Commit Graph

977 Commits (9b952dd3a8b3e591ccce3e77ac26de44961b331d)

Author SHA1 Message Date
Madhura Bhave 5dafa3ae9c Fixup version numbers following release 8 years ago
Spring Buildmaster 5c12500366 Next Development Version 8 years ago
Andy Wilkinson a9656145de Fix up version numbers following release 8 years ago
Spring Buildmaster a2696bf873 Next Development Version 8 years ago
Andy Wilkinson f34d309548 Formatting 8 years ago
Andy Wilkinson 013d45a4d7 Upgrade to Jetty 9.4.1.v20170120
Closes gh-7750
8 years ago
Andy Wilkinson 1a69a4ff67 Remove unnecessary use of @Autowired in the samples 8 years ago
Phillip Webb 2c89d9918f Relocate AutoConfigurations from root package
Move PropertyPlaceholder and MessageSource auto-configuration from the
root package to the `context` subpackage.

Fixes gh-8071
8 years ago
Phillip Webb 5703fb1515 Polish 8 years ago
Andy Wilkinson 07d9c3fef6 Rename classes and package in new OAuth2 and Actuator sample
Closes gh-8058
8 years ago
Stephane Nicoll 915c959a28 Polish contribution
Closes gh-7600
8 years ago
Phillip Webb f3cd0ad22c Polish 8 years ago
Phillip Webb 10dbf3c571 Use `@Validated` as trigger for JSR-330 validation
Update `ConfigurationPropertiesBindingPostProcessor` so that
`@Validated` is expected to be used to trigger JSR-330 validation.

Any existing configuration classes that use JSR-330 annotations but
don't have `@Validated` will currently still be validated, but will
now log a warning. This should give users a chance to add the requested
annotations before the next Spring Boot release where we will use them
as the exclusive signal that validation is required.

Closes gh-7579
8 years ago
Andy Wilkinson 29adf2d85e Ensure that test closes InputStream that reads contents of output files 8 years ago
Andy Wilkinson 2973d3ed4b Polishing 8 years ago
Andy Wilkinson ed18478054 Give FileWritingMessageHandler more time to sort itself out
See 3927dca3
8 years ago
Andy Wilkinson 682d0f524f Test insecure, insensitive endpoint with property that's always available
The user property is only available on Unix-like platforms (due to
the USER environment variable). This commit updates the test to
explicitly set a specific property and then check that it's accessible
via the env endpoint rather than using one that is OS-specific.

See gh-7868
See gh-7881
8 years ago
Andy Wilkinson 8666248d27 Polishing 8 years ago
Andy Wilkinson 3927dca3e0 Tolerate files being briefly left open by FileWritingMessageHandler
When the context is closed, FileWritingMessageHandler is stopped and
it closes its output files. However, it appears to do so in a manner
which means that they may be closed after the call to close the
context is completed. This causes problems on Windows as files that
are still open cannot be deleted.

This commit adds a workaround to SampleIntegrationApplicationTests
so that it makes up to 10 attempts each 0.5s apart to clean up the
input and output directories.
8 years ago
Johnny Lim acc36c076d Polish
See gh-8004
8 years ago
Stephane Nicoll 7e557662a5 Polish contribution
Closes gh-7916
8 years ago
Praveendra Singh 36de58f0fe Polish samples list in readme
See gh-7916
8 years ago
Andy Wilkinson ae3434ba4c Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson d2201d5284 Correct copyright dates and enforce that starting year is 2012
Closes gh-7923
8 years ago
Phillip Webb f96294b63b Add LDAP sample
Add an LDAP sample application.

See gh-7733
8 years ago
Madhura Bhave 4ea47220e9 Match nested paths for insensitive actuators
Update `ManagementWebSecurityAutoConfiguration` to match nested path
for insensitive actuators.

Prior to this commit, when Spring Security was on the classpath
nested paths were considered sensitive (even if the actuator
endpoint was not sensitive). i.e. when setting
`endpoints.env.sensitive=false` `/env` could be accessed without
authentication but `/env/user` could not.

