Rework several aspects of database auto-configuration:
- Use RelaxedPropertyResolver to obtain property values
- Extract EmbeddedDatabaseConnection from EmbeddedDatabaseConfiguration
- Rename several configuration classes for consistency
Issue: #53028397
Management endpoints are still secure by default if
Spring Security is present, but now the default
user details have an ADMIN role, and a random password
(which is logged at INFO level if not overridden).
To override you add management.user.password (name, role)
to external properties.
[Fixes#53029715] [bs-203]
Opinionated defaults for WebSockets:
* If spring-websocket is on the classpath and so is
the Tomcat WSci initializer then it is added to the context
* A DefaultSockJsService is added if none is present
* User has only to define @Beans of type WebSocketHandler with
name starting "/"
* Each one is converted to a SockJsHttpRequestHandler and
mapped to "/<beanName>/**"
The DispatcherServlet adds a default InternalViewResolver
which was used by some apps, but when the actuator was
available it added an "/error" bean and effectively
switched off the default view resolver. The net fix was
to add an InternalViewResolver at the same time as
adding any other ViewResolvers.
[Fixes#55357516] [bs-290] Actuator UI app cannot serve static index.html
* Add integration tests for /error view
* Add "error" @Bean as default view for HTML
Users may see side effects because now there will be
a ContentNegotiatingViewResolver by default for the
first time in a vanilla Actuator app. Should be
interesting.
[Fixes#54597932] [bs-273] Circular view reference for /error
Also introduced new strategy for customizing Tomcat Context
(TomcatContextCustomizer) - any that are added to the factory
will be applied before any other customizations in postProcessContext()
[Fixes#54670052] [bs-275] Make Tomcat access valve logs more accessible
Various cleanups to the Spring Data JPA example, including:
* Move repositories into service package and make them package private
thus only expose the service interfaces to clients.
* Merge HotelRepository and HotelSummaryRepository and make service
implementations package protected.
* Introduce integration test base class to bootstrap the app as
SpringAppliation.run would.
* Refactor central test case to rather use Spring MVC integration
testing framework.
* Add integration tests for repositories to execute query methods.
Rework main build POM to be an aggregator pom that does not inherit
from any parent. Introduce new spring-boot-dependencies module to
act as a parent for both spring-boot-starter-parent and
spring-boot-parent.
* Added additional search in
AbstractEmbeddedServletContainerFactory.getValidDocumentRoot() to
detect a /WEB-INF/ directory in the code archive
* If the code archive is in /WEB-INF/** then we assume it is
safe to serve content from / (exposes the loader classes
but nothing sensitive from the app)
[Fixes#54345578]
* For a jar deployment add classpath:static/index.html
(works via Spring MVC mapping)
* For a war the same thing works, but so does adding
index.html to src/main/webapp (works via container
default servlet)
[Fixes#54092261] [bs-252]