The MetricCopyExporter has had the capability for a while to keep
track of counters internally. This change aligns that with the
PrefixMetricGroupExporter.
Fixes gh-5762
Previously, if the filter chain threw an unhandled exception,
WebRequestTraceFilter would record a trace with a response status of
200. This occurred because response.getStatus() would return 200 as
the container had not yet caught the exception and mapped it to an
error response.
This commit updates WebRequestTraceFilter to align its behaviour with
MetricsFilter. It now assumes that the response status will be a 500
and only updates that to the status of the response if the call to the
filter chain returns successfully.
To avoid making a breaking change to the signature of the protected
enhanceTrace method, an HttpServletResponseWrapper is used to include
the correct status in the trace.
Closes gh-5331
Flyway 4.0 provides support for repeatable migrations that do not
have a version. When such a migration has been performed,
MigrationInfo.getMigrationVersion() will return null and, previously,
FlywayEndpoint would fail with an NPE.
This commit updates FlywayEndpoint to use null as the version when
MigrationInfo.getMigrationVersion() returns null.
Closes gh-5700
This commit moves the `shell.auth` property to `shell.auth.type`. The
previous situation was unfortunate since `shell.auth` was both a group
and a particular property.
Closes gh-5139
Ensure any ChildManagementContext created to start a management server
on a different port uses the same EmbeddedServletContainerFactory type.
Fixes gh-5474
Add `endpoints.metrics.filter.gauge-submissions` and
`endpoints.metrics.filter.counter-submissions` properties which can be
used to fine-tune how MetricsFilter submits metrics.
Use `per-http-method` to group by the the HTTP method, `merged` to
combine or both (`merged,per-http-method`) to submit both in forms.
Closes gh-5102
Rework the new testing support so that @SpringApplicationTest can be
used for standard integration tests, web integration tests with a
mock Servlet environment and web integration tests with an embedded
servlet container. This means that it a replacement for 1.3's
@IntegrationTest and @WebIntegrationTest and allows all
SpringApplication testing to be configured using a common annotation.
The old @IntegrationTest and @WebIntegrationTest along with their
supporting classes have been reinstated to their previous form (while
remaining deprecated). This should ensure that they continue to work
in 1.4 exactly as they did in 1.3 giving users a smooth path to
@SpringApplicationTest.
See gh-5477
This commit polihes the original Neo4j contribution in several areas.
Rather than providing the packages to scan, this commit rearranges the
`EntityScan` and `EntityScanRegistrar` so that the logic can be shared
for other components. If no package is provided, scanning now defaults to
the "auto-configured" package(s) and a `@NodeEntityScan` annotation
allows to override that.
The configuration has also been updated to detect the driver based on the
`uri` property. If the embedded driver is available we use that by
default. If it is not available, we're trying to connect to a Neo4j
server running on localhost. It is possible to disable the embedded mode
or set the `uri` parameter explicitly to deviate from these defaults.
The sample no longer relies on the embedded driver for licensing reason:
rather it expects an instance running on localhost (like other
data-related samples) and gracefully ignore any connection error. A
README has been added in the sample to further explain the available
options;
Closes gh-5458
This is a follow-on from the work done in 5009933. Now that SPR-14015
has been fixed, constructor injection can also be used for parameterised
dependencies, including optional dependencies that are injected via
an ObjectProvider.
Closes gh-5306
This commit updates the Maven plugin to generate a
`META-INF/boot/build.properties` file with various build-specific
settings (group, artifact, name, version and build time). Additionally,
the plugin can be configured to write an arbitrary number of additional
properties.
A new `BuildProperties` bean is automatically exposed when such a file is
present. If that bean is present, an `InfoContributor` is automatically
created to expose that information under the `build` key.
As for the git contributor, it is possible to only display the core
settings or everything using the `management.info.build.mode` property.
See gh-2559
Rather than exposing a raw String with the epoch time, GitProperties
now exposes the actual `java.util.Date`. `InfoProperties` has been
improved to return such data type when the raw value is an epoch time.
This commit polish the new info contributor infrastructure by migrating
`GitInfo` to `GitProperties`. `InfoProperties` provides an abstraction
that exposes unstructured data in an immutable way.
The `GitInfoContributor` now accepts a "mode" that determines if all data
should be exposed or only a sub-set of known keys.
