Commit Graph

1466 Commits (b53f108d078bd2366743dbb28253a47357827ab3)

Author SHA1 Message Date
Madhura Bhave 4ea47220e9 Match nested paths for insensitive actuators
Update `ManagementWebSecurityAutoConfiguration` to match nested path
for insensitive actuators.

Prior to this commit, when Spring Security was on the classpath
nested paths were considered sensitive (even if the actuator
endpoint was not sensitive). i.e. when setting
`endpoints.env.sensitive=false` `/env` could be accessed without
authentication but `/env/user` could not.

Fixes gh-7868
Closes gh-7881
8 years ago
Johnny Lim f915ae197a Polish 8 years ago
Madhura Bhave 530c3cd3be Simplify HealthMvcEndpoint security
Expose full health details if management security is disabled or
management role is present.

Fixes gh-7604
Closes gh-7852
8 years ago
Phillip Webb 2fe4d60b47 Add `management.cloudfoundry.*` meta-data
Update configuration meta-data and appendix to include
`management.cloudfoundry.*` meta-data.

See gh-7108
8 years ago
Phillip Webb 8ccd4db513 Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 732011987d Fix ManagementContextConfiguration @Order support
Update `ManagementContextConfigurationsImportSelector` to instantiate
classes so that order annotations are respected.

Fixes gh-7814
8 years ago
Phillip Webb b4b8370632 Fix AuditEventsJmxEndpoint bean name
See gh-6579
8 years ago
Phillip Webb 8a9a61b64f Prevent duplicate JmxEndpoint MBean registration
Update JmxEndpoint support so that the `@ManagedResource` annotation
is no longer required. This prevents both `EndpointMBeanExporter` and
the regular `AnnotationMBeanExporter` from both registering the bean.

Fixes gh-7813
See gh-6579
8 years ago
Phillip Webb 51762642b2 Polish audit event endpoint support
Closes gh-6579
8 years ago
Phillip Webb 5b40eb48e0 Improve MBean without backing Endpoint support
Improve support for MBeans without a backing endpoint by introducing
a `JmxEndpoint` interface. The `JmxEndpoint` is intentionally
similar in design to the `MvcEndpoint` from the `mvc` package and
allows for completely custom JMX beans that are not backed by any
real actuator `Endpoint`.

The `AuditEventsMBean` has been refactored to use the new interface and
has been renamed to `AuditEventsJmxEndpoint`.

See gh-6579
8 years ago
Vedran Pavic 2f1e4f0c02 Add MVC and JMX endpoints to retrieve audit events
Add MVC and JMX specific endpoints that allow audit events to be
retrieved.

See gh-6579
8 years ago
Vedran Pavic a6d18f714f Add JMX without backing `Endpoint` support
Decompose `EndpointMBean` to improve support for JMX endpoints without
a backing `Endpoint`.

See gh-6579
8 years ago
Phillip Webb e1eb48e8b4 Fix warnings 8 years ago
Phillip Webb a167db7b37 Allow OPTIONS requests in interceptors
Update `MvcEndpointSecurityInterceptor` and
`CloudFoundrySecurityInterceptor` to allow OPTIONS requests to be
processed.

Fixes gh-7720
8 years ago
Phillip Webb aacf5d660f Update copyright year for changed files 8 years ago
Phillip Webb 367963f29f Polish 8 years ago
Phillip Webb 8b69856fc9 Polish 8 years ago
Stephane Nicoll 8b7055719f Move InMemoryMultiMetricRepository to a separate class
This commit moves the `MultiMetricRepository` implementation from
`InMemoryMetricRepository` to `InMemoryMultiMetricRepository`. Both
implementations can share the same underlying store (and are for backward
compatible reasons).

The side effect is that `reset` now works as expected for a group.

Closes gh-7687
8 years ago
Phillip Webb 3af5ae2a26 Polish `ObjectProvider` names
Consistently use the simple name for ObjectProvider parameter and
field names. For example:

  `ObjectProvider<Something> something`

rather than

  `ObjectProvider<Something> somethingProvider`
8 years ago
Phillip Webb e0541d0f74 Polish 8 years ago
Stephane Nicoll 0d4ef3dbdb Fix formatting 8 years ago
Stephane Nicoll d0fa72a169 Filter AbstractRoutingDataSource from health indicator
Closes gh-6806
8 years ago
Spring Buildmaster 9057f9ae1f Next development version 8 years ago
Stephane Nicoll 5d909a969f Polish contribution
Closes gh-6613
8 years ago
Eddú Meléndez 53d25999f3 Add support for multiple beans in the Flyway and Liquibase endpoints
Closes gh-6610
See gh-6613
8 years ago
Phillip Webb b87e02dde0 Polish Spring Integration metrics support
See gh-7722
8 years ago
Artem Bilan d69e43b433 Refactor Spring Integration metrics support
Update Spring Integration metrics support since Spring Integration
`4.3.6`+ no longer needs `spring-integration-jmx` enable
`MessageChannel`, `MessageHandler` and `MessageSource` metrics.

