We can't easily solve the problem by not allowing Spring Security to
eagerly instantiate everything, but we can be defensive about data.sql
and make sure it is executed even if the listener isn't yet registered.
Fixes gh-1386
Fix DataSourceProperties getUsername() and getPassword() methods to
call getDriverClassName() rather than using `this.driverClassName` to
ensure than deduced driver classes can be used.
Fixes gh-1421
Previously, ProjectLibraries only considered a configuration's
direct file dependencies. This meant that a transitive file
dependency that should have been pulled in via a project dependency
was not included in the repackaged jar's lib directory.
ProjectLibraries has been updated to walk down the tree of project
dependencies and create libraries for any file dependencies that
are found.
Fixes gh-1368
Previously, the CLI relied on Aether using the session's mirror
selector and authentication selector to customize the configured
repositories. These selectors are only used to configure what Aether
calls recessive repositories (repositories discovered when resolving
an artifact), rather than the explicitly configured repositories that
are typically used.
This commit updates AetherGrapeEngine to apply mirror and
authentication configuration to every added repository, bringing its
behaviour for these two settings into line with what it already does
for proxy configuration.
Fixes#1354
* Windows: allow absolute file paths without file:/// prefix
* All: only add nested archives (not directories), so loader.path=lib/*
behaves the same as -classpath=lib/* (except for adding zip files)
Fixes gh-1352
The ExplodedArchive would erroneously always attempt to filter
its contents (and thereby shield them from a classloader that wrapped
it) even if they haven't been explicitly provided.
See gh-1352
Update the the PathMatchingResourcePatternResolver used in the
MessageSourceAutoConfiguration condition to deal with the fact
that `classpath*:` patterns do not work with URLClassLoaders when
the pattern doesn't include a folder.
The ExtendedPathMatchingResourcePatternResolver works by searching
all classpath URLs when the `findAllClassPathResources` method is
called with an empty location.
Fixes gh-1378
if user also adds @EnableWebMvcSecurity. The problem is that the ordering
of the init() and configure() methods in the Spring Security configurers
can force things to happen too early unless we are careful. It's still a bit
twitchy I would say, but this relatively small change seems to fix the GS guide
and not break any existing tests.
I added a sample which mimic ths GS guide so we get an integration test that
executes the new code paths.
Fixes gh-1364
Update ConfigurationPropertiesBindingPostProcessor to use
`getBeansOfType` with `allowEagerInit=false` rather than `getBean`.
This prevents FactoryBeans from being instantiated early when their
type is not known.
Fixed gh-1365
Move repository declarations out of the parent POM and into setting.xml
(except for the default profile). Also added jboss repository in an
attempt to fix the failing CI release.
Fixed gh-1349
Previously, the data scripts were always run in response to the
publication of a DataSourceInitializedEvent, irrespective of
spring.datasource.initialize. While the event won't be published by
DataSourceInitializer if spring.datasource.initialize is false, it
will be published if spring.jpa.hibernate.hbm2ddl.auto has been set.
This commit updates DataSourceInitializer's handling of
DataSourceInitializedEvent to only run the data scripts if
spring.datasource.initialize is true.
Fixes#1336
The request is being made to '/' and, while the application does have
a mapping for '/', that mapping is not looked for before Spring
Security's filter rejects the request with a 401. This means that the
request is considered to be unmapped and this is reflected in the
metric's name.
See #1331 and #1333
Dave Syer
Phillip Webb
Andy Wilkinson
Phillip Webb
Spring Buildmaster