By configuring security.oauth2.client.grantType=client_credentials the
user signals that (even in a web application) he doesn't want to use
the auth code grant (and hence session and request scoped beans for
client context).
This commit improves ValidationAutoConfiguration so that a `Validator`
bean is exposed if JSR 303 is available. This has the side effect of
automatically enable Spring Data Couchbase's entity validation rather
than requiring to expose a `Validator` bean.
Closes gh-5178
Previously, ValidationAutoConfiguration would configure a
MethodValidationPostProcessor if any Bean Validation 1.0 or later
implementation was available, however the underlying infrastructure
requires Bean Validation 1.1 with any implementation or
Bean Validation 1.0 with Hibernate Validator 4.3.
This caused a problem on TomEE which uses Apache BVal, and Bean
Validation 1.0 implementation. Spring Framework would identify that
Bean Validaton 1.0 was being used and then try to load Hibernate
Validator classes that are not present.
This commit fixes the problem by requiring Bean Validation 1.1 before
auto-configuring a MethodValidationPostProcessor.
Closes gh-7665
Update `SpringBootWebSecurityConfiguration` to ignore requests by
delegating to `IgnoredRequestCustomizer` beans. This allows a single
Spring Boot `WebSecurityConfigurer<WebSecurity>` bean to be used which
prevents potential exceptions caused by duplicate `@Order` values.
Fixes gh-7106
Previously, if a user specifies a path to a schema or data DDL that does
not exist, the application will start up fine and the missing DDL would
not be reported.
This commit validates that user-defined resources actually exist and
throw a new `ResourceNotFoundException` if they don't.
Closes gh-7088
Previously, if `spring.couchbase.bootstrap-hosts` was specified in YAML
or with the `[Idx]` notation, the auto-configuration would not kick in.
This is due to a limitation of `@ConditionalOnProperty` on a property of
type Collection. This commit workarounds this limitation for now with a
dedicated condition.
Closes gh-7508
Checking for the presence of a `ValidationProvider` resource is
unfortunately not enough to trigger the validation auto-configuration.
If `hibernate-validator` is added on the classpath without a `javax.el`
implementation, the former will blow up on startup. So far this was a
pilot error so we didn't have to care about it. Now that we have an
auto-configuration that may lead to this error, we need to be extra
careful and check that scenario ourselves.
This commit adds an extra condition that runs as late as possible and
attempt to actually initialize a `Validator`. If that fails for whatever
reason, the auto-configuration will now back off.
Several additional tests have been added to exercise this scenario.
Closes gh-6228
This commit deprecates `server.max-http-post-size` and introduces a
dedicated property for each supported container. In particular, Undertow
can now define a max size higher than 2GB.
Closes gh-7362
This commit auto-configures `MethodValidationPostProcessor` if necessary
when a JSR-303 validator implementation is detected on the classpath.
Closes gh-6228
If `OnBeanCondition` is used with a `String` literal representing the
fully qualified name of a bean and such type does not exist, it
gracefully manages it as if it was not found. Prior to this commit, an
exception would be thrown if any related class such as the parent
class does not exist.
This commit handles this additional case, catching `NoClassDefFoundError`
the same way it did handle `ClassNotFoundException`. That way, a
missing type will now be considered as absent if it's not on the
classpath.
Closes gh-7459
This commit reverts 7e2d0fd so that the Couchbase auto-configuration can
work without Spring Data again. It also removes the `Class` reference to
a Spring Data class to a `String` reference to make sure the condition
operates properly when said class isn't on the classpath.
Closes gh-7453
- Apply code formatting
- Move configuration of excepted exception to immediately before line
that will throw the exception
- Use String.format with %n to produce platform-specific new lines
See gh-7407
Previously, both HypermediaAutoConfiguration and HttpMessageConverters
assumed that if Spring HATEOAS was on the class path, then Jackson
would be too. When this was not the case, an application would fail
to start.
This commit updates both classes to back off appropriately when
Spring HATEOAS is on the classpath but Jackson is not.