- Add `IntegrationManagementConfiguration` conditional auto-configuration
  to provide `@EnableIntegrationManagement` when JMX is `enabled` or there
  is no `IntegrationManagementConfigurer.MANAGEMENT_CONFIGURER_NAME` bean.
  By default this bean doesn't exist and you explicitly should declare it
  (e.g. via `@EnableIntegrationManagement`) if you would like to collect
  metrics. At the same time Spring Integration enables it when JMX
  management is present (that is a purpose of that new
  `IntegrationManagementConfiguration`)

- Change `SpringIntegrationMetricReader` to read metrics from the
  `IntegrationManagementConfigurer`, not `IntegrationMBeanExporter`

- Change `PublicMetricsAutoConfiguration` to register
  `IntegrationManagementConfigurer.MANAGEMENT_CONFIGURER_NAME` bean if
  not present. Since we are here in `actuator`, therefore we are
  interested in the metrics for SI as well.

- Since we don't need JMX for the metrics any more, remove SI-JMX
  dependency from the `spring-boot-starter-integration`.

- Remove `IntegrationManagementConfiguration` modification from the
  `integrationMbeanExporter()`, since that looks like mutation of an
  external object, when end-user would prefer their own options.
  Therefore we don't need `ObjectProvider<IntegrationManagementConfigurer>`, too

- Add missed `MessageSourceMetrics` gathering for the
  `SpringIntegrationMetricReader`

Closes gh-7722
8 years ago
Johnny Lim e12b4a944f Polish 8 years ago
Phillip Webb 38f7389eab Polish loggers 8 years ago
Phillip Webb c76bd2d81e Refine error message from Endpoint MVC security
Update the error message to return less information to the client.
Details of how to disable security are now written to the log instead.

See gh-7605
See gh-7634
8 years ago
Madhura Bhave 38eeae2166 Send error with message from Endpoint MVC security
Update `MvcEndpointSecurityInterceptor` to that it sends an error in the
same way as Spring Security. Prior to this commit the `ErrorController`
would not handle endpoint security errors.

Fixes gh-7605
Closes gh-7634
8 years ago
Phillip Webb dba8ef2ba8 Polish CF management skip SSL opt-in
See gh-7629
See gh-7655
8 years ago
Madhura Bhave 34712cbf76 Switch CF management skip SSL to opt-in
Change CloudFoundryActuatorAutoConfiguration so that skipping of SSL
verification is now opt-in rather than enabled by default.

Fixes gh-7629
Closes gh-7655
8 years ago
Phillip Webb 06a7ab0cd5 Polish ReservoirFactory support
Polish Dropwizrd reservoir support including a refactor of
`ReservoirFactory` to allow reservoirs to be created based on a
metric name.

See gh-5199
See gh-7105
8 years ago
Lucas Saldanha 1fc2e87053 Enable custom Reservoir with Dropwizard metrics
Uses the ReservoirFactory to customize the implementation of
the Reservoir that will be used when creating Timer and Histogram
in the DropwizardMetricServices.

Fixes gh-5199
Closes gh-7105
8 years ago
Phillip Webb d15f3548be Polish 8 years ago
Phillip Webb 6121208cbb Polish formatting 8 years ago
Phillip Webb 4b9cba351b Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb bd74c3d327 Polish formatting 8 years ago
Stephane Nicoll 684be0f048 Polish contribution
Closes gh-6852
8 years ago
Vedran Pavic 899f7aa8f0 Add constants for supported audit event types
See gh-6582
8 years ago
Stephane Nicoll f560f338ab Polish contribution
Closes gh-7219
8 years ago
Vedran Pavic 60e054d0e4 Add `LoggersEndpointMBean`
See gh-7219
8 years ago
Eddú Meléndez fc09a23991 Add missing actuator metadata
Health metadata for cassandra and couchbase is added.