Closes gh-2644
Previously, the ehcache statistics were computed on the activity of the
last minute which gives a "live" overview. All others cache managers,
including JCache, provides a "cumulative" metrics (i.e. the hit/miss
ratio since the creation of the cache or the last time it got cleared).
Ths commit aligns the ehcache statistics to provide a similar semantics
as the other cache managers. The side effect is that the metrics are now
available, even if there is no cache activity at all at the moment.
Closes gh-4891
This commit updates "simple" configuration classes to use constructor
injection. Simple means that there are no optional dependencies
(@Autowired(required=false) is not used), and none of the dependencies
use generics.
Configuration classes that are not simple will be updated in a second
pass once https://jira.spring.io/browse/SPR-14015 has been fixed.
See gh-5306
`InfoProvider` is now `InfoContributor` and contributes to the `Info`
instance via a builder. The `Info` instance is immutable. Each
contributor can be disabled via the `management.info.<name>.enabled`
key or all can be disabled using `management.info.defaults.enabled` (this
is similar to what the health endpoint does).
By default, all keys from the environment starting with `info.` are
exposed. If a `git.properties` file is present in the classpath, the
content of `GitInfo` is exposed using the `git` key.
A `SimpleInfoContributor` and `AbstractEnvironmentInfoContributor` are
available for convenience. `InfoContributor` instances can be ordered
the usual way, with a default order provided by
`InfoProviderAutoConfiguration#DEFAULT_ORDER`.
Closes gh-3492
This commit moves `GitInfo` to a general "project info" area that will be
further improved with others project related information.
Deprecate `spring.git.properties` in favour of `spring.info.git.location`
Closes gh-2484
Previously, if endpoints.enabled was false setting
endpoints.docs.enabled=true or endpoints.actuator.enabled=true would
have no effect as their entire configuration class was conditional
on endpoints.enabled being true.
This commit updates the conditions on the configuration class so that
it is conditional on either the actuator or docs endpoint being enabled.
Closes gh-5007
Plugin disabling logic was broken by e009d3e4. Prior to this change,
a plugin would be disabled if it or any of the implemented interfaces
in its inheritance hierarchy were configured as being disabled. The
offending commit inverted the logic so that the plugin would be
enabled if any part of it was NOT configured as being disabled.
This commit restores the logic such that the early return happens only
in the negative case.
Previously, the tests were written as though
PluginContext#getPlugin(Class) would consider the specified class
against the runtime type of the plugin (not an unreasonable
assumption); rather this method considers the broader 'plugin type'.
This commit rewrites the test to seek by plugin type and assert the
absence of the disabled plugins.
Closes gh-5032
Support for configuring an endpoint’s path separately from its id was
introduced in 97255785, but it didn’t work for a variety of reasons:
1. Some custom MVC endpoints did not have configuration properties
bound to them
2. Some generic endpoints rejected the path property as they were
configured not to ignore unknown fields
3. The property used to configure the path was dependent on the id
of the endpoint. This meant that the path property’s name would
change if the endpoint’s id was changed
This commit addresses these problems:
1. @ConfigurationProperties has been added to custom MvcEndpoints where
it was missing
2. Generic endpoints have been updated to ignore unknown fields,
allowing the path of their MVC adapter to be configured
3. Rather than using the id of a generic endpoint to determine the name
of its path property, the prefix or value of the endpoint’s
@ConfigurationProperties annotation is used instead. Any generic
endpoint that is not annotated with @ConfigurationProperties is
ignored, making its path unconfigurable.
Closes gh-5105
The Jolokia auto-configuration requires ServletWrappingController from
Spring MVC to be on the classpath. This commit updates the
auto-configuration to make it conditional on the presence of this
class.
Closes gh-5153
Update the requestsWithDisallowedMethodsAreRejected test to use PATCH
rather than HEAD. The change is to allow support for Spring Framework
4.3 which will implicitly map HEAD requests to GET.
Pre-flight requests are also only for "non-simple" HTTP methods [1]
(i.e. anything but GET, HEAD, POST) so there is really no such a thing
as a pre-flight request for HEAD.
[1] https://www.w3.org/TR/cors/#resource-preflight-requests
We rarely use the same configuration in multiple test classes, but
Spring’s Test framework caches each context by default. For projects
with large numbers of integration tests, this can lead to tens of
contexts being cached. This increases memory usage, live thread count,
etc for no benefit.