Fixes gh-7868
Closes gh-7881
8 years ago
Phillip Webb 18aa9be4fb Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 21bfe52694 Add test to check class resources aren't exposed
Closes gh-7880
8 years ago
Phillip Webb 565f75438e Polish 8 years ago
Dave Syer fe344df9c5 Change default order of OAuth2 resource server filter chain
The default is now SecurityProperties.ACCESS_OVERRIDE_ORDER-1
(instead of 3), and the user can set it with
security.oauth2.resource.filter-order (as opposed to being hard
coded). The filter is provided by Spring OAuth2 so this change is
a BeanPostProcessor to call a setter on that object.

Fixes gh-5072
8 years ago
Phillip Webb aacf5d660f Update copyright year for changed files 8 years ago
Phillip Webb be3fe12cf0 Polish 8 years ago
Phillip Webb 273beaa3ce Polish 8 years ago
Stephane Nicoll c903ff46a7 Polish samples 8 years ago
Stephane Nicoll a19a28062f Fix actuator security in samples
Closes gh-7637
8 years ago
Stephane Nicoll 3ed5a723bb Polish log4j2 sample 8 years ago
Phillip Webb 97d7ffd8e8 Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 61c931943f Fix Devtools PatternResolver Servlet support
Update ClassLoaderFilesResourcePatternResolver to support servlet
resources when it's being used with a WebApplicationContext.

Prior to commit 918e122ddc a `ResourceLoader` was not added to the
`ApplicationContext`, meaning that servlet resources could be found by
virtue of the protected `getResourceByPath()` method. Following commit
918e122ddc, the context `ResourceLoader` is set, meaning that all calls
to `getResource` delegate to the `ResourceLoader` and the
`ApplicationContext` methods are not invoked. Since the devtools
`ResourceLoader` wasn't Servlet aware, servlet resources could not
be found.

Fixes gh-7752
8 years ago
Phillip Webb 85504e74a6 Merge branch '1.4.x' into 1.5.x 8 years ago
Mesut Can Gurle ab2290eecd Improve Cassandra sample README documentation
Update the README file in `spring-boot-sample-data-cassandra` with
details of how to setup the keyspace and create the tables.

Closes gh-7737
8 years ago
Phillip Webb 61f65ea10e Add test for devtools + serving from `/public`
Add a simple test to show that basic serving of `/public` resources
works with devtoos.

See gh-7752
8 years ago
Phillip Webb a116579cfc Work around Jetty websocket client bug
Add workaround for Jetty JsrSession NullPointerException bug
(https://github.com/eclipse/jetty.project/issues/1202) in
`spring-boot-sample-websocket-jetty`.

See gh-7599
8 years ago
Phillip Webb a23591e047 Support Jetty 9.4 and upgrade to 9.4.0.v20161208
Update `JettyEmbeddedServletContainerFactory` to support Jetty 9.4
directly and Jetty 9.3 via reflection. The primary difference between
Jetty 9.3 and 9.4 are the session management classes. Websocket suppport
has also been updates, but this is handled transparently by the
Spring Framework support.

Fixes gh-7599
8 years ago
Phillip Webb c3edf9e341 Fixup version numbers following release 8 years ago
Spring Buildmaster 9057f9ae1f Next development version 8 years ago
Phillip Webb 982f41b70c Polish @IntegrationComponentScan auto-configuration
See gh-2037
See gh-7718
8 years ago
Stephane Nicoll ac9eb8a9a9 Fix Maven warning in samples
Closes gh-7716
8 years ago
Phillip Webb 6121208cbb Polish formatting 8 years ago
Phillip Webb bd74c3d327 Polish formatting 8 years ago
Madhura Bhave 1be5812cf0 Require `ACTUATOR` role rather than `ADMIN`
Update management security to require an `ACTUATOR` role rather than
`ADMIN` by default. This should reduce the risk of users accidentally
exposing actuator endpoints because they happen to use a role named
`ADMIN`.

Fixes gh-7569
8 years ago