See gh-7632
8 years ago
Johnny Lim 6d1b752ffe Polish
Closes gh-7552
8 years ago
Oscar Utbult 38713c473f Remove redundant array creation for calling varargs method
Closes gh-7551
8 years ago
Andy Wilkinson 595679bed4 Disable management security when testing Jolokia endpoint 8 years ago
Andy Wilkinson 391a760c3c Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 4ec95b8308 Ensure that JolokiaMvcEndpoint destroys underlying controller
Closes gh-7606
8 years ago
Dave Syer 1baf3c63c4 Make the Spring Security part of CF autoconfig conditional
Otherwise you get a class not found exception at runtime in
CF when Spring Securtity is not on the classpath.
8 years ago
Dave Syer cc8ecb6ff5 Clear VCAP_APPLICATION after tests
So that other CF tests do not fail.
8 years ago
Madhura Bhave 5d8e00cb56 Fix HealthMvcEndpointTests
See gh-7569
8 years ago
Madhura Bhave 1be5812cf0 Require `ACTUATOR` role rather than `ADMIN`
Update management security to require an `ACTUATOR` role rather than
`ADMIN` by default. This should reduce the risk of users accidentally
exposing actuator endpoints because they happen to use a role named
`ADMIN`.

Fixes gh-7569
8 years ago
Madhura Bhave 95be208f0f Use IgnoredRequestCustomizer to ignore paths
Update `SpringBootWebSecurityConfiguration` to ignore requests by
delegating to `IgnoredRequestCustomizer` beans. This allows a single
Spring Boot `WebSecurityConfigurer<WebSecurity>` bean to be used which
prevents potential exceptions caused by duplicate `@Order` values.

Fixes gh-7106
8 years ago
Madhura Bhave d09aafacda Add a security interceptor for actuator endpoints
Update `AbstractEndpointHandlerMapping` to support a security
interceptor that can be used to enforce endpoint security.

Fixes gh-6889
8 years ago
Andy Wilkinson 967625db1e Replace field injection with constructor injection in config classes
Closes gh-7563
8 years ago
Andy Wilkinson 1464425d64 Remove use of @Component from classes that are not scanned
Closes gh-7549
8 years ago
Stephane Nicoll ee72e788ed Rename `spring-boot-junit-runners` to `spring-boot-test-support`
Closes gh-7421
8 years ago
Stephane Nicoll 85de72c0d0 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 2a85a2557d Fix health indicator auto-configuration order
Previously, the health auto-configuration `AutoconfigureOrder` entry for
couchbase was referring to the standard couchbase auto-configuration that
is not responsible to configure the `CouchbaseOperations` bean. Yet, the
health indicator implementation was relying on the presence of such a
bean.

This commit fixes the `AutoconfigureOrder` entry so that it refers to
`CouchbaseDataAutoConfiguration` now.

Closes gh-7543
8 years ago
Andy Wilkinson 9c20ada927 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 356edc725c Handle request mappings with regular expressions in MetricsFilter
Closes gh-7503
8 years ago
Andy Wilkinson 2be554456e Introduce SearchStrategy.ANCESTORS as a replacement for .PARENTS
Closes gh-6763
8 years ago
Andy Wilkinson dce1487424 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson e19c6245ef Consider endpoints.sensitive when endpoints.health.sensitive is not set
Closes gh-7476
8 years ago
Andy Wilkinson f5dd90815b Polishing: fix some compiler warnings 8 years ago
Phillip Webb 1657120286 Move ModifiedClassPathRunner to its own module
Migrate `ModifiedClassPathRunner` from `spring-boot` test source to
its own module.

Fixes gh-7420
8 years ago
Phillip Webb c2c5611f77 Polish 8 years ago
Madhura Bhave 3a3228fc70 Add CORS interceptor for Cloud Foundry actuators
This interceptor processes the response with CORS headers
and apepars before the Cloud Foundry security interceptor.

See gh-7108
8 years ago
Andy Wilkinson 1cd781b242 Make spring-boot-test compatible with Mockito 2.1 and 2.2
We use some internal Mockito classes and some  breaking API changes
have been made to them in Mockito 2. This commit introduces a utility
class, SpringBootMockUtil, to shield our code from these differences.
Mockito 1 is called directly and Mockito 2 is called via reflection.

To allow these changes to be tested, FilteredClassPathRunner has been
enhanced to also support overriding a dependency on the class path.
As a result it has been renamed to ModifiedClassPathRunner. The new
ClassPathOverrides annotation can be used to provide the Maven
coordinates of one or more dependencies that should be resolved and
added to the class path. Such additions are added to the start of
the class path so that they override any existing dependency that
contains the same classes.

Closes gh-6520
8 years ago
Andy Wilkinson 5527e3fdad Fix SpringApplicationHierarchyTests following latest Neo4j changes
See gh-7391
8 years ago
Johnny Lim 8038882d46 Polish
Closes gh-7403
8 years ago
Andy Wilkinson 387a406aad Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 449b42ffa0 Polish LinksEnhancer to use endpoint name
See gh-7164
See gh-7132
8 years ago
Madhura Bhave ada02232b9 Change LinksEnhancer to use endpoint name
Update `LinksEnhancer` to use NamedEndpoint names as rel names. If the
endpoint name is not available, fallback to endpoint path. Allow
multiple hrefs per rel if path is different.

