This commit adds a strategy interface to specific if a given DataSource
has its schema managed. The Hibernate auto-configuration uses it to set
it to "none" if a mechanism to initialize the DataSource is
found and "create-drop" otherwise.
Both Flyway and Liquibase implements that strategy interface and
register it in the context accordingly.
Closes gh-9262
This commit adds support for adapting to and from Mono when calling
an operation on an endpoint.
When an endpoint is exposed using WebFlux, a call to a blocking
operation is adapted to return a Mono by dispatching the operation
invocation on a separate thread using Reactor's elastic scheduler.
When an endpoint is exposed using Jersey, a call to an endpoint that
returns a Mono is adapted to return the Mono's result by blocking
until it is available. Note that such adaptation is not necessary when
using Spring MVC as it supports Mono natively.
Closes gh-10112
This commit adds a `@DeleteOperation` annotation that can be used to
indicate that an endpoint's operation is meant to delete a resource.
Such operation is mapped to a DELETE http method.
Closes gh-10023
Since the autoconfig totally backs off in the presence
of a WebSecurityConfigurerAdapter, there is no need to
order them ahead of/after the one provided by Spring Boot.
See gh-7958
This commit makes sure that we don't import a class from the Guava
library by mistake as it provides various utility classes with similar
names as our own.
Closes gh-10089
Following the rework on Security that expects web endpoints to be
disabled by default, this commit updates the metadata (including the
automatic generation) to reflect this decision.
Previously we didn't mention that the project must have been built
locally first (to get the sources for javadoc generation for instance).
This commit clarifies that.
Closes gh-10086
Since the handler interceptors have been removed, web endpoints
are all disabled by default to prevent accidental exposure of
sensitive information.
Closes gh-7958
This commit combines security autoconfigurations for
management endpoints and the rest of the application. By default,
if Spring Security is on the classpath, it turns on @EnableWebSecurity.
In the presence of another WebSecurityConfigurerAdapter this backs off
completely. A default AuthenticationManager is also provided with a user
and generated password. This can be turned off by specifying a bean of
type AuthenticationManager, AuthenticationProvider or UserDetailsService.
Closes gh-7958
This commit makes sure tht `HealthIndicatorAutoConfiguration` runs after
any producers of a `ConnectionFactory` and not only ActiveMQ. This was
identified as part of #10081: `JmsAutoConfiguration` is actually the
one that isn't necessary (spring-boot-actuator has no import on the
`org.springframework.jms` and only `javax.jms.ConnectionFactory` is used
as part of the JMS health indicator.
This library is required for parsing multipart requests asynchronously
in Spring WebFlux. Framework treats this as an optional dependency, but
Boot auto-configures multipart support with Servlet by default.
Closes gh-10073
Phillip Webb
Andy Wilkinson
Stephane Nicoll
Johnny Lim
Madhura Bhave
Paul Vorbach
Brian Clozel