Since the autoconfig totally backs off in the presence
of a WebSecurityConfigurerAdapter, there is no need to
order them ahead of/after the one provided by Spring Boot.
See gh-7958
This commit combines security autoconfigurations for
management endpoints and the rest of the application. By default,
if Spring Security is on the classpath, it turns on @EnableWebSecurity.
In the presence of another WebSecurityConfigurerAdapter this backs off
completely. A default AuthenticationManager is also provided with a user
and generated password. This can be turned off by specifying a bean of
type AuthenticationManager, AuthenticationProvider or UserDetailsService.
Closes gh-7958
This commit moves CORS properties out of the endpoints namespace as they
do not refer to a "cors" endpoint but rather to the CORS configuration
of all endpoints.
Closes gh-10053
This commit migrates the Actuator onto the new endpoint infrastruture.
In addition to the existing support for accessing the endpoints via
JMX and HTTP using Spring MVC, support for access via HTTP using
Jersey and WebFlux has been added. This includes using a separate
management port where we now spin up an additional, appropriately
configured servlet or reactive web server to expose the management
context on a different HTTP port to the main application.
Closes gh-2921
Closes gh-5389
Closes gh-9796
This commit replaces the Acuator's support for hypermedia with a
single endpoint that returns HAL-formatted links to all of the
available endpoints. This is done without requiring Spring HATEOAS
to be on the classpath in a similar manner to the existing
CloudFoundry discovery endpoint.
Closes gh-9901
Elastic have announced [1] that embedded Elasticsearch is no longer
supported. This commit brings us into line with that announcement by
removing the auto-configuration that would create an Elasticsearch
Node and NodeClient.
To use the Elasticsearch auto-configuration, a user must now provide
the address of one or more cluster nodes
(via the spring.elastisearch.cluster-nodes property) which will then
be used to create a TransportClient.
See gh-9374
[1] https://www.elastic.co/blog/elasticsearch-the-server
Clarify the cache sample and in particular that Infinispan does not
bootstrap with a default configuration file. Hence the custom
`infinispan.xml` configuration is enabled by default if Infinispan is
available on the classpath.
See gh-9417
If the auto-configured `Scheduler` instance backed by JDBC job store is
used as a dependency in an application component, the initialization of
`Scheduler` will be triggered before `QuartzDatabaseInitializer`. This
will result in failure due to schema not being prepared in time for
`Scheduler` to populate job details.
This commit ensures `QuartzDatabaseInitializer` is initialized before the
auto-configured `Scheduler` by introducing a dependency between the two.
See gh-9411