Fixes gh-7132
Closes gh-7164
8 years ago
Madhura Bhave 0e3a3df6f4 Return log levels in `/loggers` endpoint payload
Update `LoggersEndpoint` to additionally return the log levels actually
supported by the system.

Fixes gh-7396
8 years ago
Phillip Webb 764f13453a Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb bacf0878af Polish 8 years ago
Andy Wilkinson 24cc5d5644 Give javac's type inferencing a helping hand 8 years ago
Andy Wilkinson 22e456a177 Merge branch '1.4.x' into 1.5.x 8 years ago
Madhura Bhave 2697bf2ba1 Add Content-Type to allowed headers for CloudFoundry actuators
See gh-7108
8 years ago
Madhura Bhave af61278213 Extend HealthMvcEndpoint for Cloud Foundry
The CloudFoundryHealthMvcEndpoint does not perform additional
security checks since security is handled by the interceptor.

See gh-7108
8 years ago
Madhura Bhave a3bcb2778f Add message to response body for Cloud Foundry security error
See gh-7108
8 years ago
Spring Buildmaster e712a9ba8c Next Development Version 8 years ago
Andy Wilkinson 2e76687d17 Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 5f44598d8b Remove use of static import that Checkstyle prohibits 8 years ago
Andy Wilkinson 218d28f74c Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 33dcd853fd Ensure that health endpoint remains insecure without Spring Security
The changes made in 6a2ac080 mean that getSecurity() on
ManagementServerProperties will no longer return null when Spring
Security is on the classpath. This had the unwanted side-effect of
causing the health endpoint to hide its details when Spring Security
was not on the classpath.

This commit reinstates the previous behaviour by only considering
the health endpoint to be secure if Spring Security is on the
classpath and management.security.enabled is true.

Closes gh-7345
8 years ago
Madhura Bhave 82f89b4ac1 Add custom headers to allowed CORS headers for CF actuators
Update CORS configuration to support Authorization and X-Cf-App-Instance.

See gh-7108
8 years ago
Stephane Nicoll 01e66ecbd5 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 2c71cb8efd Polish 8 years ago
Stephane Nicoll 4407194c00 Replace sample by integration test
Closes gh-3888
8 years ago
Phillip Webb 6c76353682 Default `management.cloudfoundry.enabled` to true
Update `CloudFoundryActuatorAutoConfiguration` so that it is enabled
when `management.cloudfoundry.enabled` is missing.

See gh-7108
8 years ago
Madhura Bhave a77cfc3b0e Skip SSL validation when calling Cloud Foundry
Update CloudFoundrySecurityService so that SSL validation is not
required. We're unlikely to have configured public keys for the
REST endpoints we need to call. Since the endpoints are provided via
environment variables we can implicitly trust them.

See gh-7108
8 years ago
Madhura Bhave 862a06eb7a Add POST to allowed CORS methods for CF actuators
Update CORS configuration to support POST.

See gh-7108
8 years ago
Madhura Bhave 1005feb27d Update discovery endpoint to respect AccessLevel
Change `CloudFoundryDiscoveryMvcEndpoint` so that `AccessLevel` rights
are consulted so that only accessible links are returned.

See gh-7108
8 years ago
Madhura Bhave 340f1d5574 Add security for Cloud Foundry actuators
Add security to Cloud Foundry actuator endpoints. Security is enforced
by a `HanderInterceptor` on `CloudFoundryEndpointHandlerMapping`. Each
endpoint call expects an 'Authorization' header containing a bearer
token. The token signature is checked against the UAA public keys then
passed to the Cloud Controller to obtain an ultimate access level.

The client may either have 'RESTRICTED' or FULL' access, with the latter
only providing access to a limited set of endpoints.

See gh-7108
8 years ago
Phillip Webb 81c5753f4d Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 6a2ac080ac Create our own SessionCreationPolicy enum
Update `ManagementServerProperties` so that `security.sessions` no
longer uses `SessionCreationPolicy` from Spring Security. We now
use our own enun which allows `management.security.*` properties to
be set without the risk of a `ClassNotFoundException`.

Fixes gh-3888
8 years ago
Andy Wilkinson bdfceae24c Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson 97e5e32496 Make sure the MetricsFilter uses committed response's status
Previously, if an exception was thrown during request handling after
the response had been committed, i.e. after the status and headers
had been written, the metrics filter would assume that it was a 500
response. This was potentially inaccurate as the status had already
been sent to the client and before the exception was thrown and it
may have been something other than a 500.

This commit updates MetricsFilter so that it will use the
status from the response if the response has been committed even when
an exception is thrown.

