Commit Graph

1285 Commits (6361a6728a0e851950b34fe8a2ecf38c90ff64f9)

Author SHA1 Message Date
Phillip Webb cb7c0b5031 Merge branch '1.5.x' 8 years ago
Johnny Lim 8038882d46 Polish
Closes gh-7403
8 years ago
Andy Wilkinson 4edab86ba2 Merge branch '1.5.x' 8 years ago
Andy Wilkinson 387a406aad Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb d8b7d6dfdc Merge branch '1.5.x' 8 years ago
Phillip Webb 449b42ffa0 Polish LinksEnhancer to use endpoint name
See gh-7164
See gh-7132
8 years ago
Madhura Bhave ada02232b9 Change LinksEnhancer to use endpoint name
Update `LinksEnhancer` to use NamedEndpoint names as rel names. If the
endpoint name is not available, fallback to endpoint path. Allow
multiple hrefs per rel if path is different.

Fixes gh-7132
Closes gh-7164
8 years ago
Madhura Bhave 0e3a3df6f4 Return log levels in `/loggers` endpoint payload
Update `LoggersEndpoint` to additionally return the log levels actually
supported by the system.

Fixes gh-7396
8 years ago
Phillip Webb 764f13453a Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb bacf0878af Polish 8 years ago
Andy Wilkinson 86c55dda16 Merge branch '1.5.x' 8 years ago
Andy Wilkinson 24cc5d5644 Give javac's type inferencing a helping hand 8 years ago
Andy Wilkinson e26a3e3766 Merge branch '1.5.x' 8 years ago
Andy Wilkinson 22e456a177 Merge branch '1.4.x' into 1.5.x 8 years ago
Madhura Bhave ed75ed3d93 Merge branch '1.5.x' 8 years ago
Madhura Bhave 2697bf2ba1 Add Content-Type to allowed headers for CloudFoundry actuators
See gh-7108
8 years ago
Madhura Bhave e1a216e34a Merge branch '1.5.x' 8 years ago
Madhura Bhave af61278213 Extend HealthMvcEndpoint for Cloud Foundry
The CloudFoundryHealthMvcEndpoint does not perform additional
security checks since security is handled by the interceptor.

See gh-7108
8 years ago
Madhura Bhave a3bcb2778f Add message to response body for Cloud Foundry security error
See gh-7108
8 years ago
Spring Buildmaster e712a9ba8c Next Development Version 8 years ago
Andy Wilkinson f3c2f55cbe Merge branch '1.5.x' 8 years ago
Andy Wilkinson 2e76687d17 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 5f44598d8b Remove use of static import that Checkstyle prohibits 8 years ago
Andy Wilkinson 04a869bbe7 Merge branch '1.5.x' 8 years ago
Andy Wilkinson 218d28f74c Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 33dcd853fd Ensure that health endpoint remains insecure without Spring Security
The changes made in 6a2ac080 mean that getSecurity() on
ManagementServerProperties will no longer return null when Spring
Security is on the classpath. This had the unwanted side-effect of
causing the health endpoint to hide its details when Spring Security
was not on the classpath.

This commit reinstates the previous behaviour by only considering
the health endpoint to be secure if Spring Security is on the
classpath and management.security.enabled is true.

Closes gh-7345
8 years ago
Madhura Bhave 372cfb3dff Merge branch '1.5.x' 8 years ago
Madhura Bhave 82f89b4ac1 Add custom headers to allowed CORS headers for CF actuators
Update CORS configuration to support Authorization and X-Cf-App-Instance.

See gh-7108
8 years ago
Stephane Nicoll d32da0d692 Merge branch '1.5.x' 8 years ago
Stephane Nicoll 01e66ecbd5 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 2c71cb8efd Polish 8 years ago
Stephane Nicoll 4407194c00 Replace sample by integration test
Closes gh-3888
8 years ago
Stephane Nicoll 71bbd9faaf Polish
See gh-7322
8 years ago
Phillip Webb 3435fdf7fd Merge branch '1.5.x' 8 years ago
Phillip Webb 6c76353682 Default `management.cloudfoundry.enabled` to true
Update `CloudFoundryActuatorAutoConfiguration` so that it is enabled
when `management.cloudfoundry.enabled` is missing.

See gh-7108
8 years ago
Madhura Bhave a77cfc3b0e Skip SSL validation when calling Cloud Foundry
Update CloudFoundrySecurityService so that SSL validation is not
required. We're unlikely to have configured public keys for the
REST endpoints we need to call. Since the endpoints are provided via
environment variables we can implicitly trust them.

See gh-7108
8 years ago
Madhura Bhave 862a06eb7a Add POST to allowed CORS methods for CF actuators
Update CORS configuration to support POST.

See gh-7108
8 years ago
Madhura Bhave 1005feb27d Update discovery endpoint to respect AccessLevel
Change `CloudFoundryDiscoveryMvcEndpoint` so that `AccessLevel` rights
are consulted so that only accessible links are returned.

See gh-7108
8 years ago
Madhura Bhave 340f1d5574 Add security for Cloud Foundry actuators
Add security to Cloud Foundry actuator endpoints. Security is enforced
by a `HanderInterceptor` on `CloudFoundryEndpointHandlerMapping`. Each
endpoint call expects an 'Authorization' header containing a bearer
token. The token signature is checked against the UAA public keys then
passed to the Cloud Controller to obtain an ultimate access level.

The client may either have 'RESTRICTED' or FULL' access, with the latter
only providing access to a limited set of endpoints.

See gh-7108
8 years ago
Phillip Webb 0cdde3b83c Merge branch '1.5.x' 8 years ago
Phillip Webb 81c5753f4d Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 6a2ac080ac Create our own SessionCreationPolicy enum
Update `ManagementServerProperties` so that `security.sessions` no
longer uses `SessionCreationPolicy` from Spring Security. We now
use our own enun which allows `management.security.*` properties to
be set without the risk of a `ClassNotFoundException`.

Fixes gh-3888
8 years ago
Andy Wilkinson f7618cb421 Merge branch '1.5.x' 8 years ago
Andy Wilkinson bdfceae24c Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 97e5e32496 Make sure the MetricsFilter uses committed response's status
Previously, if an exception was thrown during request handling after
the response had been committed, i.e. after the status and headers
had been written, the metrics filter would assume that it was a 500
response. This was potentially inaccurate as the status had already
been sent to the client and before the exception was thrown and it
may have been something other than a 500.

This commit updates MetricsFilter so that it will use the
status from the response if the response has been committed even when
an exception is thrown.

Closes gh-7277
8 years ago
Andy Wilkinson 8026b2e7a0 Merge branch '1.5.x'
See gh-6982
8 years ago
Andy Wilkinson fe50b2019e Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson b191974faa Reflect Java 7/8 differences in javadoc for metric repository auto-config
Closes gh-6985
8 years ago
Phillip Webb 98a3ae9ac4 Merge branch '1.5.x' 8 years ago
Phillip Webb 5b66ffbb4b Merge branch '1.4.x' into 1.5.x 8 years ago