This reverts commit bbca612a57.
StandardJarScanner, which contains the faulty assumption about
URLClassLoader is part of Jasper. Jetty, like Tomcat, uses Jasper for
JSPs so it's also affected.
See gh-10456
This commit adds support for auto-configuration of Spring WS automatic
WSDL and XSD exposure i.e. registration of `WsdlDefinition` and
`XsdDefinition` beans. The bean registration is triggered by configuring
`spring.webservices.wsdl-locations` property which will search the
provided locations for WSDL/XSD files and register appropriate beans.
See gh-9635
This commit removes auto-configuration support for Spring Security
OAuth, paving the way for the introduction of auto-configuration for
Spring Security 5's new OAuth-related features.
Closes gh-10255
This commit improves the Spring Session sample by providing multiple
build profiles that make it possible to easily try out different session
stores. By default, JDBC session store backed by an in-memory embedded H2
database is used.
See gh-10351
This commit only provides dependency management for JUnit Jupiter,
excluding experimental and migration support artifacts. It also removes
dependency management for the platform as it is used by IDEs and build
tools). The `junit-platform.version` is still available though to allow
users to configure their plugin with a supported placeholder for the
version.
Also, given that `junit-vintage-engine`'s version does not match the
JUnit 4 version it supports, we will not add dependency management for
it.
Closes gh-10240
This commit makes the "spring.session.store-type" property optional,
adding an additional check when it is not present that validates only
one supported implementation is available on the classpath.
As Spring Session has been modularized, the chance that multiple
implementations are available on the classpath are lower. When only
one implementation is present, we attempt to auto-configure it. When
more than one implementation is present and no session store is
configured, a NonUniqueSessionRepositoryException is thrown.
Closes gh-9863
Update the security request matchers so that a bean is no longer needed
when the matcher is used. Matchers can now be build by starting from
the `EndpointRequest` or `StaticResourceRequest` classes. For example:
http.authorizeRequests()
.requestMatchers(EndpointRequest.to("status", "info")).permitAll()
.requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR")
.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
Closes gh-7958
Restructure actuator packages to improve structure. The following
changes have been made:
- Separate actuator and actuator auto-configuration into different
modules.
- Move endpoint code into `spring-boot-actuator`.
- Move `Endpoint` implementations from a single package into
technology specific packages.
- Move `HealthIndicator` implementations from a single package into
technology specific packages.
- As much as possible attempt to mirror the `spring-boot` package
structure and class naming in `spring-boot-actuator` and
`spring-boot-actuator-autoconfigure`.
- Move `DataSourceBuilder` and DataSource meta-data support from
`spring-boot-actuator` to `spring-boot`.
Fixes gh-10261
Spring Framework 5 provides support for JUnit 5. This commit adds
dependency management for JUnit 5 and an upgrade for
spring-boot-sample-junit-jupiter sample.
See gh-10240
This commit adds a strategy interface to specific if a given DataSource
has its schema managed. The Hibernate auto-configuration uses it to set
it to "none" if a mechanism to initialize the DataSource is
found and "create-drop" otherwise.
Both Flyway and Liquibase implements that strategy interface and
register it in the context accordingly.
Closes gh-9262
Since the autoconfig totally backs off in the presence
of a WebSecurityConfigurerAdapter, there is no need to
order them ahead of/after the one provided by Spring Boot.
See gh-7958
Phillip Webb
Madhura Bhave
Andy Wilkinson
jfarcand
Stephane Nicoll
Vedran Pavic
Jon Schneider
Eddú Meléndez
Johnny Lim