This commit adds @DirtiesContext to the integration tests in
spring-boot, spring-boot-autoconfigure, and spring-boot-actuator so
that the context is closed once the test class has completed.
See gh-5141
Previously, WebRequestTraceFilter would call request.getParameterMap()
before deciding whether or not the parameters should be included in
the trace. For a POST request, this had the unwanted side-effect
of always reading the request body.
This commit updates WebRequestTraceFilter so that it checks that
parameters are to be included in the trace before calling
request.getParameterMap()
Closes gh-5089
Hikari and Commons DBCP2 are already validating that the connection is
valid before borrowing it from the pool. This commit makes that behaviour
consistent by enabling that feature for the Tomcat and Commons DBCP data
sources.
Since a validation query is required in those cases, the infrastructure
of `DataSourceHealthIndicator` has been merged in a single place: the
`DatabaseDriver` enum provides not only the driver class names but also
the validation query, if any.
Closes gh-4906
When `@EnableConfigurationProperties` is defined, Spring Boot
automatically registers a bean in the context for each class specified
on the annotation. Previously, the name of the bean only included the
prefix which leads to conflict if two different classes use the same
prefix.
This commit changes the bean name structure to be <prefix>-<fqn> where
prefix is the prefix used on the annotation and <fqn> the fully qualified
name of the target class.
Closes gh-4395
Previously, Spring Boot mapped both `DataSourceProperties` and the actual
`DataSource` implementation to the same prefix. This results in a huge
amount of keys in the `spring.datasource` namespace with no way to
identify those that are valid for the pooled data source in use.
This commit maps the four pooled data sources we support in four isolated
namespace, keeping `spring.datasource` only for the common settings.
These are `spring.datasource.tomcat`, `spring.datasource.hikari`,
`spring.datasource.dbcp` and `spring.datasource.dbcp2` for the Tomcat,
Hikari, Commons DBCP and Commons DBCP2 implementations respectively.
Closes gh-2183
Spring Boot’s metrics require all values to be Numbers. A Dropwizard
Gauge can have a non-Number value. Previously, to prevent this causing
a problem, MetricRegistryMetricReader would check the value of a Gauge
when it’s being added and ignore it if it had a non-Number value.
Unfortunately, retrieving the value of a Gauge can take a non-trivial
amount of time (hence CachedGauge) so this approach, while functional,
could be improved.
This commit updates the filtering to happen when a Metric is being
retrieved from MetricRegistryMetricReader (via findOne or findAll)
when its value is required anyway. At this point, any Gauge with a
non-Number value is ignored.
Closes gh-4874
Previously, HalJsonMvcEndpoint used a redirect to go from path/ to path.
When the actuator’s configured to use a custom context path this
redirect was leading to an infinite redirect loop.
This commit removes the redirect in favour of updating the controller
advice to apply the links to requests for path and path/.
Closes gh-4853
This commit completes the changes to consistently used static final
fields for Log instances that were started in ec2f33f9. Specifically it:
- Removes this. when accessing logger fields that are now static
- Renames some fields from log to logger
- Makes some logger fields static
See gh-4784
Ensure that Collections.isEmpty() is used to check if there are no
elements in a collections. This is more explicit and can be faster than
calling .size().
Closes gh-4783
If the user provides their own ServerProperties bean we want to peek
at it to see if they set the port (and only that) when we are deciding
if the actuator context needs to be created. This happens very early
(in a @Condition) so we need to be very defensive. There are already
quite a few checks in place to prevent a ServerProperties bean from
being instantiated unless we really need it, and yet, when it is
we can do more.
This change creates the bean (and the ManagementProperties) in a
throwaway BeanFactory using the same BeanDefinition as the main
context. This ensures that when the main context bean is created
it will be in the "natural" order and binding to the Environment
can take place as normal.
Fixes gh-4631
This change permanently removes links from the endpoints that return
arrays or collections, and also disables them in the rest of the
endpoints (except /actuator) by default.
Fixes gh-4616
Previously, the default RestTemplate that is used OpenTsdbGaugeWriter
was not used with its default configuration. Notably this meant that
it would have infinite connect and read timeouts. This is problematic
as it can cause metric writing to hang and block the scheduler for
performing any other tasks.
