago
Christian Dupuis 845aeecbad Properly close application context in tests 11 years ago
Christian Dupuis cd89691726 Pin order to of crsh auto configuration to happen after any security related configuration
If crsh auto configuration happens too early a AuthenticationManager contributed by SecurityAutoConfiguration will not be detected
11 years ago
Dave Syer 61dd7d1dbb Add port scan to ServerProperties (server.scan=true)
Also moved ServerProperties to autoconfigure project.
11 years ago
Dave Syer bd26b28aa5 Extract actuator security into separate classes
So spring-security + a web app is secure by default
(you don't need the actuator).
11 years ago
Christian Dupuis f3a225f35f Polish and rework default authentication method if a Spring Security AuthenticationManager is available
In case a Spring Security AuthenticationManager is found in the app context the auto configuration will change default shell authentication method to auth against Spring Security. In addition shell access will get protected by the specific role configured in SecurityProperties.Management.

Certainly this can be overridden by providing shell.auth and shell.auth.spring.roles.
11 years ago
Christian Dupuis 43c0c932e6 Ensure telnet connector gets installed if available on the class path 11 years ago
Christian Dupuis 2e926601f2 Polish 11 years ago
Christian Dupuis dba8c01035 Polish 11 years ago
Christian Dupuis e16e23230c Clarify default authentication settings for shell access 11 years ago
Christian Dupuis 41cbbeba79 Re-Introduce authentication specific properties 11 years ago
Christian Dupuis e009d3e47d Polish
Fixed inconsistency in method naming after last polish. Method and class name should use 'crsh' instead of 'crash' to be aligned with CRaSH code base.

Implemented facility to provide custom shell properties by adding beans of type CrshShellProperties to the ApplicationContext.
11 years ago
Christian Dupuis dc252c7417 Remove unnecessary String concatenation 11 years ago
Dave Syer 2f7214002d Update Spring to catch SPR-11069 11 years ago
Phillip Webb 0f85f31960 Polish 11 years ago
Phillip Webb 64f32893bb Source format and clean-up 11 years ago
Phillip Webb 883fd9162f Polish 11 years ago
Dave Syer b39ab925cf Make the AutoConfigurationReportEndpoint path a bit shorter 11 years ago
Phillip Webb dc3d670019 Strip trailing whitespace 11 years ago
Christian Dupuis 1f922f49b0 Switch to placeholders in conditional expressions; Ensure that Crsh auto configuration works without Spring Security 11 years ago
Christian Dupuis a498a7f477 Make simple authentication the default and log default password 11 years ago
Phillip Webb dafeddca09 Rework auto-configure report
Update the auto-configuration report to improve log formatting and to
separate the internal report data-structure from the JSON friendly
endpoint data-structure.
11 years ago
Phillip Webb ab249b034d Rename Outcome -> ConditionOutcome 11 years ago
Christian Dupuis 9f13d291ec Return early if no plugins should be disabled 11 years ago
Phillip Webb b39ed89a6f Increase whitespace around password logging
Increase the whitespace to make the password easier to find in the log.
11 years ago
Dave Syer 68475406eb Really fix it 11 years ago
Dave Syer c144cae600 Comment out security condition pending SPR-11069 11 years ago
Phillip Webb d784cb6a88 Apply eclipse-formatter conventions 11 years ago
Dave Syer 0c79c8913f Ensure AutoConfigurationReport is always present 11 years ago
Greg Turnquist b63016d8fc Create a report based on Boot's autoconfiguration decisions
- Gather autoconfiguration conditional decisiions (true and false)
- Provide an actuator endpoint as one means to read the report
- Define @EnableAutConfigurationReport annotation to turn this feature on
- Tidy up autoconfig report a bit and log it if --debug=true
11 years ago
Christian Dupuis f9caade3cc Fix test assertion 11 years ago
Christian Dupuis 6b599b8483 Add remote shell implementation based on crsh
This commit adds a new starter named spring-boot-starter-shell-crsh and auto configuration support to embed a system shell within Spring Boot applications.

The embedded shell allows clients to connect via ssh or telnet to the Boot app and execute commands. Commands can be implemented and embedded with app.

For sample usage see spring-boot-samples-actuator.
11 years ago
Dave Syer c29d2b1be4 Remove a small race condition 11 years ago
Dave Syer 7e7d4b7d3d Only do Actuator MVC config if in a web app 11 years ago
Dave Syer bd719c1330 Nest the @EnableWebSecurity so it can be added to a condition 11 years ago
Dave Syer 761c2dabd1 Fix build 11 years ago
Dave Syer 1bd65c7487 Make context hierarchies play nicely with actuator 11 years ago
Dave Syer f84df423e8 Better implementation of ignores in security config 11 years ago
Dave Syer e4d594cce5 Avoid registering endpoints if Spring MVC not available 11 years ago
Dave Syer e53dad879d Add sample with form login 11 years ago
Dave Syer 63a2d06767 Explicitly disable security on management endpoints if requested
Previously the management endpoint filter was applied to all requests
if the user had disabled security.management.enabled, but since it
had no security applied it was letting all requests through.

The fix was to explicitly exclude the whole enclosing configuration
and carefully ignore the management endpoints in the normal security
chain.

