Update `spring-boot-smoke-test-ant` so that the ant lib folder is always
cleaned. Prior to this commit, it was possible for the folder to contain
stale artifacts.
Remove `spring-boot-smoke-test-webflux-ssl` since it's more of
an integration test than a smoke test. We could consider
relocating it to `spring-boot-integration-tests` but since we
have unit tests with a mock PCKCS11 security it's probably
best to see if we can get away without it.
See gh-32179
Rename `/actuator/httptrace` to `/actuator/httpexchanges` to better
describe its purpose and to remove confusion with distribute tracing.
This change also takes the opportunity to improve the code by making
the `HttpExchange` class (previously `HttpTrace`) fully immutable.
Closes gh-32885
Co-authored-by: Andy Wilkinson <wilkinsona@vmware.com>
This commit adds a `Build-Jdk-Spec` attribute to the manifest in a
jar or war file built with the Spring Boot Gradle plugin. This
aligns the Gradle plugin's behavior with the default Maven plugin
behavior.
This removes the need to set a `BP_JVM_VERSION` environment variable
when invoking Cloud Native Buildpacks, as the Paketo buildpacks will
honor `Build-Jdk-Spec` in a jar or war manifest to determine the
default JVM version.
Fixes gh-32829
Spring Security now re-applies the authorization rules
to the error page by default. Additionally, it configures
RequestAttributeSecurityContextRepository as the default for
stateless applications allowing those applications to have access
to the original authentication during an error dispatch.
Closes gh-31703
This commit migrates our remaining usage of the httpclient 4.x to use
instead httpclient5, now that the 4.x support has been removed in
`RestTemplate`.
Closes gh-32461
As htttpclient 4.x is not supported anymore by `RestTemplate`, this
commit changes such dependencies to httpclient5 instead. In some cases,
the httpclient 4.x was transitively brought by a non-Spring dependency.
See gh-32461
This commit updates Servlet based Spring Security auto-configuration
to use AuthorizationFilter, which is intended to supersede
FilterSecurityInterceptor.
See gh-31255