This commit updates OpenTsdbGaugeWriter to use a default connect
timeout of 10 seconds and a default read timeout of 30 seconds. A
constructor has been added to ease the configuration of these
timeouts. The existing option of providing your own RestTemplate
(via setRestTemplate) remains.
Closes gh-4698
Add a `server.server-header` property which can be used to override the
`server` header usually sent back automatically by Tomcat/Jetty or
Undertow.
See https://www.owasp.org/index.php/Securing_tomcat for background.
Fixes gh-4461
Closes gh-4504
Commit 8c14009 removed the endpoints.metrics.filter.enabled property so
that endpoints.metrics.enabled is used for both disabling the endpoint
and the servlet filter that records interactions.
This was an unfortunate decision as it was no longer possible to only
disable the servlet filter. The endpoints.metrics.filter.enabled property
has therefore been restored.
Closes gh-4365
Previously, each 5xx response to a request that used a path variable
would result in a metric being recorded that contained the path
variable. Therefore, if a different path variable was included in each
request, a new metric would be recorded for each request. This is
problematic as it can lead to the metrics being flooded with unwanted
entries.
This commit updates MetricsFilter to treat 5xx responses sent before
mapping has occurred in the same way as 4xx and redirect responses.
A single metric, counter.status.500.unmapped, is now used.
Closes gh-4377
Previously, if a regular expression was used when calling the metrics or
environment endpoints, a metric or property with a null value would
result in a 404 response.
This commit updates the two affected endpoints so that any metric or
property whose name matches the regular expression but has a null value
is ignored. This allows all of the matching metrics or properties with
non-null values to be returned in a 200 OK response.
Closes gh-4552
If a request to the actuator endpoint ends with a slash with Spring
HATEOAS on the classpath, an empty array of links is returned whereas
a request without the slash returns a response with all the expected
links to the actuator's other endpoints.
This commit adds an automatic redirection so that both URIs return the
expected result.
Closes gh-4575
If user set the management.port *and* the management.context-path
then the /error path was in the wrong place because formerly it
was implemented (in this case) by an MvcEndpoint. If we
switch it to a regular @Controller (which are now supported in the
child context if there is one) then it won't disappear under the
management.context-path.
Also use lazy request matching in ignores as well as secure paths.
The problem was that the ignores were constructed eagerly from the
actuator paths before they were available (the EndpointHandlerMapping
needs to be lazily accessed to avoid a security-induced bean creation
cascade).
Fixes gh-4624
If the user sets the management.port, he wants some of the
server.* properties, but not the context-path. This change
restores the behaviour in 1.2.x.
Fixes gh-4401
`EhCacheStatisticsProvider` uses the `StatisticsGateway` API introduced
in ehcache 2.7 (march 2013). If an older ehcache version is present, we
should back-off as this class is not available.
Closes gh-4621
Along with the recent change in Spring to use content-disposition
"inline" (which prevents the download), it also makes sense to limit
the extensions allowed by the actuator endpoints. Really there *is*
no extension for these endpoints, but since all of them explicitly
produce JSON we can add .json for browsers as a convenience in case
the app would otherwise choose to send XML.
Fixes gh-4402
Update EndpointHandlerMapping so that setUseSuffixPatternMatch is set
to false. This prevents URLs of the form /beans.json from returning
results and provides another line of defense against RDF attacks.
Fixes gh-4402
Update `LogFileMvcEndpoint` to use a `ResourceHttpRequestHandler` when
serving the log file resource. This gives support for requesting parts
of the logfile via the HTTP Range header. Requests with the
`If-Modified-Since` header are now also handled correctly.
Closes gh-4333
Add auto-configuration for the CassandraHealthIndicator. Also update
the implementation to use CassandraOperations rather than
CassandraAdminOperations.
Closes gh-4409
Previously if every actuator endpoint was marked as sensitive, then all
endpoints were marked as permitted.
This commit ensures that if all endpoints are marked as sensitive, then
all the endpoints are secured.
Fixes gh-4368
Closes gh-4383
Rename HAL and docs MVC endpoints so that classnames consistently end
with MvcEndpoint. Also rename integration tests so that they are grouped
together in the IDE.
Introduce `AbstractAuthenticationAuditListener` and
`AbstractAuthorizationAuditListener` classes so that users can
extended them to replace the auto-configured defaults.
