This commit improves ValidationAutoConfiguration so that a `Validator`
bean is exposed if JSR 303 is available. This has the side effect of
automatically enable Spring Data Couchbase's entity validation rather
than requiring to expose a `Validator` bean.
Closes gh-5178
Previously, ValidationAutoConfiguration would configure a
MethodValidationPostProcessor if any Bean Validation 1.0 or later
implementation was available, however the underlying infrastructure
requires Bean Validation 1.1 with any implementation or
Bean Validation 1.0 with Hibernate Validator 4.3.
This caused a problem on TomEE which uses Apache BVal, and Bean
Validation 1.0 implementation. Spring Framework would identify that
Bean Validaton 1.0 was being used and then try to load Hibernate
Validator classes that are not present.
This commit fixes the problem by requiring Bean Validation 1.1 before
auto-configuring a MethodValidationPostProcessor.
Closes gh-7665
Update `SpringBootWebSecurityConfiguration` to ignore requests by
delegating to `IgnoredRequestCustomizer` beans. This allows a single
Spring Boot `WebSecurityConfigurer<WebSecurity>` bean to be used which
prevents potential exceptions caused by duplicate `@Order` values.
Fixes gh-7106
Previously, if a user specifies a path to a schema or data DDL that does
not exist, the application will start up fine and the missing DDL would
not be reported.
This commit validates that user-defined resources actually exist and
throw a new `ResourceNotFoundException` if they don't.
Closes gh-7088
Previously, if `spring.couchbase.bootstrap-hosts` was specified in YAML
or with the `[Idx]` notation, the auto-configuration would not kick in.
This is due to a limitation of `@ConditionalOnProperty` on a property of
type Collection. This commit workarounds this limitation for now with a
dedicated condition.
Closes gh-7508
Checking for the presence of a `ValidationProvider` resource is
unfortunately not enough to trigger the validation auto-configuration.
If `hibernate-validator` is added on the classpath without a `javax.el`
implementation, the former will blow up on startup. So far this was a
pilot error so we didn't have to care about it. Now that we have an
auto-configuration that may lead to this error, we need to be extra
careful and check that scenario ourselves.
This commit adds an extra condition that runs as late as possible and
attempt to actually initialize a `Validator`. If that fails for whatever
reason, the auto-configuration will now back off.
Several additional tests have been added to exercise this scenario.
Closes gh-6228
This commit deprecates `server.max-http-post-size` and introduces a
dedicated property for each supported container. In particular, Undertow
can now define a max size higher than 2GB.
Closes gh-7362
This commit auto-configures `MethodValidationPostProcessor` if necessary
when a JSR-303 validator implementation is detected on the classpath.
Closes gh-6228
If `OnBeanCondition` is used with a `String` literal representing the
fully qualified name of a bean and such type does not exist, it
gracefully manages it as if it was not found. Prior to this commit, an
exception would be thrown if any related class such as the parent
class does not exist.
This commit handles this additional case, catching `NoClassDefFoundError`
the same way it did handle `ClassNotFoundException`. That way, a
missing type will now be considered as absent if it's not on the
classpath.
Closes gh-7459
This commit reverts 7e2d0fd so that the Couchbase auto-configuration can
work without Spring Data again. It also removes the `Class` reference to
a Spring Data class to a `String` reference to make sure the condition
operates properly when said class isn't on the classpath.
Closes gh-7453
- Apply code formatting
- Move configuration of excepted exception to immediately before line
that will throw the exception
- Use String.format with %n to produce platform-specific new lines
See gh-7407
Previously, both HypermediaAutoConfiguration and HttpMessageConverters
assumed that if Spring HATEOAS was on the class path, then Jackson
would be too. When this was not the case, an application would fail
to start.
This commit updates both classes to back off appropriately when
Spring HATEOAS is on the classpath but Jackson is not.
Closes gh-7434
We use some internal Mockito classes and some breaking API changes
have been made to them in Mockito 2. This commit introduces a utility
class, SpringBootMockUtil, to shield our code from these differences.
Mockito 1 is called directly and Mockito 2 is called via reflection.
To allow these changes to be tested, FilteredClassPathRunner has been
enhanced to also support overriding a dependency on the class path.
As a result it has been renamed to ModifiedClassPathRunner. The new
ClassPathOverrides annotation can be used to provide the Maven
coordinates of one or more dependencies that should be resolved and
added to the class path. Such additions are added to the start of
the class path so that they override any existing dependency that
contains the same classes.
Closes gh-6520
This commit adds an extra property to the `server.tomcat.accesslog` to
control the `reqestAttributesEnabled` flag. This flag sets request
attributes for IP address, Hostname, protocol and port used for the
request.
Closes gh-7367
Add `content-security-policy` and `content-security-policy-mode`
`security.header` properties and update auto-configuration to apply
them when specified.
Fixes gh-7373
Closes gh-7357
Update JpaBaseConfiguration so that the persistenceUnitRootLocation is
no longer detected. The update to gh-7003 means that we can now rely on
the standard detection mechanism.
Fixes gh-6983
See gh-6635
Previously, if an auto-configuration class was (wrongly) located in a
candidate package for component scanning, the class was silently loaded
as an app configuration (i.e. with the wrong lifecycle).
This commit adds an `AutoConfigurationExcludeFilter` to
`@SpringBootApplication` so that such classes are automatically
filtered. Since they are registered in `spring.factories`, we can
silently ignore them since we know they'll be loaded later on.
Closes gh-7168
This commit improves `TomcatEmbeddedServletContainerFactory` so that tld
skip patterns can be set or added to an existing set. An additional
`server.tomcat.additional-tld-skip-patterns` is now being exposed to
easily add patterns via configuration.
Closes gh-5010
Phillip Webb
Stephane Nicoll
Andy Wilkinson
Madhura Bhave
Mark Paluch
Johnny Lim
Oscar Utbult
Eddú Meléndez
Vedran Pavic
Grigory Fadeev
Gary Russell
Christoffer Sawicki
Spring Buildmaster
Matthieu Mouminoux
Maciej Walkowiak