Closes gh-7277
8 years ago
Andy Wilkinson fe50b2019e Merge branch '1.4.x' into 1.5.x 8 years ago
Andy Wilkinson b191974faa Reflect Java 7/8 differences in javadoc for metric repository auto-config
Closes gh-6985
8 years ago
Phillip Webb 5b66ffbb4b Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 60355e0e11 Fix ResourceHttpRequestHandler delegate
Fix ResourceHttpRequestHandler to set the ServletContext following the
Spring Framework update for SPR-14851.
8 years ago
Johnny Lim 7bb63238ab Fix typo
Closes gh-7253
8 years ago
Stephane Nicoll c4d8fb1c09 Merge branch '1.4.x' into 1.5.x 8 years ago
Stephane Nicoll 6d50e26b70 Polish contribution
Closes gh-7215
8 years ago
Madhura Bhave 9bde1e89cb Move some tests to AbstractEndpointHandlerMapping
See gh-7108
8 years ago
Phillip Webb a448183681 Polish `/loggers` actuator endpoint
See gh-7086
8 years ago
Ben Hale 06cb4fcca5 Add `/loggers` actuator endpoint
Add `LoggersEndpoint` that can enables listing and configuration of log
levels. This actuator builds on top of the `LoggingSystem` abstraction
and implements support for Logback, Log4J2, and JUL.  The LoggingSystem
interface is modified to require each implementation to list the
configuration of all loggers as well as an individual logger by name.

The MVC endpoint exposes these behaviors at `GET /loggers` and
`GET /loggers/{name}` (much like the metrics actuator).

In addition `POST /loggers/{name}` allows users to modify the level for a given
logger. This modification is passed to the logging implementation, which
then decides, as an internal implementation detail, what the final outcome
of the modification is (e.g. changing all unconfigured children). Users
are then expected to request the listing of all loggers to see what has
changed internally to the logging system.

Closes gh-7086
8 years ago
Stephane Nicoll aec85787d2 Merge branch '1.4.x' into 1.5.x 8 years ago
Johnny Lim eb7c0e4dc8 Remove unused
Closes gh-6966
8 years ago
Phillip Webb 2ba978b4ad Polish 8 years ago
Madhura Bhave ab81d993e6 Add CloudFoundryDiscoveryMvcEndpoint
Update Cloud Foundry support with a discovery endpoint that shows what
endpoints are available.

See gh-7108
8 years ago
Madhura Bhave 7afb161fcf Add CloudFoundry EndpointHandlerMapping
Add a CloudFoundryEndpointHandlerMapping that can expose actuator
endpoints for Cloud Foundry "appsmanager" to use.

See gh-7108
8 years ago
Andy Wilkinson a416f496c0 Clean up deprecation and unused code warnings 8 years ago
Madhura Bhave 7352d8e303 Improve EndpointHandlerMapping subclassing support
Update EndpointHandlerMapping so that it can be subclasses easily.
Subclasses can override the `path` that is used to map the endpoint,
allowing different mapping strategies to be used.

See gh-7108
8 years ago
Madhura Bhave 0be8a30276 Add EndpointHandlerMapping.getEndpoints(Class)
Add an additional method to EndpointHandlerMapping which allows
endpoints of a specific type to be returned.

See gh-7108
8 years ago
Madhura Bhave 7f1ff968a1 Support NamedMvcEndpoints
Introduce a new NamedMvcEndpoint interface which can be used when an
MvcEndpoint also has a logical name. Existing MvcEndpoints have been
reworked to implement the NamedMvcEndpoint interface.

Fixes gh-7156
8 years ago
Madhura Bhave 0f5007d69d Drop superfluous disabled check
Remove EndpointWebMvcManagementContextConfiguration `disabled` logic
since the configuration should even be processed when the management
port is `-1`.

Closes gh-7154
8 years ago
Madhura Bhave 84d0e8acd8 Fix EndpointHandlerMappingTests path references
Fix the TestEndpoint constructor to use an ID parameter rather than
path.
8 years ago
Phillip Webb d818a09ed8 Polish 8 years ago
Stephane Nicoll cfee9bab81 Deprecate remote shell support
Closes gh-7044
8 years ago
Andy Wilkinson 9b6fa1e8d7 Separate conditions that did and did not match in auto-config endpoint
Closes gh-7122
8 years ago
Stephane Nicoll cf28663cd7 Deprecate commons-dbcp 1
Closes gh-6787
8 years ago
Phillip Webb f2b0fa284e Merge branch '1.4.x' into 1.5.x 8 years ago
Phillip Webb 3326841a97 Formatting 8 years ago
Phillip Webb 39ed0d4dfb Polish 8 years ago
Stephane Nicoll 3d9c56fbf3 Merge branch '1.4.x' into 1.5.x
# Conflicts:
#	spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ManagementServerProperties.java
#	spring-boot-actuator/src/test/java/org/springframework/boot/actuate/autoconfigure/ManagementServerPropertiesAutoConfigurationTests.java
8 years ago
Stephane Nicoll 8c1b736bb0 Fix list property to be mutable
Closes gh-7068
8 years ago
Vedran Pavic c4aa78679a Upgrade Hazelcast to 3.7.1
In addition, dependency management for `hazelcast-hibernate5` module has
been added, and a separate dependency version was introduced for
`hazelcast-hibernate4` module.