Fixes gh-100.
11 years ago
Dave Syer 5e9b8c3340 Add missing depdendency 11 years ago
Rob Winch 77b5ad1b0b Update to Spring Security Snapshot 11 years ago
Dave Syer 0498617411 Disable whitelabel view if Thymeleaf error.html detected 11 years ago
Dave Syer 4b2cea7267 Add simple DB aware HealthIndicator 11 years ago
Dave Syer fede0d1c98 Add profiles to /env 11 years ago
Dave Syer cd5bc83533 Fix build some more after changes for gh-84 11 years ago
Dave Syer 228787e66d Fix build after changes for gh-84 11 years ago
ggerard 182328697d Spelling error: "everypone" 11 years ago
Dave Syer 345c0fc5a4 Add SpringApplicationBuilder
Builder for SpringApplication and ApplicationContext instances with
convenient fluent API and context hierarchy support. Simple example
of a context hierarchy:

   new SpringApplicationBuilder(ParentConfig.class)
               .child(ChildConfig.class).run(args);

Another common use case is setting default arguments, e.g.
active Spring profiles, to set up the environment for an application:

     new SpringApplicationBuilder(Application.class).profiles("server")
 		.defaultArgs("--transport=local").run(args);

If your needs are simpler, consider using the static convenience
methods in SpringApplication instead.

[#49703716] [bs-116] Parent context for some beans maybe?
11 years ago
Dave Syer 0df4156b57 Lazy initialization of management server properties 11 years ago
Dave Syer f7fa63bcb4 Add status and error messages to /trace
[Fixes #57949108] [bs-323] Make sure /trace shows error responses
11 years ago
Dave Syer ecc4676fb3 Tweak security example 11 years ago
lecaros cf4f549b06 change credentials order in authentication manager example
username/password pairs were incorrect. The authentication manager has "user" and "password", so those credentials should be allowed to get the actual message.
11 years ago
checketts 7236015a4d Fix the AuthenticationManagerBuilder code snippet
Fix AuthenticationManagerBuilder code snippet to add the missing the
ObjectPostProcessor parameter for the constructor.

Issue: #45
11 years ago
Dave Syer ba4a81510b Add response headers to Trace 11 years ago
Dave Syer 7a6131c466 Make InMemoryMetricRepository.increment() thread safe 11 years ago
Dave Syer 8467a66e84 Add security.management.enabled flag 11 years ago
Dave Syer 5f8f062545 Allow security.ignored=none to switch off ignores 11 years ago
Dave Syer f63071d38a Allow security.ignored to be set as a list (e.g. indexed)
In particular this allows a YAML externalization as an array
as opposed to a CSV.
11 years ago
Dave Syer 1366216b7f Add X-Application-Context header to identify app 11 years ago
Dave Syer 2ba01008bb Add headers external properties for security filters 11 years ago
Dave Syer 5d7101fb5a Really disable security for app endpoints
If the user sets security.basic.enabled=false we should just
back away from the non-management endpoints completely.
Previously the Spring Security filter was still added but with
no authentication, creating complications when unexpected
headers etc. are added by Spring Security.
11 years ago
Dave Syer 38e565e920 Back to SNAPSHOT for dev 11 years ago
Dave Syer b634b3bde6 Update to 0.5.0.M2 11 years ago
Dave Syer 9e18183dd5 Don't set deefault password if empty or unresolved 11 years ago
Dave Syer 1e0e2e7102 Switch off CSRF filter
Might need to revisit later.
11 years ago
Dave Syer 43fc107437 Fix security config
The management endpoints were still all mixed up
with the user endpoints. Fixed that and extracted
user endpoints in to conditional block so not
protected if path explicitly set to empty string.

[#53029715]
11 years ago
Dave Syer 6498f0e8b8 Add logger for default password 11 years ago
Dave Syer 621116c9b8 ManagementServerConfiguration security
Management endpoints are still secure by default if
Spring Security is present, but now the default
user details have an ADMIN role, and a random password
(which is logged at INFO level if not overridden).

To override you add management.user.password (name, role)
to external properties.

[Fixes #53029715] [bs-203]
11 years ago
Dave Syer c582fa2067 /info endpoint should be open by default
[#53029715] [bs-203] ManagementServerConfiguration security
11 years ago
ggerard 322b5e5c2b Typo (mvn -> curl) 11 years ago
Dave Syer 4c4e013c5e Avoid NPE in error controller 11 years ago
Phillip Webb cf655945aa Polish 11 years ago
Dave Syer 2ba1bd9dbb Fix security dependency in README 11 years ago
Dave Syer a2fe8a0e89 Actuator README accuracy 11 years ago
Dave Syer f645b03939 Fix pom in actuator README 11 years ago
Dave Syer 521174754e Add default /error view for HTML clients
* Add integration tests for /error view
* Add "error" @Bean as default view for HTML

Users may see side effects because now there will be
a ContentNegotiatingViewResolver by default for the
first time in a vanilla Actuator app. Should be
interesting.

[Fixes #54597932] [bs-273] Circular view reference for /error
11 years ago
Dave Syer 12f0d4d95e Rename ops package to actuate 11 years ago
Dave Syer e967c2d551 Add exception with more helpful error message.
[#54676948] Filter registered twice
11 years ago
Phillip Webb 4e11ae1671 Documentation
Various updates to README.md files.
11 years ago
Phillip Webb 1db22aca5c Rework POM structure
Rework main build POM to be an aggregator pom that does not inherit
from any parent. Introduce new spring-boot-dependencies module to
act as a parent for both spring-boot-starter-parent and
spring-boot-parent.
11 years ago
Dave Syer 4bb5de02e7 Switch back to SNAPSHOT for dev 11 years ago
Dave Syer 68e5a7e887 Bump version to 0.5.0.M1 11 years ago
Phillip Webb e1c6860a41 Documentation 11 years ago
Phillip Webb c83400d265 Move conditions from boot to autoconfigure
Issue: #54393078
11 years ago
Dave Syer 5995b7727a Ops -> Actuator 11 years ago