Closes gh-7434
We use some internal Mockito classes and some breaking API changes
have been made to them in Mockito 2. This commit introduces a utility
class, SpringBootMockUtil, to shield our code from these differences.
Mockito 1 is called directly and Mockito 2 is called via reflection.
To allow these changes to be tested, FilteredClassPathRunner has been
enhanced to also support overriding a dependency on the class path.
As a result it has been renamed to ModifiedClassPathRunner. The new
ClassPathOverrides annotation can be used to provide the Maven
coordinates of one or more dependencies that should be resolved and
added to the class path. Such additions are added to the start of
the class path so that they override any existing dependency that
contains the same classes.
Closes gh-6520
This commit adds an extra property to the `server.tomcat.accesslog` to
control the `reqestAttributesEnabled` flag. This flag sets request
attributes for IP address, Hostname, protocol and port used for the
request.
Closes gh-7367
Add `content-security-policy` and `content-security-policy-mode`
`security.header` properties and update auto-configuration to apply
them when specified.
Fixes gh-7373
Closes gh-7357
Update JpaBaseConfiguration so that the persistenceUnitRootLocation is
no longer detected. The update to gh-7003 means that we can now rely on
the standard detection mechanism.
Fixes gh-6983
See gh-6635
Previously, if an auto-configuration class was (wrongly) located in a
candidate package for component scanning, the class was silently loaded
as an app configuration (i.e. with the wrong lifecycle).
This commit adds an `AutoConfigurationExcludeFilter` to
`@SpringBootApplication` so that such classes are automatically
filtered. Since they are registered in `spring.factories`, we can
silently ignore them since we know they'll be loaded later on.
Closes gh-7168
This commit improves `TomcatEmbeddedServletContainerFactory` so that tld
skip patterns can be set or added to an existing set. An additional
`server.tomcat.additional-tld-skip-patterns` is now being exposed to
easily add patterns via configuration.
Closes gh-5010
This commit improves database initializers for Spring Batch and Spring
Session by introducing `AbstractDatabaseInitializer` which eliminates
duplicated logic in existing initializers. Additionally, database
platform resolution now relies on `DatabaseDriver`.
See gh-6543
Previously, an URI and individual client attributes can be set to
configure the mongo client. In such a scenario, the URI is ignored.
This commit changes the URI to be "null" and the creation of the client
to fail if both the uri and client attributes are set. If no client
attributes are set, the uri is used as before.
Closes gh-6739
In addition, dependency management for `hazelcast-hibernate5` module has
been added, and a separate dependency version was introduced for
`hazelcast-hibernate4` module.
Closes gh-7023
This commit improves the startup error message so that it does not
reference `--debug` anymore. Such command-line switch only works when
the application is started using `java -jar`.
The error message now refers directly to a section of the documentation
that provides more details and links to more useful examples.
Closes gh-6593
This commit fixes the documentation that wrongly states that
SpringBootWebSecurityConfiguration is an auto-configuration. Rather than
excluding this class, we should exclude SecurityAutoConfiguration that
imports it.
Closes gh-6861
Change the auto-configure MongoMappingContext to use the
SimpleTypesHolder instance `Set` that's produced by a CustomConversions
bean, which we in turn now default, too.
This update is necessary as `CustomConversions` registers converters by
inspecting the classpath (to automatically detect Java 8, JodaTime etc.)
and by that rendering the types for which we find converters for as
simple ones, i.e. non-entities.
Fixes gh-6881
Closes gh-6882
This commit adds Spring Batch configuration validation that disables
database initializer in case custom table prefix is configured with
default schema.
See gh-6651
This commit adds Spring Session JDBC configuration validation that
disables database initializer in case custom table name is configured
with default schema.
See gh-6649
This commit adds a new `spring.thymeleaf.check-template` property which
is only used for Thymeleaf 3.0+.
Since thymeleaf/thymeleaf#419, the Thymeleaf template resolver
implementations can implement the `setCheckExistence` method - this
enables the template existence verification at **resolution** time,
which means the resolver can return null as a `TemplateResolution`
and let other template resolvers in the chain try.