Closes gh-7023
8 years ago
Andy Wilkinson c108da9d53 Upgrade to Spring Data Ingalls M1
Closes gh-6785
Closes gh-5835
8 years ago
Stephane Nicoll bd7c20eb1c Deprecate Guava support 8 years ago
Stephane Nicoll ce1e41dce3 Remove deprecated code
This code removes code deprecated in 1.4 with the exception of code that
requires an update to Spring Framework 5.

Closes gh-6971
8 years ago
Stephane Nicoll 6bd670edbc Initiate 1.4.x branch 8 years ago
Spring Buildmaster 7e9ed5e1a7 Next Development Version 8 years ago
Andy Wilkinson 155cfb1805 Fix boot curies href when server has custom servlet path
Previously, the servlet path was being applied twice. Once by the
code that sets up the DefaultCurieProvider and once by the provider
itself which uses ServletUriComponentBuilder's
fromCurrentServletMapping() to build the application URI.

This commit removes the duplicate logic when creating the
DefaultCurieProvider.

Closes gh-6585
8 years ago
Phillip Webb 825dd0a26c Merge branch '1.3.x' 8 years ago
Phillip Webb 3172d434a7 Polish
Closes gh-6835
8 years ago
Phillip Webb c56f30fd91 Formatting 8 years ago
Stephane Nicoll c662986628 Merge branch '1.3.x' 8 years ago
Stephane Nicoll 6eb0449aa9 Use BDD mockito
See gh-6869
8 years ago
Stephane Nicoll d87d60f746 Merge branch '1.3.x' 8 years ago
Stephane Nicoll b88cb35ea2 Fix JMS health indicator
This commit improves the JMS health indicator to identify a broken broker
that uses failover. An attempt to start the connection is a good way to
make sure that it is effectively available.

Closes gh-6818
8 years ago
Phillip Webb 3570f7730a Prevent erroneous "empty locations" log warnings
Update our `ResourceHttpRequestHandler` subclass so that the following
warning is no longer displayed:

  "Locations list is empty. No resources will be served unless a
  custom ResourceResolver is configured as an alternative to
  PathResourceResolver."

Fixes gh-6791
8 years ago
Vedran Pavic d87bec11fb Include AuditEvent details in AuditListener
Update `AuthorizationAuditListener` to include `AuditEvent` data if
found.

Closes gh-6851
8 years ago
Phillip Webb 7396ccfe04 Harmonize ConditionOutcome messages
Add ConditionMessage class to help build condition messages in a
uniform format and update existing conditions to use it.

Fixes gh-6756
8 years ago
Phillip Webb 41dc53f5dd Polish 8 years ago
Johnny Lim 4b9f6869f0 Polish
Closes gh-6817
8 years ago
Stephane Nicoll b7da0bd301 Merge branch '1.3.x' 8 years ago
Vedran Pavic b88889f020 Polish `HealthEndpoint` javadoc
Closes gh-6815
8 years ago
Andy Wilkinson 3814e509a3 Polish @deprecated javadoc and link to replacements where available
Closes gh-6765
8 years ago
Andy Wilkinson 9874c22e23 Fix HAL browser endpoint redirect and entry point with custom servlet path
Previously, the HAL browser endpoint did not consider the dispatcher
servlet’s path (server.servlet-path) when redirecting to browser.html
or when updating the API entry point in the served HTML.

This commit moves to using ServletUriComponentsBuilder to build the URI
for the redirect and the path for the entry point. In the interests of
simplicity the logic that sometimes redirected and sometimes forwarded
the request has been changed so that it will always perform a redirect.

Closes gh-6586
8 years ago
Phillip Webb 565ad79856 Polish 8 years ago
Johnny Lim 524edaea51 Polish
Closes gh-6728
8 years ago
Andy Wilkinson 98d81110f2 Write management and main server access logs to separate files
Previously, when access logging was enabled and the management server
was running on a separate port, both the main server and the management
server would write their access logs to the same file. Having two
separate containers writing to the same file could cause problems such
as causing log rotation to break.

This commit updates the actuator so that when the management server is
running on a separate port (and therefore using a separate container)
it prepends management_ to the access log prefix so that the main
server and the management server write their access logs to separate
files in the same directory.