Closes gh-4406
Commit d0cf6b5 introduced a `endpoints.metrics.filter.enabled` property
key meant to disable the filter. Unfortunately, the `endpoints.metrics`
namespace is already managed so setting this property will fail.
We now use the same key than the one used to disable the metrics
endpoint.
Closes gh-4365
The InteractiveAuthenticationSuccessEvent is always shadowed by a
regulat AuthenticationSuccessEvent, so there's no need to listen for
all AbstractAuthenticationSuccessEvents.
Fixes gh-4355
This way the MetricCopyExporter can make a sensible choice about
what to do with counter metrics, and cache the latest values, so that
they can be properly incremented.
Fixes gh-4305
Previously, if security.ignored was set to none and the error controller
was disabled, there would be no paths to ignore and we would call
IgnoredRequestConfigurer.antMatchers with an empty array. While a bit
pointless, this had no effect on Spring Security’s configuration.
This behaviour has changed in the latest 4.0.3 snapshots [1]. An empty
array passed to IgnoredRequestConfigurer.antMatchers now maps to /**. As
Spring Boot configures its ignored paths with highest precedence this
means that security is now disabled for every path.
This commit updates both the management security and application
security configuration to avoid calling antMatchers with an empty
array, thereby ensuring that we don’t inadvertently ignore every path.
Even if the change to Spring Security is reverted we can keep this
change. The behaviour will remain the same and, arguably, it makes the
intent of our configuration clearer.
Closes gh-4345
[1] 8663ac4173
The latest Spring Framework 4.2.3 snapshots appear to be trimming
whitespace as part of the binding process. This commit updates the
test's expectations accordingly.
Previously, NamePatternFilter looked for “*”, “$”, “^”, or “+” when
trying to identify a string as being a regular expression. This meant
that it missed the use of a character class ([a-z], for example). This
commit adds “[“} to the list of characters that are considered to be
part of a regular expression.
Closes gh-4233
Previously, the `PORTFILE` system property was not checked if the
`EmbeddedServerPortFileWriter` was created using the default constructor.
This had the effect to prevent overriding of the port file when this
listener is created without any file or via `META-INF/spring.factories`.
Closes gh-4254
Previously, the Actuator’s endpoints did not specify a produces
attribute on their request mappings. With Jackson’s XML binding on the
classpath, this would lead to requests made by a browser receiving
application/xml responses (due to the Accept header indicating that
application/xml is preferred). This was problematic as some of the
response payloads were not legal xml. Problems included XML tags
beginning with ‘\’ or containing ‘#’.
This commit updates the endpoints to specify that they produce
application/json. The environment and metrics endpoints have also been
updated so that always return a JSON object, even when they are
returning a single entry. This consistency avoids problems where
clients may not consider a single scalar value to be legal JSON.
Closes gh-2449
Update EndpointWebMvcAutoConfiguration to no longer catch and ignore
EmbeddedServletContainerExceptions. Since commit 764e34b9, starting a
management on a different port is not even attempted when running in a
classic servlet container. This means that the catch/log logic (which
was originally added in 45315a97) is no longer necessary, and only
serves to hide genuine problems.
Fixes gh-4064
Update TraceWebFilter to optionally trace more details from the
HttpServletRequest/HttpServletResponse. The `management.trace.include`
property can be used to change what aspects are logged.
Closes gh-3948
Previously, EndpointWebMvcChildContextConfiguration would attempt to
create a /error endpoint, irrespective of whether or not the parent
had such an endpoint. If the endpoint was disabled in the parent this
would cause a failure due to the absence of an ErrorAttributes bean.
This commit updates EndpointWebMvcChildContextConfiguration to make
the creation of its /error endpoint conditional on the existence of
an ErrorAttributes bean.
Closes gh-4164
Dave Syer
Andy Wilkinson
Phillip Webb
Stephane Nicoll
Johnny Lim
sebastiankirsch
Huang YunKun
Michael Hunger
Anand Shah
Meang Akira Tanaka
Eddú Meléndez
Spring Buildmaster
Vedran Pavic
Matt Benson
mkwaczynski
mnhock
Kirill Vlasov
Johannes Edmeier
Tommy Ludwig
Rob Winch
邱占波
Wallace Wadge