This new property is set to `true` by default and can be disabled if the
application only has a single resolver and the template existence check
is considered as a performance penalty with the configured resolver.
Fixes gh-6500
This commit adds the `spring.http.multipart.resolve-lazily`
property, in order to configure whether the multipart request
should be resolved lazily, as the parameters are accessed.
Add a `FailureAnalyzer` that handles the case where the context does
not start because no candidate bean was found for an `InjectionPoint`.
The implementation inspects the auto-configuration report for beans
that are candidate and output the condition(s) that lead to such beans
to be discarded on startup. If a whole auto-configuration class is
disabled (or excluded), its beans are inspected and candidates are
extracted in a similar way.
This works for both injection by type and by name.
Closes gh-6612
Rework commit 4a69755b to remove the need for the ApplicationInfo class.
The updated code now uses the auto-configuration class to compute a
default persistence unit root location
Closes gh-6635
Previously, BeanTypeRegistry did not correctly determine the type
that would be created by a factory bean if that factory bean was
returned from a bean method with arguments on a configuration class
found via component scanning.
The key difference is that bean definitions for bean methods on
configuration classes found via component scanning use ASM-based
metadata rather than reflection-based metadata. The ASM-based method
data does not provide direct access to the Method that will create the
bean. In this case, BeanTypeRegistry was falling back to looking for
a method with the matching name and no arguments. Therefore, if
the bean method had any arguments it would fail to find the method
and would, therefore, be unable to determine the type of bean
produced by the factory bean.
This commit updates BeanTypeRegistry to use logic that is very similar
to Spring Framework's ConstructorResolver's
resolveFactoryMethodIfPossible method to locate the method that will
produce the factory bean. It looks for a single method with
the required name with any number of arguments. If it finds multiple
methods with the required name and different arguments it returns
null, just as ConstructorResolver does.
Closes gh-6755
Due to the layout format change in 1.4, Spring Framework is no longer
able to compute a default persistence unit root URL. If a Spring Boot 1.4
application has JPA but does not have any entity, the application started
from a fat jar now fails with a quite cryptic exception.
This commit introduces `ApplicationInfo` as a general replacement for
the `ApplicationArguments` and `Banner` singleton beans that
`SpringApplication` registers on startup. `ApplicationInfo` also defines
the detected "main" `Class` that can be used to compute a last resort
URL that makes sense.
If such bean is available, `EntityManagerFactoryBuilder` now sets the
default persistence unit root location, preventing Spring Framework to
attempt to resolve an unknown location. Note that in our case the
persistence unit root location is actually useless: given the way the
persistence unit is created, nothing actually uses it but Hibernate, as a
compliant JPA provider, has to make sure this setting is set to a valid
URL nevertheless.
Closes gh-6635
Hikari can configure both an underlying Driver or DataSource. Spring Boot
only supports the former so any attempt to trigger the creation of the
latter will lead to an exception since the auto-configuration has set
driver-specific field.
This commit adds an analyzer that intercepts such faulty scenario and
indicate that users should configure Hikari with an underlying DataSource
themselves.
Closes gh-6568
This commit marks the auto-configured `JdbcTemplate` as `Primary`. Spring
session creates its own so we could end up with two in a fully auto
configured context.
Closes gh-6717
Previously, Tomcat’s background processing was only enabled on the
context but access logging was configured on the engine. This means that
the access log valve’s background processing method was never called
and, therefore, that it wasn’t flushed periodically.
This commit moves the enablement of background processing up to the
engine, thereby ensuring that the access log is flushed periodically.
Background processing cascades down the container hierarchy so, after
this change, background processing will still be performed on the
context as well.
Closes gh-6646
We make Liquibase aware of our custom Commons Logging-based logger by
adding its package to the Liquibase ServiceLocator’s packages to scan.
Previously, this was happening too late so Liquibase may have already
initialized and cached a particular logger.