Closes gh-6618
8 years ago
Andy Wilkinson 13a9bc0537 Polish “Allow injection of StatsDClient into StatsdMetricWriter”
Closes gh-6588
8 years ago
Nick Pillitteri 63085fb441 Allow injection of StatsDClient into StatsdMetricWriter
Allow an instance of StatsDClient to be injected into the StatsdMetricWriter
which is used for exporting metrics to a Statsd server. This new constructor
allows the client to be injected but does not change the default behavior of
the writer.
8 years ago
Andy Wilkinson df4ef3e1cb Merge branch '1.3.x' 8 years ago
Andy Wilkinson ffc0dc44ed Make Flyway and Liquibase endpoints conditional on a single candidate
Previously, auto-configuration of the Flyway and Liquibase endpoints
would fail if there were multiple Flyway or Spring Liquibase beans
in the application context.

This commit updates them so that they are now conditional on a single
candidate.

Closes gh-6609
8 years ago
Stephane Nicoll 4882544c84 Polish contribution
Closes gh-6540
8 years ago
Eddú Meléndez dced154f71 Fix health endpoint security
Commit b02aba4 has renamed `management.security.role` to
`management.security.roles`. Unfortunately, the `HealthMvcEndpoint`
was still looking at the old property.

This commit makes sure that the proper key is used and any custom
role is applied rather than an unconditional `ADMIN` role.

See gh-6540
8 years ago
Phillip Webb a49f309ec1 Call afterProperties set in LogFileMvcEndpoint
Call afterPropertiesSet on the delegate `ResourceHttpRequestHandler`
to prevent an NPE. This change is required for compatibility with
Spring Framework 4.3 following SPR-13834.

Closes gh-6592
8 years ago
Andy Wilkinson 22ac6bcb2d Break GaugeWriter dependency cycle in MetricExportAutoConfiguration
Previously, MetricExportAutoConfiguration consumed
ExportMetricWriter-annotated GaugeWriter beans in its constructor and
also produced such a bean from one of its @Bean methods. This cycle
caused a BeanCurrentlyInCreationException to be thrown when the
bean method was active (the spring.metrics.export.statsd.host property
was set).

This commit break the cycle by moving the bean method into a separate,
nested configuration class. It also updates the existing test for
auto-configuration of a Statsd writer to catch any possible cycles
and to verify that the writer has be registered with the
MetricsExporter.

Closes gh-6544
8 years ago
Andy Wilkinson 19cddd650d Merge branch '1.3.x' 8 years ago
Andy Wilkinson cec6015f8a Cope with null server or management port when creating curie provider
Previously, a NullPointerException would occur if
endpoints.docs.curies.enabled was true and the default value was being
used for either server.port or management.port.

EndpointWebMvcHypermediaManagementContextConfiguration has been
restructured to ensure that the DocsMvcEndpoint bean is defined before
the condition on its existence is evaluated. Previously this was
dependant on the class’s bean methods being processed in a particular
ordering, something that would be ok when using ASM but would vary when
using reflection.

Closes gh-6584
8 years ago
Spring Buildmaster 334baaeffd Next development version 8 years ago
Spring Buildmaster a89ef5df6e Next Development Version 8 years ago
Phillip Webb ac1ad2a145 Polish 8 years ago
Johnny Lim 9627d0ed66 Polish
Closes gh-6487
8 years ago
Chad 18dd125059 Unescape quotation marks in JavaDoc
Closes gh-6482
8 years ago
Phillip Webb 496b3a8d75 Relocate FileWriters to `spring-boot`
Move ApplicationPidFileWriter and EmbeddedServerPortFileWriter to the
core spring-boot project since they're not really tied to the actuator.

Fixes gh-6398
8 years ago
Johnny Lim 68fe8a58b8 Align message with regex for AbstractMvcEndpoint.path
Closes gh-6437
8 years ago
Andy Wilkinson fe22609096 Test that temp file has been deleted before triggering heap dump
The MBean requires that a file does not exist at the location to which
it’s dumping the heap. This commit updates the test to ensure that the
temporary file that’s created to get a location for the heap dump file
is deleted before asking the MBean to dump the heap to that location.
8 years ago
Phillip Webb 05cde789e1 Reduce noise in /end actuator docs
Update the `/env` sample used in the actuator docs to use only a limited
set of keys.

Fixes gh-5849
8 years ago
Phillip Webb 05ff4ed4e0 Upgrade to Tomcat 8.5.4 & remove tomcat-juli
Upgrade the managed Tomcat dependency to 8.5.4 and remove `tomcat-juli`
since it's now included in `tomcat-embed-core`.

