If a source URL is added to a CompilationUnit and that source URL does
not contain any slashes, the resulting ClassNode in the AST will be
incorrectly named. For example, a URL of 'file:foo.groovy' will produce
a ClassNode named 'file:foo'. The expected name is 'foo'.
This commit works around this problem by adding any URL sources with a
file protocol to the compilation unit as File instances. Any URL sources
that do not have a file protocol continue to be added as URL instances.
Such URLs are still prone to this bug should we be dealing with one
that contains no slashes. A fix for the underlying Groovy bug will
address this possibility.
Fixes#594
The problem was that the basic-logback.xml was valid configuration
but not in a <configuration> tag, so it wasn't valid on its own.
This change fixes that.
Fixes gh-585
The static convenience methods in RelaxedPropertyResolver were not
really relaxed, so since they are public (and useful) it makes
more sense to extract them to a utility class.
Users only have to add a normal `WebMvcConfigurer` to configure
their own features. Sometimes that's not clear enough (and it's
good to stress that `@EnableWebMvc` is the thing that switches
off the Boot configurtation.
Fixes gh-583
Update AutoConfigurationPackages to log warnings on the first access,
rather than during setup. This works around the fact that the CLI
currently add multiple @EnableAutoConfiguration annotations.
Fixes gh-579
This commit updates the CLI so that it will decrypt any encrypted
passwords in a user's Maven settings.xml file.
The code that performs the decrytion has a transitive dependency on
three types in Plexus' logging API. There are tens of different
artifacts containing this API available in Maven Central. Rather than
bloating the API with a dependency on a complete Plexus container,
which could perhaps be considered the primary source, a dependency on
a considerably smaller artifact has been introduced.
Closes#574
Removed this link "The websocket sample shows you how to do that in Maven." since the example no longer has properties that show how this is done. Dave Syer edited the section in a previous issue by adding the example to the POM ( https://github.com/spring-projects/spring-boot/issues/430 ) but it appears that the bad link was not removed.
The management security autoconfiguration wanted to come last in the chain
but that won't suit the fallback that was already in place for gh-568. This
change re-orders the autoconfig so that @EnableWebSecurity is still added
if the user sets security.basic.enabled=false and includes the actuator
endpoints.
Fixes gh-568
If the user explicitly disables the basic security features and forgets to
@EnableWebSecurity, and yet still wants a bean of type
WebSecurityConfigurerAdapter, he is trying to use a custom
security setup and the app would fail in a confusing way without
this change.
Fixes gh-568
If the user adds a JAR file to the classpath in "spring jar -cp ..."
he expected it to end up in the classpath of the executable jar
(i.e. in the nested lib/ directory). Before this change it would
have gone in the root of the executable JAR, causing errors at runtime.
The fix is slightly awkward, since it assumes that any JAR in the
"roots" of the ResourceMatcher come from the classpath (which *is*
the case currently, but might not always be at least in principle).
Seems like a reasonable compromise given it's a quick change
and some tests have been included.
Fixes gh-565
If the user sets security.basic.enabled=false he has to remember
to @EnableWebSecurity. Possibly we could be more helpful about the
exception, but I think this might be pilot error.
Fixes gh-568
Introduce an extra `server.tomcat.uri-encoding` property used to
configure the URI encoding for the embedded tomcat container.
Defaults to `UTF-8` instead of the usual tomcat default of `ISO-8859-1`.
Fixes gh-540
Update the spring-boot-loader JarURLConnection class to decode entry
names in the same way as the stock JDK class. This allows encoded
entry names in the form `%c3%ab` to be loaded.
Fixes gh-556
- Add link to Spring Security's Global Method Security Java Configuration
- Fix link to SecurityProperties
- Add link to SECURITY Common application properties
- Remove unnecessary @Order from SecurityConfiguration
- Change method signature for @Autowired AuthenticationManagerBuilder to
compile / match Spring docs
When the child is listening for parent closed events
the parent has a reference to the listener which contains the chils.
Thust there is a cycle of references and a GC probalem waiting to
happen.
This change breaks the cycle by making the reference to the
child a WeakReference.
Fixes gh-559
If the user provides a JobExplorer and a BatchConfigurer that
don't require a DataSource we can back off on configuring ours
(and anything else that needs a DataSource).
Fixes gh-561
If user sets a ResourceLoader on the SpringApplication, he might
reasonably expect that it would be used to read the config files.
This change ensures that it is (instead of just using the
DefaultResourceLoader).
We can't support (yet) embedded containers inside a deployed war (class
loader conflicts are inevitable, really). Until we figure out a way to
do it, we should just log a warning and advise the user to switch to
JMX for the actuator endpoints.
See gh-552