This commit moves the registration of the extra package from the
Liquibase auto-configuration to the application listener that customises
Liquibase’s ServiceLocator. This ensures that the package is added
before Liquibase is used. Unfortunately, configuring Liquibase’s
ServiceLocator and its packages to scan causes it to try to perform
some logging, resulting in it caching the wrong type of logger. We
work around this problem by resetting Liquibase’s LogFactory once we’ve
finished setting everything up.
Closes gh-6713
As of Spring Boot 1.4, IDEs are supposed to provide auto-completion for
hints and enum values. This commit removes the hard-coded copy of
allowed values for enum-based properties. This was mostly the case
already and this commit fixes the few ones remaining.
Closes gh-6654
This commit restores the support of "spring.datasource.type". If this
property is set to an unsupported `DataSource` implementation, we now
properly create it again, rather than ignoring it because its value did
not match any value we support.
Since Spring Boot 1.4 now redirects `DataSource` implementation settings
to dedicated namespaces, the documentation has been updated to explicitly
mention how one can create such arrangement for an unsupported
implementation.
As a convenience, `DataSourceProperties` can initialize a
`DataSourceBuilder` based on its internal state, making it very easy for
anyone to create a `DataSource` from a `DataSourceProperties` instance.
Closes gh-6695
This commit adds a new configuration key:
spring.http.encoding.mapping.<locale>=<charset>
This allows to specify which default charset should be used for any
given Locale, if none has been provided already in the response itself.
This applies to all supported embedded servlet containers.
Fixes gh-6453
Prior to this commit parsing addresses had an inconsistent effect on the
various properties that can be contained in an address (host, port,
username, password, and virtual host).
Three different approaches were used:
1. Return the property if no addresses were set. If there was one
address set, return the property from the address. Otherwise return
null. (host)
2. Return the property if no address were set, otherwise return the
property from the first address (port)
3. Return the property if no addresses were set, otherwise return the
property from the last address that had such property (username,
password, virtual host).
This commit aims to make the behaviour consistent. If no addresses
were set the property is returned. Otherwise the value extracted from
the first address is returned. If the first address has no such value
the property is returned.
Closes gh-6424
Previously, one SpringApplicationAdminMXBeanRegistrar was created
per context. When there was more then one context this would result
in a javax.management.InstanceAlreadyExistsException being thrown
as an attempt was made to register the MBean more than once.
This commit updates SpringApplicationAdminJmxAutoConfiguration so
that the registrar is only created when there's no such existing bean
in the context hierarchy.
Closes gh-6378
Commit 3ea84f9e1 has wrongly introduced a `@Primary` marker on
`IntegrationMBeanExporter` so any use of both Spring's JMX support
and Spring Integration's JMX support leads to an exception. This commit
makes sure to remove the unnecessary `@Primary`
Closes gh-6328
This commit makes sure to use `getAliasedStringArray` rather than
`getStringArray` as the latter does not work with ASM. While this will
probably be fixed in the core framework, this commit also adds dedicated
tests with ASM to ensure that the code works as expected.
Closes gh-6337
By default Jersey configures Jackson to use both Jackson annotations
and JAXB annotations when introspective types for (de)serialization.
However, the changes made in 5776d6a8 mean that Jersey no longer uses
its default ObjectMapper configuration and uses the auto-configured
ObjectMapper instead. This had the unwanted side-effect of leaving
Jersey with an ObjectMapper that only uses Jackson annotations and
ignores JAXB annotations.
This commit updates JerseyAutoConfiguration so that it will add the
JaxbAnnotationIntrospector to the auto-configured ObjectMapper for
both serialization and deserialization. It uses
AnnotationIntrospectorPair to ensure retain any existing
introspectors.
Closes gh-6310
Johnny Lim
Phillip Webb
Marco Aust
Gary Russell
Kazuki Shimizu
Dave Syer
Stephane Nicoll
Andy Wilkinson
Madhura Bhave
Mark Paluch
Oscar Utbult
Eddú Meléndez
Vedran Pavic
Grigory Fadeev
Christoffer Sawicki
Spring Buildmaster
Matthieu Mouminoux
Maciej Walkowiak
Aurélien Leboulanger
Rob Fletcher
Oliver Gierke
Brian Clozel
making
Caleb Cushing