Fixes gh-6192
8 years ago
Phillip Webb e03e109874 Polish 8 years ago
Stephane Nicoll 7e6f4021de Polish contribution
Closes gh-6059
8 years ago
RichardCSantana 42bb843364 Fix Bug HealthIndicator for Redis Cluster
See gh-6059
8 years ago
Andy Wilkinson 91df749839 Improve usage of ConcurrentMap
- Call get rather than containsKey then get
- Only call putIfAbsent after get has returned null to avoid unnecessary
  object creation

Closes gh-6382
8 years ago
Adrian Cole 38e3b39d3b Improves metrics performance by not guarding map.get
ConcurrentHashMap implements `containsKey` with `get`. By removing a
redundant call to `containsKey`, we guarantee better performance in our
counter services.

The geek inside measured this with JMH, and found under 4 threads of
contention, throughput on this check was 40% higher in success case.

Benchmark                                  Mode  Cnt     Score     Error   Units
TestBenchmarks.containsKeyAndGet_success  thrpt   30   432.389 ±  20.616  ops/us
TestBenchmarks.get_success                thrpt   30   606.789 ±  10.848  ops/us

Closes gh-6379
8 years ago
Johnny Lim a9f6ae4422 Polish
Closes gh-6374
8 years ago
Andy Wilkinson 8e669e2eef Merge branch '1.3.x 8 years ago
Andy Wilkinson 4963cfd67b Reset thread's interrupted flag when catching InterruptedException
Closes gh-6360
8 years ago
Andy Wilkinson e53d3167ab Set TCCL of shutdown thread when triggered by the shutdown endpoint
Previously, the shutdown endpoint would spawn a new thread to perform
the shutdown but did not explicitly configure its thread context
class loader (TCCL). This mean that the new thread would use the
request thread's TCCL as its TCCL. This meant that a different TCCL
would be used compared to a shutdown triggered by the shutdown hook
and also caused problems with Tomcat's thread leak detection logic.

This commit updates the shutdown endpoint to explicitly configure the
TCCL of the shutdown thread to be the ClassLoader that loaded the
endpoint's class.

Closes gh-6361
8 years ago
Andy Wilkinson c974de0119 Merge branch '1.3.x 8 years ago
Andy Wilkinson 5f751fe356 Set TCCL of shutdown thread when triggered by the shutdown endpoint
Previously, the shutdown endpoint would spawn a new thread to perform
the shutdown but did not explicitly configure its thread context
class loader (TCCL). This mean that the new thread would use the
request thread's TCCL as its TCCL. This meant that a different TCCL
would be used compared to a shutdown triggered by the shutdown hook
and also caused problems with Tomcat's thread leak detection logic.

This commit updates the shutdown endpoint to explicitly configure the
TCCL of the shutdown thread to be the ClassLoader that loaded the
endpoint's class.

Closes gh-6361
8 years ago
Phillip Webb bd65045285 Allow WebRequestTraceFilter header post processing
Update WebRequestTraceFilter so that additional post processing can be
applied to traced request headers. The postProcessRequestHeaders method
can be used to remove or change map entries before they are returned.

Fixes gh-6309
8 years ago
Andy Wilkinson 5bfc6a50fd Remove accidental usage of Type.getTypeName() which is a Java 8 API
Closes gh-6325
8 years ago
Spring Buildmaster 2216369348 Next Development Version 8 years ago
Lari Hotari 9f07e94450 Add MVC actuator endpoint for heap dumps
Add MVC only endpoint to obtain GZip compressed heap dump files.

See gh-5670
9 years ago
Lari Hotari e1893f66ce Extract AbstractMvcEndpoint class
Extract common functionality from Spring MVC only endpoints.

See gh-5670
9 years ago
Phillip Webb b732aeb453 Polish 9 years ago
Andy Wilkinson 5c6537c234 Consistently synchronize on this.monitor in InMemoryAuditEventRepository
See gh-6261
9 years ago
Andy Wilkinson 92bb24e365 Avoid synchronizing on this and use an internal monitor instead
Where possible, code that previously synchronized on this (or on the
class in the case of static methods) has been updated to use an
internal monitor object instead. This allows the locking model that's
employed to be an implementation detail rather than part of the
class's API.

Classes that override a synchronized method continue to declare
the overriding method as synchronized. This ensures that locking
is consistent across the superclass and its subclass.

Closes gh-6262
9 years ago
Phillip Webb 516df88ea0 Revisit AuditEventRepository interface
Update AuditEventRepository to restore support for `null` arguments and
explicitly Javadoc their meaning.

See gh-5854
9 years ago
Stephane Nicoll 3ba2b24301 Polish "Improve AuditEventRepository"
Closes gh-5854
9 years ago
Vedran Pavic 5f19323fbd Improve AuditEventRepository
See gh-5854
9 years ago
Phillip Webb 266445aaf0 Polish 9 years ago